Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp1245761pxb; Fri, 21 Jan 2022 13:14:55 -0800 (PST) X-Google-Smtp-Source: ABdhPJxqUHomUvRlEVqRD5UJDWHyVPm3IrStjIigrK+aZBwFNVujurlOD8NQdQwg3Tes0apUOmyG X-Received: by 2002:a63:79c3:: with SMTP id u186mr4232642pgc.488.1642799695240; Fri, 21 Jan 2022 13:14:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1642799695; cv=none; d=google.com; s=arc-20160816; b=ktmWszIG8eI0hf1jOvFxxFCMIXYy5RjSBs/Jijl7+OXKeet1lelNJDeRVi3fh+yQL8 +XjTJum/ukC2ghOR8nmSPm3PsWcayIkamJDShinxk+YFwnd+Xff+BPSYjJ6hn6NV4FTO ZqDKgAcRgDq4dc0lrXR0bk1LKDLgtwyoUNcGWBBKAepyaCQiWmDGKQvI3bneAP8tS+Sa 5VowJO7ReMSpbYiM8PUwE3u2vOC9AysIWdLL+YtsM2DtNd9Z2rq1TgdVZ2JmvphCAOUl zwuFS9Khr94Tw0PcwUQsdfu9RgVsSymMO3m/VQPJjUpjuqOaQuuyKY2HakBNXP1Y13Wb pJUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from; bh=OhA/Odc6oAAQ+Gf01bPlZrvnY0bwL+pV/t4LC0kMMbA=; b=l6ovNhKHKhBjnJ5hBJCv69AB5E0Z7lqoTLdcWmk/dmeYKTNSMe4crQfGQK7syjEvpP GYpUL+XKcW8WQls9Y31evpL7Nhyiwq2MSCS+FYs4uFVeKG5dT9kSWCOLs10iyVEp0dO1 icjU2PW54TFed3+U+CXhTb62ic4pZVLvffY7UIiDXp9JhK0zKn6Fdx/CAftN5ichymDW 8f8BSRRalTbEY93OfDn0bOnM0AHyqC7uLahjw/qDQ2M3COtzWyPAhowogQiePqgwMqj9 XvM9HJezz/ylc9rm4FPesE7g221YQFsZR1zsbOWFuH6JiNzbuDPkXsvcPw0+0MgwlgSm rOag== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mediatek.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g6si6518109plt.615.2022.01.21.13.14.43; Fri, 21 Jan 2022 13:14:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=mediatek.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1359706AbiATJ7n (ORCPT + 99 others); Thu, 20 Jan 2022 04:59:43 -0500 Received: from mailgw02.mediatek.com ([210.61.82.184]:54940 "EHLO mailgw02.mediatek.com" rhost-flags-OK-FAIL-OK-FAIL) by vger.kernel.org with ESMTP id S241779AbiATJ7m (ORCPT ); Thu, 20 Jan 2022 04:59:42 -0500 X-UUID: fd05882b4df84d1e9a1d3b7ebbe5731f-20220120 X-UUID: fd05882b4df84d1e9a1d3b7ebbe5731f-20220120 Received: from mtkcas11.mediatek.inc [(172.21.101.40)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-SHA384 256/256) with ESMTP id 1198683157; Thu, 20 Jan 2022 17:59:40 +0800 Received: from mtkcas11.mediatek.inc (172.21.101.40) by mtkmbs10n2.mediatek.inc (172.21.101.183) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.2.792.3; Thu, 20 Jan 2022 17:59:38 +0800 Received: from mszswglt01.gcn.mediatek.inc (10.16.20.20) by mtkcas11.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Thu, 20 Jan 2022 17:59:37 +0800 From: To: CC: , , , , , , , , , , , , , , , , , , , , , Guangming Subject: [PATCH v6 RESEND] dma-buf: system_heap: Add a size check for allocation Date: Thu, 20 Jan 2022 18:00:36 +0800 Message-ID: <20220120100036.99867-1-guangming.cao@mediatek.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220120085259.98147-1-guangming.cao@mediatek.com> References: <20220120085259.98147-1-guangming.cao@mediatek.com> MIME-Version: 1.0 Content-Type: text/plain X-MTK: N Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Guangming Add a size check for allocation since the allocation size should be always less than the total DRAM size on system heap. Adding this check can prevent comsuming too much time for invalid allocations. Signed-off-by: Guangming Acked-by: John Stultz --- drivers/dma-buf/heaps/system_heap.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/dma-buf/heaps/system_heap.c b/drivers/dma-buf/heaps/system_heap.c index 23a7e74ef966..b65e597a742f 100644 --- a/drivers/dma-buf/heaps/system_heap.c +++ b/drivers/dma-buf/heaps/system_heap.c @@ -347,6 +347,14 @@ static struct dma_buf *system_heap_allocate(struct dma_heap *heap, struct page *page, *tmp_page; int i, ret = -ENOMEM; + /* + * Size check. The "len" should be less than totalram since system_heap + * memory is comes from system. Adding check here can prevent comsuming + * too much time for invalid allocations. + */ + if (PFN_DOWN(len) > totalram_pages()) + return ERR_PTR(-EINVAL); + buffer = kzalloc(sizeof(*buffer), GFP_KERNEL); if (!buffer) return ERR_PTR(-ENOMEM); -- 2.17.1