* [PATCH v2] drm/i915: clarify reasoning for the access_ok call
@ 2013-03-11 21:37 Kees Cook
2013-03-11 23:16 ` Daniel Vetter
0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2013-03-11 21:37 UTC (permalink / raw)
To: linux-kernel; +Cc: Daniel Vetter, David Airlie, dri-devel
This clarifies the comment above the access_ok check so a missing
VERIFY_READ doesn't alarm anyone.
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
---
v2:
- rewrote comment, thanks to Chris Wilson
---
drivers/gpu/drm/i915/i915_gem_execbuffer.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
index bf7ceca..89c4039 100644
--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c
+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
@@ -751,7 +751,11 @@ validate_exec_list(struct drm_i915_gem_exec_object2 *exec,
length = exec[i].relocation_count *
sizeof(struct drm_i915_gem_relocation_entry);
- /* we may also need to update the presumed offsets */
+ /*
+ * We must check that the entire relocation array is safe
+ * to read, but since we may need to update the presumed
+ * offsets during execution, check for full write access.
+ */
if (!access_ok(VERIFY_WRITE, ptr, length))
return -EFAULT;
--
1.7.9.5
--
Kees Cook
Chrome OS Security
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH v2] drm/i915: clarify reasoning for the access_ok call
2013-03-11 21:37 [PATCH v2] drm/i915: clarify reasoning for the access_ok call Kees Cook
@ 2013-03-11 23:16 ` Daniel Vetter
0 siblings, 0 replies; 2+ messages in thread
From: Daniel Vetter @ 2013-03-11 23:16 UTC (permalink / raw)
To: Kees Cook; +Cc: linux-kernel, Daniel Vetter, David Airlie, dri-devel
On Mon, Mar 11, 2013 at 02:37:35PM -0700, Kees Cook wrote:
> This clarifies the comment above the access_ok check so a missing
> VERIFY_READ doesn't alarm anyone.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
> Cc: Daniel Vetter <daniel.vetter@ffwll.ch>
> ---
> v2:
> - rewrote comment, thanks to Chris Wilson
Queued for -next, thanks for the patch. Fyi I prefer the patch changelog
in the actual commit message so that it gets recorded in git. Usually it's
not that interesting, but sometimes knowning the history of a patch is
really important. I've fixed this while applying.
-Daniel
> ---
> drivers/gpu/drm/i915/i915_gem_execbuffer.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
> index bf7ceca..89c4039 100644
> --- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c
> +++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
> @@ -751,7 +751,11 @@ validate_exec_list(struct drm_i915_gem_exec_object2 *exec,
>
> length = exec[i].relocation_count *
> sizeof(struct drm_i915_gem_relocation_entry);
> - /* we may also need to update the presumed offsets */
> + /*
> + * We must check that the entire relocation array is safe
> + * to read, but since we may need to update the presumed
> + * offsets during execution, check for full write access.
> + */
> if (!access_ok(VERIFY_WRITE, ptr, length))
> return -EFAULT;
>
> --
> 1.7.9.5
>
>
> --
> Kees Cook
> Chrome OS Security
--
Daniel Vetter
Software Engineer, Intel Corporation
+41 (0) 79 365 57 48 - http://blog.ffwll.ch
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-03-11 23:16 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-03-11 21:37 [PATCH v2] drm/i915: clarify reasoning for the access_ok call Kees Cook
2013-03-11 23:16 ` Daniel Vetter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox