[PATCH] drm/i915: clarify reasoning for the access_ok call
From: Kees Cook
Date: Mon Mar 11 2013 - 15:26:38 EST
This clarifies the comment above the access_ok check so a missing
VERIFY_READ doesn't alarm anyone.
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: Daniel Vetter <daniel.vetter@xxxxxxxx>
---
drivers/gpu/drm/i915/i915_gem_execbuffer.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
index 2f2daeb..752e399 100644
--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c
+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
@@ -747,7 +747,11 @@ validate_exec_list(struct drm_i915_gem_exec_object2 *exec,
length = exec[i].relocation_count *
sizeof(struct drm_i915_gem_relocation_entry);
- /* we may also need to update the presumed offsets */
+ /*
+ * Validate memory range. Since we may need to update the
+ * presumed offsets, use VERIFY_WRITE. (Writable implies
+ * readable.)
+ */
if (!access_ok(VERIFY_WRITE, ptr, length))
return -EFAULT;
--
1.7.9.5
--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/