Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp1542902pxb; Thu, 16 Sep 2021 09:34:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxBLzUycatUvFmD5dvk56iLQP7ij1j5K/KW83IJXaTewXRIhM1muZyEsz5hJNgkfULBFYBR X-Received: by 2002:a6b:fd19:: with SMTP id c25mr472944ioi.51.1631810098503; Thu, 16 Sep 2021 09:34:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1631810098; cv=none; d=google.com; s=arc-20160816; b=cRzR8zQnTgHb9Qyy21Mq4GBbhTIOQB+Tilkf0dnyRkFCvVe190RufGRMsT1ZK9gOvo CYYw5S8JmGwdGDyQFzvYTl2Fx7fMiDWlp9yxmwyPMLtj8UvwAcKTBf+Kb1ffIg85dE4C r/InEwCfA1mioId+T3q76uZXvJBbLLWmIjmk06RjUe/sVk1zwBYQo39W1LFjWPLvEUsB O03H6FWCFfX+0nlopE7jQs/6uuXGcaoxnFakvU3K4+S1c7spmrWXLveYPEu1C0kzKhn3 MgLBE8MdhlX7ah5T8ofuUudlthy4u8FB4Hk6GC9jIqaX2sSq+O8pQdi5kwCTjZS5V/4Z Pplw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=IaimdNSGsRzkooO1OUi14khRW+9URXJ+6AvFNjHlnGU=; b=FeA8wNcuqPXxviFpRS9WE6qcpP9SxeD5v7aXhKHeslbVWuLvzEYFDldosLkTkH05Ol TCv22EWz7xvPwIEPrVOc5DbYCLkq39i02dcPXAMr254SOcEYUXFdtKFGYLsjl6pqVxOi KhyIBqKBmMUZYe5Xiq0sdeNUeQuU6jKQiITGNdffbYioujTkcgWWM+7MMi9eVmxbbkts cN10kZMJfRrza+yPKb56d+0oiJ0Tij7ecQpqBe+BwASc7ETsBkKAVjKITQDxK54ZWmyB zX0Nu6gSlcpTb77L2hyvO7nIxWMW9wPf12MznUO8BU0I9tG1LME0dGwyCy7o2CYT+ISs GCcw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=baEm8fuS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id d27si2962450jaa.121.2021.09.16.09.34.40; Thu, 16 Sep 2021 09:34:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=baEm8fuS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242335AbhIPQdv (ORCPT + 99 others); Thu, 16 Sep 2021 12:33:51 -0400 Received: from mail.kernel.org ([198.145.29.99]:38076 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S241633AbhIPQZj (ORCPT ); Thu, 16 Sep 2021 12:25:39 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id E149061269; Thu, 16 Sep 2021 16:16:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1631809007; bh=MFn2xFF6eedNKjNLfyzWj+URVZpOwNk54p1yf31t4VU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=baEm8fuSNgwVzjSy0YSCgZnuu/9dN7SGPGyte4hc9yx1svERrX1oLzYrpcApEVV6D pGEx1PXDL28hK1KcxuocEvB5etcSZiLdDPmL2pJVZBDlcnhGomRtJSkYdx9KYo4BSp 1Mke9Ss/yUSzuInlyoXwTveuHs4hmHVDYJM8byQc= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Alyssa Rosenzweig , Steven Price , Rob Herring , Chris Morgan Subject: [PATCH 5.10 303/306] drm/panfrost: Simplify lock_region calculation Date: Thu, 16 Sep 2021 18:00:48 +0200 Message-Id: <20210916155804.418777102@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210916155753.903069397@linuxfoundation.org> References: <20210916155753.903069397@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Alyssa Rosenzweig commit b5fab345654c603c07525100d744498f28786929 upstream. In lock_region, simplify the calculation of the region_width parameter. This field is the size, but encoded as ceil(log2(size)) - 1. ceil(log2(size)) may be computed directly as fls(size - 1). However, we want to use the 64-bit versions as the amount to lock can exceed 32-bits. This avoids undefined (and completely wrong) behaviour when locking all memory (size ~0). In this case, the old code would "round up" ~0 to the nearest page, overflowing to 0. Since fls(0) == 0, this would calculate a region width of 10 + 0 = 10. But then the code would shift by (region_width - 11) = -1. As shifting by a negative number is undefined, UBSAN flags the bug. Of course, even if it were defined the behaviour is wrong, instead of locking all memory almost none would get locked. The new form of the calculation corrects this special case and avoids the undefined behaviour. Signed-off-by: Alyssa Rosenzweig Reported-and-tested-by: Chris Morgan Fixes: f3ba91228e8e ("drm/panfrost: Add initial panfrost driver") Cc: Reviewed-by: Steven Price Reviewed-by: Rob Herring Signed-off-by: Steven Price Link: https://patchwork.freedesktop.org/patch/msgid/20210824173028.7528-2-alyssa.rosenzweig@collabora.com Signed-off-by: Greg Kroah-Hartman --- drivers/gpu/drm/panfrost/panfrost_mmu.c | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) --- a/drivers/gpu/drm/panfrost/panfrost_mmu.c +++ b/drivers/gpu/drm/panfrost/panfrost_mmu.c @@ -59,21 +59,12 @@ static void lock_region(struct panfrost_ { u8 region_width; u64 region = iova & PAGE_MASK; - /* - * fls returns: - * 1 .. 32 - * - * 10 + fls(num_pages) - * results in the range (11 .. 42) - */ - - size = round_up(size, PAGE_SIZE); - region_width = 10 + fls(size >> PAGE_SHIFT); - if ((size >> PAGE_SHIFT) != (1ul << (region_width - 11))) { - /* not pow2, so must go up to the next pow2 */ - region_width += 1; - } + /* The size is encoded as ceil(log2) minus(1), which may be calculated + * with fls. The size must be clamped to hardware bounds. + */ + size = max_t(u64, size, PAGE_SIZE); + region_width = fls64(size - 1) - 1; region |= region_width; /* Lock the region that needs to be updated */