When checking whether the reported lfb_size makes sense, we PAGE_ALIGN
height * stride before seeing whether it exceeds the reported size.
This doesn't work if height * stride is not an exact number of pages.
For example, as reported in kernel bugzilla linked, an 800x600x32 EFI
framebuffer gets skipped because of this.
Move the PAGE_ALIGN to after the check vs size.
BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=206051
Signed-off-by: Arvind Sankar <[email protected]>
---
arch/x86/kernel/sysfb_simplefb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/sysfb_simplefb.c b/arch/x86/kernel/sysfb_simplefb.c
index 01f0e2263b86..298fc1edd9c9 100644
--- a/arch/x86/kernel/sysfb_simplefb.c
+++ b/arch/x86/kernel/sysfb_simplefb.c
@@ -90,11 +90,11 @@ __init int create_simplefb(const struct screen_info *si,
if (si->orig_video_isVGA == VIDEO_TYPE_VLFB)
size <<= 16;
length = mode->height * mode->stride;
- length = PAGE_ALIGN(length);
if (length > size) {
printk(KERN_WARNING "sysfb: VRAM smaller than advertised\n");
return -EINVAL;
}
+ length = PAGE_ALIGN(length);
/* setup IORESOURCE_MEM as framebuffer memory */
memset(&res, 0, sizeof(res));
--
2.24.1
On Tue, Jan 07, 2020 at 06:04:10PM -0500, Arvind Sankar wrote:
> When checking whether the reported lfb_size makes sense, we PAGE_ALIGN
> height * stride before seeing whether it exceeds the reported size.
>
> This doesn't work if height * stride is not an exact number of pages.
> For example, as reported in kernel bugzilla linked, an 800x600x32 EFI
> framebuffer gets skipped because of this.
>
> Move the PAGE_ALIGN to after the check vs size.
>
> BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=206051
> Signed-off-by: Arvind Sankar <[email protected]>
> ---
> arch/x86/kernel/sysfb_simplefb.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/sysfb_simplefb.c b/arch/x86/kernel/sysfb_simplefb.c
> index 01f0e2263b86..298fc1edd9c9 100644
> --- a/arch/x86/kernel/sysfb_simplefb.c
> +++ b/arch/x86/kernel/sysfb_simplefb.c
> @@ -90,11 +90,11 @@ __init int create_simplefb(const struct screen_info *si,
> if (si->orig_video_isVGA == VIDEO_TYPE_VLFB)
> size <<= 16;
> length = mode->height * mode->stride;
> - length = PAGE_ALIGN(length);
> if (length > size) {
> printk(KERN_WARNING "sysfb: VRAM smaller than advertised\n");
> return -EINVAL;
> }
> + length = PAGE_ALIGN(length);
>
> /* setup IORESOURCE_MEM as framebuffer memory */
> memset(&res, 0, sizeof(res));
> --
Christopher,
can I add your Reported-by: and Tested-by: tags to the patch?
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
The following commit has been merged into the x86/boot branch of tip:
Commit-ID: dacc9092336be20b01642afe1a51720b31f60369
Gitweb: https://git.kernel.org/tip/dacc9092336be20b01642afe1a51720b31f60369
Author: Arvind Sankar <[email protected]>
AuthorDate: Tue, 07 Jan 2020 18:04:10 -05:00
Committer: Borislav Petkov <[email protected]>
CommitterDate: Mon, 20 Jan 2020 10:57:53 +01:00
x86/sysfb: Fix check for bad VRAM size
When checking whether the reported lfb_size makes sense, the height
* stride result is page-aligned before seeing whether it exceeds the
reported size.
This doesn't work if height * stride is not an exact number of pages.
For example, as reported in the kernel bugzilla below, an 800x600x32 EFI
framebuffer gets skipped because of this.
Move the PAGE_ALIGN to after the check vs size.
Reported-by: Christopher Head <[email protected]>
Tested-by: Christopher Head <[email protected]>
Signed-off-by: Arvind Sankar <[email protected]>
Signed-off-by: Borislav Petkov <[email protected]>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206051
Link: https://lkml.kernel.org/r/[email protected]
---
arch/x86/kernel/sysfb_simplefb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kernel/sysfb_simplefb.c b/arch/x86/kernel/sysfb_simplefb.c
index 01f0e22..298fc1e 100644
--- a/arch/x86/kernel/sysfb_simplefb.c
+++ b/arch/x86/kernel/sysfb_simplefb.c
@@ -90,11 +90,11 @@ __init int create_simplefb(const struct screen_info *si,
if (si->orig_video_isVGA == VIDEO_TYPE_VLFB)
size <<= 16;
length = mode->height * mode->stride;
- length = PAGE_ALIGN(length);
if (length > size) {
printk(KERN_WARNING "sysfb: VRAM smaller than advertised\n");
return -EINVAL;
}
+ length = PAGE_ALIGN(length);
/* setup IORESOURCE_MEM as framebuffer memory */
memset(&res, 0, sizeof(res));