diff mbox

[v2,27/40] drm: Add asserts to catch overflow in drm_mm_init() and drm_mm_init_scan()

Message ID 20161216074718.32500-28-chris@chris-wilson.co.uk (mailing list archive)
State New, archived
Headers show

Commit Message

Chris Wilson Dec. 16, 2016, 7:47 a.m. UTC 
A simple assert to ensure that we don't overflow start + size when
initialising the drm_mm, or its scanner.

In future, we may want to switch to tracking the value of ranges (rather
than size) so that we can cover the full u64, for example like resource
tracking.

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
---
 drivers/gpu/drm/drm_mm.c | 7 +++++++
 1 file changed, 7 insertions(+)

Comments

Joonas Lahtinen Dec. 16, 2016, 1:10 p.m. UTC | #1 
On pe, 2016-12-16 at 07:47 +0000, Chris Wilson wrote:
> A simple assert to ensure that we don't overflow start + size when
> initialising the drm_mm, or its scanner.
> 
> In future, we may want to switch to tracking the value of ranges (rather
> than size) so that we can cover the full u64, for example like resource
> tracking.
> 
> Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>

<SNIP>

> @@ -729,6 +729,8 @@ void drm_mm_init_scan(struct drm_mm *mm,
>  		      u64 alignment,
>  		      unsigned long color)
>  {
> +	DRM_MM_BUG_ON(size == 0);

Nitpicking, DIM will complain that this should be !size.

> +
> >  	mm->scan_color = color;
> >  	mm->scan_alignment = alignment;
> >  	mm->scan_size = size;
> @@ -764,6 +766,9 @@ void drm_mm_init_scan_with_range(struct drm_mm *mm,
>  				 u64 start,
>  				 u64 end)
>  {

Ditto, could have simply DRM_MM_BUG_ON(!size);

Reviewed-by: Joonas Lahtinen <joonas.lahtinen@linux.intel.com>

Regards, Joonas

> +	DRM_MM_BUG_ON(start >= end);
> +	DRM_MM_BUG_ON(size == 0 || size > end - start);
> +
diff mbox

Patch

diff --git a/drivers/gpu/drm/drm_mm.c b/drivers/gpu/drm/drm_mm.c
index 14a5ef505f1b..57267845b7d4 100644
--- a/drivers/gpu/drm/drm_mm.c
+++ b/drivers/gpu/drm/drm_mm.c
@@ -729,6 +729,8 @@  void drm_mm_init_scan(struct drm_mm *mm,
 		      u64 alignment,
 		      unsigned long color)
 {
+	DRM_MM_BUG_ON(size == 0);
+
 	mm->scan_color = color;
 	mm->scan_alignment = alignment;
 	mm->scan_size = size;
@@ -764,6 +766,9 @@  void drm_mm_init_scan_with_range(struct drm_mm *mm,
 				 u64 start,
 				 u64 end)
 {
+	DRM_MM_BUG_ON(start >= end);
+	DRM_MM_BUG_ON(size == 0 || size > end - start);
+
 	mm->scan_color = color;
 	mm->scan_alignment = alignment;
 	mm->scan_size = size;
@@ -882,6 +887,8 @@  EXPORT_SYMBOL(drm_mm_scan_remove_block);
  */
 void drm_mm_init(struct drm_mm *mm, u64 start, u64 size)
 {
+	DRM_MM_BUG_ON(start + size <= start);
+
 	INIT_LIST_HEAD(&mm->hole_stack);
 	mm->scanned_blocks = 0;