[PATCH 5/6] drm/i915/gvt: Explicit cast int to u64 and prevent char buf overflow.

[Colin Xu]

vgpu->id is int while vgpu_scan_nonprivbb_set() output val is u64.
Cast to u64 before bitwise operation.
name[] buf in intel_gvt_debugfs_add_vgpu has length 10 but vgpu->id
is int so name buf could overflow when vgpu->id is large. Although
current max vgpu->id is 8 but still has potential risk in future.

Signed-off-by: Colin Xu <colin.xu at intel.com>
---
 drivers/gpu/drm/i915/gvt/debugfs.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/gpu/drm/i915/gvt/debugfs.c b/drivers/gpu/drm/i915/gvt/debugfs.c
index 2ec89bcb59f1..673aa00f8569 100644
--- a/drivers/gpu/drm/i915/gvt/debugfs.c
+++ b/drivers/gpu/drm/i915/gvt/debugfs.c
@@ -147,7 +147,7 @@ vgpu_scan_nonprivbb_set(void *data, u64 val)
 	char buf[128], *s;
 	int len;
 
-	val &= (1 << I915_NUM_ENGINES) - 1;
+	val &= (u64)(1 << I915_NUM_ENGINES) - 1;
 
 	if (vgpu->scan_nonprivbb == val)
 		return 0;
@@ -169,7 +169,7 @@ vgpu_scan_nonprivbb_set(void *data, u64 val)
 			len = snprintf(s, 4, "%d, ", engine->id);
 			s += len;
 		} else
-			val &=  ~(1 << id);
+			val &=  ~(u64)(1 << id);
 	}
 
 	if (val)
@@ -196,7 +196,7 @@ DEFINE_SIMPLE_ATTRIBUTE(vgpu_scan_nonprivbb_fops,
 int intel_gvt_debugfs_add_vgpu(struct intel_vgpu *vgpu)
 {
 	struct dentry *ent;
-	char name[10] = "";
+	char name[16] = "";
 
 	sprintf(name, "vgpu%d", vgpu->id);
 	vgpu->debugfs = debugfs_create_dir(name, vgpu->gvt->debugfs_root);
-- 
2.21.0