korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-12-27 13:05:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
e41456bfc8
linux/drivers/gpu/drm/exynos
History
Joonyoung Shim e41456bfc8 drm/exynos: g2d: prevent integer overflow in 
The size computations done in the ioctl function use an integer.
If userspace submits a request with req->cmd_nr or req->cmd_buf_nr
set to INT_MAX, the integer computations overflow later, leading
to potential (kernel) memory corruption.

Prevent this issue by enforcing a limit on the number of submitted
commands, so that we have enough headroom later for the size
computations.

Note that this change has no impact on the currently available
users in userspace, like e.g. libdrm/exynos.

While at it, also make a comment about the size computation more
detailed.

Signed-off-by: Joonyoung Shim <jy0922.shim@samsung.com>
Signed-off-by: Tobias Jakobi <tjakobi@math.uni-bielefeld.de>
Signed-off-by: Inki Dae <inki.dae@samsung.com>
2017-01-31 08:50:35 +09:00
..
exynos7_drm_decon.c drm: Nuke fb->pixel_format 2016-12-15 14:55:34 +02:00
exynos5433_drm_decon.c Merge tag 'drm-misc-next-2017-01-23' of git://anongit.freedesktop.org/git/drm-misc into drm-next 2017-01-27 12:10:24 +10:00
exynos_dp.c drm: bridge: Link encoder and bridge in core code 2016-12-18 16:31:45 +05:30
exynos_drm_core.c drm/exynos: remove superfluous inclusions of fbdev header 2016-06-19 14:37:28 +09:00
exynos_drm_crtc.c drm/exynos: use atomic helper commit 2017-01-31 08:49:47 +09:00
exynos_drm_crtc.h drm/exynos: remove unnecessary codes 2017-01-31 08:49:42 +09:00
exynos_drm_dpi.c drm: exynos: Rely on the default ->best_encoder() behavior 2016-06-10 17:22:15 +02:00
exynos_drm_drv.c drm/exynos: use atomic helper commit 2017-01-31 08:49:47 +09:00
exynos_drm_drv.h drm: exynos: use crtc helper drm_crtc_from_index() 2017-01-18 08:56:59 -05:00
exynos_drm_dsi.c drm: bridge: Link encoder and bridge in core code 2016-12-18 16:31:45 +05:30
exynos_drm_fb.c drm/exynos: use atomic helper commit 2017-01-31 08:49:47 +09:00
exynos_drm_fb.h Merge branch 'drm-next' of git://people.freedesktop.org/~airlied/linux 2016-01-17 13:40:25 -08:00
exynos_drm_fbdev.c drm/exynos: Stop using drm_framebuffer_unregister_private 2017-01-31 08:49:35 +09:00
exynos_drm_fbdev.h drm/exynos: build fbdev code conditionally 2016-04-30 01:03:45 +09:00
exynos_drm_fimc.c drm/exynos: gsc: fix spelling mistakes 2016-12-05 22:08:58 +09:00
exynos_drm_fimc.h drm/exynos: change file license to GPL 2013-01-04 15:54:32 +09:00
exynos_drm_fimd.c drm: Nuke fb->pixel_format 2016-12-15 14:55:34 +02:00
exynos_drm_g2d.c drm/exynos: g2d: prevent integer overflow in 2017-01-31 08:50:35 +09:00
exynos_drm_g2d.h
exynos_drm_gem.c mm: use vmf->address instead of of vmf->virtual_address 2016-12-14 16:04:09 -08:00
exynos_drm_gem.h dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
exynos_drm_gsc.c drm/exynos: gsc: fix spelling mistakes 2016-12-05 22:08:58 +09:00
exynos_drm_gsc.h drm/exynos: change file license to GPL 2013-01-04 15:54:32 +09:00
exynos_drm_iommu.c drm/exynos: iommu: move ARM specific code to exynos_drm_iommu.h 2016-07-13 23:06:06 +09:00
exynos_drm_iommu.h iommu/dma: Avoid PCI host bridge windows 2016-09-16 09:34:22 +01:00
exynos_drm_ipp.c drm/exynos: ipp: fix incorrect format specifiers in debug messages 2016-03-01 23:37:08 +09:00
exynos_drm_ipp.h drm/exynos/ipp: remove unused field in command node 2014-09-20 00:56:10 +09:00
exynos_drm_mic.c drm/exynos: mic: Add runtime PM support 2017-01-31 08:49:38 +09:00
exynos_drm_plane.c drm/exynos: use drm core to handle page-flip event 2016-10-01 00:39:37 +09:00
exynos_drm_plane.h drm/exynos: rename zpos to index 2016-01-13 00:16:33 +09:00
exynos_drm_rotator.c drm/exynos: rotator: fix system and runtime pm integration 2016-09-18 22:20:38 +09:00
exynos_drm_rotator.h drm/exynos: change file license to GPL 2013-01-04 15:54:32 +09:00
exynos_drm_vidi.c drm/exynos: use drm core to handle page-flip event 2016-10-01 00:39:37 +09:00
exynos_drm_vidi.h drm/exynos: change file license to GPL 2013-01-04 15:54:32 +09:00
exynos_hdmi.c drm/exynos/hdmi: refactor infoframe code 2016-12-05 22:08:58 +09:00
exynos_mixer.c drm/exynos: fix a timeout loop 2017-01-31 08:50:30 +09:00
Kconfig drm/exynos: Use VIDEO_SAMSUNG_EXYNOS_GSC=n as GSC Kconfig dependency 2016-12-05 22:08:59 +09:00
Makefile drm/exynos: build fbdev code conditionally 2016-04-30 01:03:45 +09:00
regs-fimc.h drm/exynos: add device tree support for fimc ipp driver 2013-04-29 14:35:32 +09:00
regs-gsc.h drm/exynos: gsc: add device tree support and remove usage of static mappings 2015-12-13 22:22:53 +09:00
regs-hdmi.h drm/exynos/hdmi: refactor infoframe code 2016-12-05 22:08:58 +09:00
regs-mixer.h drm/exynos: mixer: refactor layer setup 2016-01-13 00:16:36 +09:00
regs-rotator.h drm/exynos: add rotator ipp driver 2012-12-15 02:39:41 +09:00
regs-vp.h