FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-30 21:46:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
35095f7529
linux/drivers/gpu/drm
History
Maarten Lankhorst 35095f7529 drm/nouveau: fix size check for cards without vm 
Op 24-07-13 17:55, Dan Carpenter schreef:
> Hello Maarten Lankhorst,
>
> This is a semi-automatic email about new static checker warnings.
>
> The patch 0108bc8081: "drm/nouveau: do not allow negative sizes for
> now" from Jul 7, 2013, leads to the following Smatch complaint:
>
> drivers/gpu/drm/nouveau/nouveau_bo.c:222 nouveau_bo_new()
> 	 warn: variable dereferenced before check 'drm->client.base.vm' (see line 201)
>
> drivers/gpu/drm/nouveau/nouveau_bo.c
>    200		int type = ttm_bo_type_device;
>    201		int max_size = INT_MAX & ~((1 << drm->client.base.vm->vmm->lpg_shift) - 1);
>                                                  ^^^^^^^^^^^^^^^^^^^
> New dereference.
>
>    202
>    203		if (size <= 0 || size > max_size) {
>    204			nv_warn(drm, "skipped size %x\n", (u32)size);
>    205			return -EINVAL;
>    206		}
>    207
>    208		if (sg)
>    209			type = ttm_bo_type_sg;
>    210
>    211		nvbo = kzalloc(sizeof(struct nouveau_bo), GFP_KERNEL);
>    212		if (!nvbo)
>    213			return -ENOMEM;
>    214		INIT_LIST_HEAD(&nvbo->head);
>    215		INIT_LIST_HEAD(&nvbo->entry);
>    216		INIT_LIST_HEAD(&nvbo->vma_list);
>    217		nvbo->tile_mode = tile_mode;
>    218		nvbo->tile_flags = tile_flags;
>    219		nvbo->bo.bdev = &drm->ttm.bdev;
>    220
>    221		nvbo->page_shift = 12;
>    222		if (drm->client.base.vm) {
>                     ^^^^^^^^^^^^^^^^^^^
> Old check.
>
>    223			if (!(flags & TTM_PL_FLAG_TT) && size > 256 * 1024)
>    224				nvbo->page_shift = drm->client.base.vm->vmm->lpg_shift;
>
> regards,
> dan carpenter

8<-----
Commit 0108bc8081: "drm/nouveau: do not allow negative sizes for now" broke
older nvidia gpu's that lack a vm. Add an explicit check to handle this.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Reported-by: konrad wilk <konrad.wilk@oracle.com>
Signed-off-by: Maarten Lankhorst <maarten.lankhorst@canonical.com>
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
2013-07-30 13:04:52 +10:00
..
ast drm/ast: inline reservations 2013-06-28 12:04:04 +10:00
cirrus drm/cirrus: inline reservations 2013-06-28 12:04:05 +10:00
exynos drm/exynos: add support for exynos5420 mixer 2013-06-28 21:13:57 +09:00
gma500 Merge branch 'gma500-fixes' of git://github.com/patjak/drm-gma500 into drm-fixes 2013-06-11 08:16:10 +10:00
i2c drm/i2c: nxp-tda998x (v3) 2013-02-19 17:57:44 -05:00
i810
i915 drm/i915: Don't try to tear down the stolen drm_mm if it's not there 2013-07-02 11:47:19 +02:00
mga
mgag200 drm/mgag200: inline reservations 2013-06-28 12:04:06 +10:00
nouveau drm/nouveau: fix size check for cards without vm 2013-07-30 13:04:52 +10:00
omapdrm drm/gem: add mutex lock when using drm_gem_mmap_obj 2013-06-28 12:30:15 +10:00
qxl qxl: use drm helper hotplug support 2013-07-05 10:44:19 +10:00
r128
radeon drm/radeon/sumo: implement support for disable_gfx_power_gating_in_uvd flag 2013-07-03 17:37:31 -04:00
rcar-du drm: Renesas R-Car Display Unit DRM driver 2013-06-27 10:08:04 +10:00
savage drm (ast, cirrus, mgag200, nouveau, savage, vmwgfx): Remove drm_mtrr_{add, del} 2013-05-31 13:02:54 +10:00
shmobile drm/shmobile: Enable compilation on all ARM platforms 2013-06-20 10:07:14 +02:00
sis drm/sis: convert to idr_alloc() 2013-02-27 19:10:16 -08:00
tdfx
tilcdc drm/tilcdc: Clear bits of register we're going to set. 2013-06-28 09:13:00 +10:00
ttm drm: make drm_mm_init() return void 2013-07-02 13:34:41 +10:00
udl drm: Drop all the stub gamma_get, gamma_set, load_lut functions from drivers 2013-06-17 19:42:47 +10:00
via drm/via: convert to idr_alloc() 2013-02-27 19:10:16 -08:00
vmwgfx drm/vmwgfx: get rid of ttm_bo_is_reserved usage 2013-06-28 12:04:14 +10:00
ati_pcigart.c
drm_agpsupport.c
drm_auth.c
drm_buffer.c
drm_bufs.c drm: Don't leak phys_wc "handles" to userspace 2013-05-31 13:37:39 +10:00
drm_cache.c lib/scatterlist: sg_page_iter: support sg lists w/o backing pages 2013-03-27 17:13:44 +01:00
drm_context.c drm: convert to idr_alloc() 2013-02-27 19:10:15 -08:00
drm_crtc_helper.c Revert "drm: kms_helper: don't lose hotplug event" 2013-06-28 20:31:34 +10:00
drm_crtc.c drm: add hotspot support for cursors. 2013-06-28 09:13:39 +10:00
drm_debugfs.c
drm_dma.c
drm_dp_helper.c
drm_drv.c drm: add hotspot support for cursors. 2013-06-28 09:13:39 +10:00
drm_edid_load.c drm: Cocci spatch "memdup.spatch" 2013-06-11 08:29:22 +10:00
drm_edid.c drm: add assertion for checking null edid to drm_edid_block_valid 2013-07-04 10:52:50 +10:00
drm_encoder_slave.c drm: refactor call to request_module 2013-05-10 14:46:03 +10:00
drm_fb_cma_helper.c Merge branch 'tilcdc-next' of git://people.freedesktop.org/~robclark/linux into drm-next 2013-02-21 09:31:47 +10:00
drm_fb_helper.c drm/fb-helper: Make load_lut and gamma_set/gamma_get hooks optional 2013-06-17 19:42:47 +10:00
drm_fops.c drm: fix error routines in drm_open_helper 2013-07-04 10:53:37 +10:00
drm_gem_cma_helper.c drm/gem: add mutex lock when using drm_gem_mmap_obj 2013-06-28 12:30:15 +10:00
drm_gem.c drm: make drm_mm_init() return void 2013-07-02 13:34:41 +10:00
drm_global.c
drm_hashtab.c hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
drm_info.c
drm_ioc32.c
drm_ioctl.c drm: Don't leak phys_wc "handles" to userspace 2013-05-31 13:37:39 +10:00
drm_irq.c drm: fix a use-after-free when GPU acceleration disabled 2013-06-03 19:12:04 +10:00
drm_lock.c
drm_memory.c
drm_mm.c drm/mm: WARN for unclean mm takedown 2013-07-04 10:01:12 +10:00
drm_modes.c drm: Sort connector modes based on vrefresh 2013-06-11 08:35:51 +10:00
drm_pci.c drm, agpgart: Use pgprot_writecombine for AGP maps and make the MTRR optional 2013-05-31 13:37:31 +10:00
drm_platform.c
drm_prime.c drm/prime: fix up handle_to_fd ioctl return value 2013-07-04 09:58:55 +10:00
drm_proc.c drm: proc: Use remove_proc_subtree() 2013-05-01 17:29:44 -04:00
drm_rect.c drm: Add drm_rect_debug_print() 2013-04-30 22:20:00 +02:00
drm_scatter.c
drm_stub.c drm: drm_stub: Fixing return value if driver master_set call failed 2013-06-27 21:03:16 +10:00
drm_sysfs.c drm: Convert drm class driver from legacy pm ops to dev_pm_ops 2013-07-04 10:50:26 +10:00
drm_trace_points.c
drm_trace.h drm: fix print format of sequence in trace point 2013-07-04 10:55:27 +10:00
drm_usb.c drm/usb: bind driver to correct device 2013-02-07 12:37:41 +10:00
drm_vm.c drm_vm: drop explicit VM_IO setting 2013-06-24 06:26:50 +10:00
Kconfig drm/nouveau: always select ACPI_VIDEO if ACPI is enabled. 2013-06-28 11:56:22 +10:00
Makefile drm: Renesas R-Car Display Unit DRM driver 2013-06-27 10:08:04 +10:00
README.drm

README.drm 

************************************************************
* For the very latest on DRI development, please see:      *
*     http://dri.freedesktop.org/                          *
************************************************************

The Direct Rendering Manager (drm) is a device-independent kernel-level
device driver that provides support for the XFree86 Direct Rendering
Infrastructure (DRI).

The DRM supports the Direct Rendering Infrastructure (DRI) in four major
ways:

    1. The DRM provides synchronized access to the graphics hardware via
       the use of an optimized two-tiered lock.

    2. The DRM enforces the DRI security policy for access to the graphics
       hardware by only allowing authenticated X11 clients access to
       restricted regions of memory.

    3. The DRM provides a generic DMA engine, complete with multiple
       queues and the ability to detect the need for an OpenGL context
       switch.

    4. The DRM is extensible via the use of small device-specific modules
       that rely extensively on the API exported by the DRM module.


Documentation on the DRI is available from:
    http://dri.freedesktop.org/wiki/Documentation
    http://sourceforge.net/project/showfiles.php?group_id=387
    http://dri.sourceforge.net/doc/

For specific information about kernel-level support, see:

    The Direct Rendering Manager, Kernel Support for the Direct Rendering
    Infrastructure
    http://dri.sourceforge.net/doc/drm_low_level.html

    Hardware Locking for the Direct Rendering Infrastructure
    http://dri.sourceforge.net/doc/hardware_locking_low_level.html

    A Security Analysis of the Direct Rendering Infrastructure
    http://dri.sourceforge.net/doc/security_low_level.html