Re: [PATCH] drm/fb-helper: Fix height, width, and accel_flags in fb_var

From: Geert Uytterhoeven
Date: Thu Apr 20 2023 - 05:15:50 EST

Next message: Nicolas Schier: "Re: [PATCH 3/3] kbuild: do not create intermediate *.tar for tar packages"
Previous message: WeitaoWang-oc@xxxxxxxxxxx: "Re: [PATCH] UHCI：adjust zhaoxin UHCI controllers OverCurrent bit value"
In reply to: Daniel Vetter: "Re: [PATCH] drm/fb-helper: Fix height, width, and accel_flags in fb_var"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Daniel,

On Wed, Apr 19, 2023 at 6:38 PM Daniel Vetter <daniel@xxxxxxxx> wrote:
> On Tue, Apr 18, 2023 at 08:42:46PM +0200, Geert Uytterhoeven wrote:
> > Fbtest contains some very simple validation of the fbdev userspace API
> > contract. When used with shmob-drm, it reports the following warnings
> > and errors:
> >
> > height changed from 68 to 0
> > height was rounded down
> > width changed from 111 to 0
> > width was rounded down
> > accel_flags changed from 0 to 1
> >
> > The first part happens because __fill_var() resets the physical
> > dimensions of the first connector, as filled in by drm_setup_crtcs_fb().
> > Fix this by retaining the original values.
> >
> > The last part happens because __fill_var() forces the FB_ACCELF_TEXT
> > flag on, while fbtest disables all acceleration on purpose, so it can
> > draw safely to the frame buffer. Fix this by setting accel_flags to
> > zero, as DRM does not implement any text console acceleration.
> > Note that this issue can also be seen in the output of fbset, which
> > reports "accel true".
> >
> > Fixes: ee4cce0a8f03a333 ("drm/fb-helper: fix input validation gaps in check_var")
> > Signed-off-by: Geert Uytterhoeven <geert+renesas@xxxxxxxxx>

> > --- a/drivers/gpu/drm/drm_fb_helper.c
> > +++ b/drivers/gpu/drm/drm_fb_helper.c
> > @@ -2066,7 +2068,7 @@ static void drm_fb_helper_fill_var(struct fb_info *info,
> > info->pseudo_palette = fb_helper->pseudo_palette;
> > info->var.xoffset = 0;
> > info->var.yoffset = 0;
> > - __fill_var(&info->var, fb);
> > + __fill_var(&info->var, info, fb);
>
> Bit a bikeshed since it zeroed-allocated anyway, but I'd pass NULL here
> for info and catch that in __fill_var and then keep the explicit = 0;

Yeah, it's a bit unfortunate this is done in two places, and
info->var.{height,width} are initialized by drm_setup_crtcs_fb()
only later.

Most of the var contents cannot change as mode changes are not
supported, so drm_fb_helper_check_var() should just do

if (var->foo > info->var.foo)
return -EINVAL;
var->foo = info->var.foo;

For the parts that can change, based on earlier discussions I saw pass
by, I believe there should be a call into atomic try-modesetting at
the end of drm_fb_helper_check_var()?

> Either way Reviewed-by: Daniel Vetter <daniel.vetter@xxxxxxxx>

Thanks!

Gr{oetje,eeting}s,

Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds

Next message: Nicolas Schier: "Re: [PATCH 3/3] kbuild: do not create intermediate *.tar for tar packages"
Previous message: WeitaoWang-oc@xxxxxxxxxxx: "Re: [PATCH] UHCI：adjust zhaoxin UHCI controllers OverCurrent bit value"
In reply to: Daniel Vetter: "Re: [PATCH] drm/fb-helper: Fix height, width, and accel_flags in fb_var"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]