[Intel-gfx] [PATCH v16 0/6] Fixes integer overflow or integer truncation issues in page lookups, ttm place configuration and scatterlist creation
Rodrigo Vivi
rodrigo.vivi at intel.com
Fri Dec 30 09:31:12 UTC 2022
On Wed, Dec 28, 2022 at 09:22:46PM +0200, Gwan-gyeong Mun wrote:
> This patch series fixes integer overflow or integer truncation issues in
> page lookups, ttm place configuration and scatterlist creation, etc.
> We need to check that we avoid integer overflows when looking up a page,
> and so fix all the instances where we have mistakenly used a plain integer
> instead of a more suitable long.
> And there is an impedance mismatch between the scatterlist API using
> unsigned int and our memory/page accounting in unsigned long. That is we
> may try to create a scatterlist for a large object that overflows returning
> a small table into which we try to fit very many pages. As the object size
> is under the control of userspace, we have to be prudent and catch the
> conversion errors. To catch the implicit truncation as we switch from
> unsigned long into the scatterlist's unsigned int, we use improved
> overflows_type check and report E2BIG prior to the operation. This is
> already used in our create ioctls to indicate if the uABI request is simply
> too large for the backing store.
> And ttm place also has the same problem with scatterlist creation,
> and we fix the integer truncation problem with the way approached by
> scatterlist creation.
> And It corrects the error code to return -E2BIG when creating gem objects
> using ttm or shmem, if the size is too large in each case.
>
> Compared to the v15 version patch series[1], there is no code modification in
> this version patch series. Among the warnings reported by CI.CHECKPATCH,
> this patch fixes the parts that need fixing.
> Fix "ERROR:SPACING" Checkpatch report
> Fix "WARNING:COMMIT_LOG_LONG_LINE" Checkpatch report
>
> [1] https://patchwork.freedesktop.org/series/112270/
I have backmerged the drm-next to drm-intel-gt-next and pushed this series.
Thanks for the patches and reviews.
>
> Chris Wilson (3):
> drm/i915/gem: Typecheck page lookups
> drm/i915: Check for integer truncation on scatterlist creation
> drm/i915: Remove truncation warning for large objects
>
> Gwan-gyeong Mun (3):
> drm/i915: Check for integer truncation on the configuration of ttm
> place
> drm/i915: Check if the size is too big while creating shmem file
> drm/i915: Use error code as -E2BIG when the size of gem ttm object is
> too large
>
> drivers/gpu/drm/i915/gem/i915_gem_internal.c | 7 +-
> drivers/gpu/drm/i915/gem/i915_gem_object.c | 7 +-
> drivers/gpu/drm/i915/gem/i915_gem_object.h | 303 +++++++++++++++---
> drivers/gpu/drm/i915/gem/i915_gem_pages.c | 27 +-
> drivers/gpu/drm/i915/gem/i915_gem_phys.c | 4 +
> drivers/gpu/drm/i915/gem/i915_gem_shmem.c | 23 +-
> drivers/gpu/drm/i915/gem/i915_gem_ttm.c | 20 +-
> drivers/gpu/drm/i915/gem/i915_gem_userptr.c | 6 +-
> .../drm/i915/gem/selftests/huge_gem_object.c | 6 +-
> .../gpu/drm/i915/gem/selftests/huge_pages.c | 8 +
> .../drm/i915/gem/selftests/i915_gem_context.c | 12 +-
> .../drm/i915/gem/selftests/i915_gem_mman.c | 8 +-
> .../drm/i915/gem/selftests/i915_gem_object.c | 8 +-
> drivers/gpu/drm/i915/gvt/dmabuf.c | 10 +-
> drivers/gpu/drm/i915/i915_gem.c | 18 +-
> drivers/gpu/drm/i915/i915_scatterlist.c | 9 +
> drivers/gpu/drm/i915/i915_vma.c | 8 +-
> drivers/gpu/drm/i915/intel_region_ttm.c | 14 +
> drivers/gpu/drm/i915/selftests/i915_gem_gtt.c | 4 +
> drivers/gpu/drm/i915/selftests/scatterlist.c | 4 +
> 20 files changed, 420 insertions(+), 86 deletions(-)
>
> --
> 2.37.1
>
More information about the Intel-gfx
mailing list