| Message ID | a2d3210b-290f-4397-9c3e-efdcca94d8ac@moroto.mountain |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:bcd1:0:b0:403:3b70:6f57 with SMTP id r17csp209554vqy;
Wed, 29 Nov 2023 23:27:39 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IFFvAvFqK7ma1QeJMoAbqKCe1gDkipLbGxKmf80imSUAjUwOn+4RCCoTLtXJMobuZ2VTMyJ
X-Received: by 2002:a17:903:244e:b0:1cf:de3e:e4df with SMTP id
l14-20020a170903244e00b001cfde3ee4dfmr12463813pls.58.1701329258777;
Wed, 29 Nov 2023 23:27:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1701329258; cv=none;
d=google.com; s=arc-20160816;
b=SM1qHkCou/I2thcd9sDVsmhZ8xHxfc95KIs7HSrQS6BQI0qFBuf0yTSo351cEoUbYR
+IScu13MQM6M28buLNf48MHtZ5+HTfWaHGz3D/WZEwqVXjFxG484eos7KJBkx9f2JS14
+50/CkURtOluH1TpiBsVIU6fmau//cdlc25SYkIqtAyv7yvXcORdWVFygqd6C9uYmYiJ
LdRp6GkR7oIbWDE5dDYlsLlw/tJ8UGqMsYBK8BAuN/ocbbPTdCSS8h3YGjnq/QfR91V9
BHRbRkx1dClvnT/all79bhywx9/1K9RLk/G6UO/Ciu2zDniY2ClyEbMMzRGimzsvtu8g
W6aA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-disposition:mime-version:message-id
:subject:cc:to:from:date:dkim-signature;
bh=7WLNcsSt42LaGfjZQ98cMh59wBp+UL1asBOR9zkijns=;
fh=3YsDNDRpkKQkDlxg+U6dAKncT3ZMeGqzPaHa+RMYP6M=;
b=E/EMFIlvog3rZfwIFzhDYAv0weXM8HT/8LR6RfW5Uf78QP0G5rBQnRQxEkHg3uUWlM
uFE5Y1l3DsBOR73THyzgiTyAUA4BXw4g3eYBDLiBi1yc5yxyqMB4gkgu705OeC/88Gc2
XjU6fUsZc1EPHzMvq9yNRlBhQUgx26E4s6vKDDKhMhSxsnOzI1dl9dJpqnyUpQYUMi1M
BQdx6SAHzw6RUFoXCz0O2CfkXTwVLj+cLASs34pGvQjLfCas2JEzdHqKEamM7sKPFe+5
Ub6/PFNH+WPOHE6YD7bHmcX2hPGLKhtENgNqpEoNV3flQfQQ7EhPWAypi/fJuGBsgCT2
WGpw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@linaro.org header.s=google header.b=pxJZU+83;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:1 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1])
by mx.google.com with ESMTPS id
m16-20020a170902db1000b001cf69ac4c14si588625plx.444.2023.11.29.23.27.38
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 29 Nov 2023 23:27:38 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:1 as permitted sender)
client-ip=2620:137:e000::3:1;
Authentication-Results: mx.google.com;
dkim=pass header.i=@linaro.org header.s=google header.b=pxJZU+83;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::3:1 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
by morse.vger.email (Postfix) with ESMTP id 4F8BE80E6C72;
Wed, 29 Nov 2023 23:27:36 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S231739AbjK3H1Q (ORCPT <rfc822;ruipengqi7@gmail.com> + 99 others);
Thu, 30 Nov 2023 02:27:16 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33640 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S231713AbjK3H1P (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 30 Nov 2023 02:27:15 -0500
Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com
[IPv6:2a00:1450:4864:20::229])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1337510EF
for <linux-kernel@vger.kernel.org>;
Wed, 29 Nov 2023 23:27:21 -0800 (PST)
Received: by mail-lj1-x229.google.com with SMTP id
38308e7fff4ca-2c8879a1570so8466871fa.1
for <linux-kernel@vger.kernel.org>;
Wed, 29 Nov 2023 23:27:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=linaro.org; s=google; t=1701329239; x=1701934039;
darn=vger.kernel.org;
h=content-disposition:mime-version:message-id:subject:cc:to:from:date
:from:to:cc:subject:date:message-id:reply-to;
bh=7WLNcsSt42LaGfjZQ98cMh59wBp+UL1asBOR9zkijns=;
b=pxJZU+83KLExIo4EmVxqCv8wdgHTuKTa7225bk6VrXC9IIu0WKgfUQ3gvAeWL1jqdj
rFWYWksY/yTgjUTaoYhuwDosGUv1IgJQR8/+FxzDHdpDpWr3uDEVmX/7xjUSeUe0jBIG
WPzq/STIBN81BIX6ERFOJXLFz4iIbm7NG/8kG9N2fzWNAG/jUyudqO1p9Q064ve0UJQs
VUUODqPWM0V9kqERyQswuNGkDOHG310OLZ2kusrCQJKlmDMjCNM/U1NJBn6R+rdytAZ3
5te/KyV4rbbgfhBAveiw+hBaBNa1fL2Faffj990MNBh8nDlocer0ikj1XG8haVdd/3GL
Lkvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1701329239; x=1701934039;
h=content-disposition:mime-version:message-id:subject:cc:to:from:date
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=7WLNcsSt42LaGfjZQ98cMh59wBp+UL1asBOR9zkijns=;
b=h5dSIY9AQ+tewh8iam9o6+sh0ryjewQSWJhF18xOanvDokYleqFCSWBwxMPrjelIqL
qyUz+iUCIzOGrT1smnd7dvKnNOWRIjOPo9N51NBvk6KGX0qzhZWa/WaWgl0XNiXSwUHP
j8B/aOOmS7ZVEsgbtXbv6Aw2km/ljQXy7euDU32LiJht3xHKygd/rv4SmmLQn3+xO59D
J5r0NaLUA1J9exaXjyTOptrRMRFzqYpWQRZvQwhjmS4uvXjNZ79zoy5O77Rr7GWebdNM
wMyZN2d3PxWAGdCOtUUyS3PaR+Uu3dM99zVDCkr2livOV6gbHgof05SxrZ7zTPClZNb5
AFXQ==
X-Gm-Message-State: AOJu0YzeBIHdifiR3m1fA+CU/L/YVzhjABUCoc/GblK416q6jXTAMu6R
D/YLBeRMyaqIl6W/swr1UNo3AQ==
X-Received: by 2002:a2e:8606:0:b0:2c9:af18:2e8c with SMTP id
a6-20020a2e8606000000b002c9af182e8cmr5027808lji.10.1701329239279;
Wed, 29 Nov 2023 23:27:19 -0800 (PST)
Received: from localhost ([102.36.222.112])
by smtp.gmail.com with ESMTPSA id
n10-20020a05600c4f8a00b004053e9276easm4564118wmq.32.2023.11.29.23.27.18
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 29 Nov 2023 23:27:19 -0800 (PST)
Date: Thu, 30 Nov 2023 10:27:15 +0300
From: Dan Carpenter <dan.carpenter@linaro.org>
To: Sarah Walker <sarah.walker@imgtec.com>
Cc: Frank Binns <frank.binns@imgtec.com>,
Donald Robson <donald.robson@imgtec.com>,
Matt Coster <matt.coster@imgtec.com>,
Maarten Lankhorst <maarten.lankhorst@linux.intel.com>,
Maxime Ripard <mripard@kernel.org>,
Thomas Zimmermann <tzimmermann@suse.de>,
David Airlie <airlied@gmail.com>,
Daniel Vetter <daniel@ffwll.ch>,
dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org,
kernel-janitors@vger.kernel.org
Subject: [PATCH] drm/imagination: fix off by one in pvr_vm_mips_init() error
handling
Message-ID: <a2d3210b-290f-4397-9c3e-efdcca94d8ac@moroto.mountain>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Mailer: git-send-email haha only kidding
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test,
not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]);
Wed, 29 Nov 2023 23:27:36 -0800 (PST)
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1783973028957698240
X-GMAIL-MSGID: 1783973028957698240
|
| Series |
drm/imagination: fix off by one in pvr_vm_mips_init() error handling
|
|
Commit Message
Dan Carpenter
Nov. 30, 2023, 7:27 a.m. UTC
If the call to vmap() fails the "page_nr" is one element beyond the end
of the mips_data->pt_dma_addr[] and mips_data->pt_pages[] arrays.
The way that this is traditionally written is that we clean up the
partial loop iteration before the goto and then we can say
while (--i >= 0). At that point we know that all the elements thus
far are initialized so we don't need to have NULL checks.
Fixes: 927f3e0253c1 ("drm/imagination: Implement MIPS firmware processor and MMU support")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
---
drivers/gpu/drm/imagination/pvr_vm_mips.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
Comments
On Thu, 2023-11-30 at 10:27 +0300, Dan Carpenter wrote: > If the call to vmap() fails the "page_nr" is one element beyond the end > of the mips_data->pt_dma_addr[] and mips_data->pt_pages[] arrays. > > The way that this is traditionally written is that we clean up the > partial loop iteration before the goto and then we can say > while (--i >= 0). At that point we know that all the elements thus > far are initialized so we don't need to have NULL checks. > > Fixes: 927f3e0253c1 ("drm/imagination: Implement MIPS firmware processor and MMU support") > Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> Reviewed-by: Frank Binns <frank.binns@imgtec.com> > --- > drivers/gpu/drm/imagination/pvr_vm_mips.c | 11 +++++------ > 1 file changed, 5 insertions(+), 6 deletions(-) > > diff --git a/drivers/gpu/drm/imagination/pvr_vm_mips.c b/drivers/gpu/drm/imagination/pvr_vm_mips.c > index 7268cf6e630b..2bc7181a4c3e 100644 > --- a/drivers/gpu/drm/imagination/pvr_vm_mips.c > +++ b/drivers/gpu/drm/imagination/pvr_vm_mips.c > @@ -57,6 +57,7 @@ pvr_vm_mips_init(struct pvr_device *pvr_dev) > PAGE_SIZE, DMA_TO_DEVICE); > if (dma_mapping_error(dev, mips_data->pt_dma_addr[page_nr])) { > err = -ENOMEM; > + __free_page(mips_data->pt_pages[page_nr]); > goto err_free_pages; > } > } > @@ -79,13 +80,11 @@ pvr_vm_mips_init(struct pvr_device *pvr_dev) > return 0; > > err_free_pages: > - for (; page_nr >= 0; page_nr--) { > - if (mips_data->pt_dma_addr[page_nr]) > - dma_unmap_page(from_pvr_device(pvr_dev)->dev, > - mips_data->pt_dma_addr[page_nr], PAGE_SIZE, DMA_TO_DEVICE); > + while (--page_nr >= 0) { > + dma_unmap_page(from_pvr_device(pvr_dev)->dev, > + mips_data->pt_dma_addr[page_nr], PAGE_SIZE, DMA_TO_DEVICE); > > - if (mips_data->pt_pages[page_nr]) > - __free_page(mips_data->pt_pages[page_nr]); > + __free_page(mips_data->pt_pages[page_nr]); > } > > return err;
On Thu, 30 Nov 2023 10:27:15 +0300, Dan Carpenter wrote: > If the call to vmap() fails the "page_nr" is one element beyond the end > of the mips_data->pt_dma_addr[] and mips_data->pt_pages[] arrays. > > The way that this is traditionally written is that we clean up the > partial loop iteration before the goto and then we can say > while (--i >= 0). At that point we know that all the elements thus > far are initialized so we don't need to have NULL checks. > > [...] Applied to drm/drm-misc (drm-misc-next). Thanks! Maxime
diff --git a/drivers/gpu/drm/imagination/pvr_vm_mips.c b/drivers/gpu/drm/imagination/pvr_vm_mips.c index 7268cf6e630b..2bc7181a4c3e 100644 --- a/drivers/gpu/drm/imagination/pvr_vm_mips.c +++ b/drivers/gpu/drm/imagination/pvr_vm_mips.c @@ -57,6 +57,7 @@ pvr_vm_mips_init(struct pvr_device *pvr_dev) PAGE_SIZE, DMA_TO_DEVICE); if (dma_mapping_error(dev, mips_data->pt_dma_addr[page_nr])) { err = -ENOMEM; + __free_page(mips_data->pt_pages[page_nr]); goto err_free_pages; } } @@ -79,13 +80,11 @@ pvr_vm_mips_init(struct pvr_device *pvr_dev) return 0; err_free_pages: - for (; page_nr >= 0; page_nr--) { - if (mips_data->pt_dma_addr[page_nr]) - dma_unmap_page(from_pvr_device(pvr_dev)->dev, - mips_data->pt_dma_addr[page_nr], PAGE_SIZE, DMA_TO_DEVICE); + while (--page_nr >= 0) { + dma_unmap_page(from_pvr_device(pvr_dev)->dev, + mips_data->pt_dma_addr[page_nr], PAGE_SIZE, DMA_TO_DEVICE); - if (mips_data->pt_pages[page_nr]) - __free_page(mips_data->pt_pages[page_nr]); + __free_page(mips_data->pt_pages[page_nr]); } return err;