superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/drivers/gpu
History
Matthew Wilcox 69ef943dbc drm: Use array_size() when creating lease 
Passing an object_count of sufficient size will make
object_count * 4 wrap around to be very small, then a later function
will happily iterate off the end of the object_ids array.  Using
array_size() will saturate at SIZE_MAX, the kmalloc() will fail and
we'll return an -ENOMEM to the norty userspace.

Fixes: 62884cd386 ("drm: Add four ioctls for managing drm mode object leases [v7]")
Signed-off-by: Matthew Wilcox <willy@infradead.org>
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: <stable@vger.kernel.org> # v4.15+
Signed-off-by: Dave Airlie <airlied@redhat.com>
 		2019-02-15 13:08:08 +10:00
..
drm drm: Use array_size() when creating lease 2019-02-15 13:08:08 +10:00
host1x gpu: host1x: Add Tegra194 support 2018-11-29 17:11:49 +01:00
ipu-v3 gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change 2019-01-23 11:56:44 +01:00
vga vga-switcheroo: make PCI dependency explicit 2019-01-15 23:16:47 +01:00
Makefile