| Message ID | 20130311213735.GA22493@www.outflux.net (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Mon, Mar 11, 2013 at 02:37:35PM -0700, Kees Cook wrote: > This clarifies the comment above the access_ok check so a missing > VERIFY_READ doesn't alarm anyone. > > Signed-off-by: Kees Cook <keescook@chromium.org> > Cc: Daniel Vetter <daniel.vetter@ffwll.ch> > --- > v2: > - rewrote comment, thanks to Chris Wilson Queued for -next, thanks for the patch. Fyi I prefer the patch changelog in the actual commit message so that it gets recorded in git. Usually it's not that interesting, but sometimes knowning the history of a patch is really important. I've fixed this while applying. -Daniel > --- > drivers/gpu/drm/i915/i915_gem_execbuffer.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c > index bf7ceca..89c4039 100644 > --- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c > +++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c > @@ -751,7 +751,11 @@ validate_exec_list(struct drm_i915_gem_exec_object2 *exec, > > length = exec[i].relocation_count * > sizeof(struct drm_i915_gem_relocation_entry); > - /* we may also need to update the presumed offsets */ > + /* > + * We must check that the entire relocation array is safe > + * to read, but since we may need to update the presumed > + * offsets during execution, check for full write access. > + */ > if (!access_ok(VERIFY_WRITE, ptr, length)) > return -EFAULT; > > -- > 1.7.9.5 > > > -- > Kees Cook > Chrome OS Security
diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c index bf7ceca..89c4039 100644 --- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c +++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c @@ -751,7 +751,11 @@ validate_exec_list(struct drm_i915_gem_exec_object2 *exec, length = exec[i].relocation_count * sizeof(struct drm_i915_gem_relocation_entry); - /* we may also need to update the presumed offsets */ + /* + * We must check that the entire relocation array is safe + * to read, but since we may need to update the presumed + * offsets during execution, check for full write access. + */ if (!access_ok(VERIFY_WRITE, ptr, length)) return -EFAULT;
This clarifies the comment above the access_ok check so a missing VERIFY_READ doesn't alarm anyone. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Daniel Vetter <daniel.vetter@ffwll.ch> --- v2: - rewrote comment, thanks to Chris Wilson --- drivers/gpu/drm/i915/i915_gem_execbuffer.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)