diff options
| -rw-r--r-- | kgsl.c | 4 | ||||
| -rw-r--r-- | kgsl_iommu.c | 14 |
2 files changed, 14 insertions, 4 deletions
@@ -2304,6 +2304,10 @@ long kgsl_ioctl_gpu_aux_command(struct kgsl_device_private *dev_priv, (KGSL_GPU_AUX_COMMAND_BIND | KGSL_GPU_AUX_COMMAND_TIMELINE))) return -EINVAL; + if ((param->flags & KGSL_GPU_AUX_COMMAND_SYNC) && + (param->numsyncs > KGSL_MAX_SYNCPOINTS)) + return -EINVAL; + context = kgsl_context_get_owner(dev_priv, param->context_id); if (!context) return -EINVAL; diff --git a/kgsl_iommu.c b/kgsl_iommu.c index 23fee14..7dc6c04 100644 --- a/kgsl_iommu.c +++ b/kgsl_iommu.c @@ -1971,14 +1971,20 @@ static uint64_t kgsl_iommu_find_svm_region(struct kgsl_pagetable *pagetable, static bool iommu_addr_in_svm_ranges(struct kgsl_pagetable *pagetable, u64 gpuaddr, u64 size) { + u64 end = gpuaddr + size; + + /* Make sure size is not zero and we don't wrap around */ + if (end <= gpuaddr) + return false; + if ((gpuaddr >= pagetable->compat_va_start && gpuaddr < pagetable->compat_va_end) && - ((gpuaddr + size) > pagetable->compat_va_start && - (gpuaddr + size) <= pagetable->compat_va_end)) + (end > pagetable->compat_va_start && + end <= pagetable->compat_va_end)) return true; if ((gpuaddr >= pagetable->svm_start && gpuaddr < pagetable->svm_end) && - ((gpuaddr + size) > pagetable->svm_start && - (gpuaddr + size) <= pagetable->svm_end)) + (end > pagetable->svm_start && + end <= pagetable->svm_end)) return true; return false; |