[Intel-xe] ✗ CI.checkpatch: warning for series starting with [1/2] drm/xe: check for negative 'len' in xe_engine_create_ioctl
Patchwork
patchwork at emeril.freedesktop.org
Thu Jun 22 22:46:47 UTC 2023
== Series Details ==
Series: series starting with [1/2] drm/xe: check for negative 'len' in xe_engine_create_ioctl
URL : https://patchwork.freedesktop.org/series/119772/
State : warning
== Summary ==
+ KERNEL=/kernel
+ git clone https://gitlab.freedesktop.org/drm/maintainer-tools mt
Cloning into 'mt'...
warning: redirecting to https://gitlab.freedesktop.org/drm/maintainer-tools.git/
+ git -C mt rev-list -n1 origin/master
c7d32770e3cd31d9fc134ce41f329b10aa33ee15
+ cd /kernel
+ git config --global --add safe.directory /kernel
+ git log -n1
commit efef77ee7c11f5523b306826eb64bb8678c78dce
Author: Paulo Zanoni <paulo.r.zanoni at intel.com>
Date: Thu Jun 22 15:42:55 2023 -0700
drm/xe: properly check bounds for xe_wait_user_fence_ioctl()
If !no_engines, then we use copy_from_user to copy to the 'eci' array,
which has XE_HW_ENGINE_MAX_INSTANCE members. The amount of members
copied is given by the user in args->num_engines, so add code to check
that args->num_engines does not exceed XE_HW_ENGINE_MAX_INSTANCE. It's
an unsigned value so there's no need to check for negative values.
Fixes error messages such as:
Buffer overflow detected (54 < 18446744073709551520)!
Very simple reproducer:
https://people.freedesktop.org/~pzanoni/wait-user-fence-bug/
Signed-off-by: Paulo Zanoni <paulo.r.zanoni at intel.com>
+ /mt/dim checkpatch 4287d7a61a8f6b40e4f99055870b1239d8439050 drm-intel
7119d70c0 drm/xe: check for negative 'len' in xe_engine_create_ioctl
-:9: WARNING:COMMIT_LOG_LONG_LINE: Possible unwrapped commit description (prefer a maximum 75 chars per line)
#9:
usercopy: Kernel memory overwrite attempt detected to wrapped address (offset 0, size 18446660151965198754)!
total: 0 errors, 1 warnings, 0 checks, 8 lines checked
efef77ee7 drm/xe: properly check bounds for xe_wait_user_fence_ioctl()
More information about the Intel-xe
mailing list