[Intel-gfx] [bug report] drm/i915: Engine discovery query
Dan Carpenter
dan.carpenter at oracle.com
Wed May 29 12:20:40 UTC 2019
On Wed, May 29, 2019 at 01:08:59PM +0100, Chris Wilson wrote:
> Quoting Dan Carpenter (2019-05-29 12:52:43)
> > Hello Tvrtko Ursulin,
> >
> > The patch c5d3e39caa45: "drm/i915: Engine discovery query" from May
> > 22, 2019, leads to the following static checker warning:
> >
> > drivers/gpu/drm/i915/i915_query.c:134 query_engine_info()
> > warn: calling '__copy_to_user()' without access_ok()
> >
> > drivers/gpu/drm/i915/i915_query.c
> > 97 query_engine_info(struct drm_i915_private *i915,
> > 98 struct drm_i915_query_item *query_item)
> > 99 {
> > 100 struct drm_i915_query_engine_info __user *query_ptr =
> > 101 u64_to_user_ptr(query_item->data_ptr);
> >
> > query_item->data_ptr comes from the ioctl and hasn't been checked.
>
> copy_query_items() does the access_ok() check for the data portion after
> the header.
Ah yeah. You're right. Thanks!
regards,
dan carpenter
More information about the Intel-gfx
mailing list