On Mon, Mar 11, 2013 at 02:37:35PM -0700, Kees Cook wrote:
This clarifies the comment above the access_ok check so a missing VERIFY_READ doesn't alarm anyone.
Signed-off-by: Kees Cook keescook@chromium.org Cc: Daniel Vetter daniel.vetter@ffwll.ch
v2:
- rewrote comment, thanks to Chris Wilson
Queued for -next, thanks for the patch. Fyi I prefer the patch changelog in the actual commit message so that it gets recorded in git. Usually it's not that interesting, but sometimes knowning the history of a patch is really important. I've fixed this while applying. -Daniel
drivers/gpu/drm/i915/i915_gem_execbuffer.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/i915/i915_gem_execbuffer.c b/drivers/gpu/drm/i915/i915_gem_execbuffer.c index bf7ceca..89c4039 100644 --- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c +++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c @@ -751,7 +751,11 @@ validate_exec_list(struct drm_i915_gem_exec_object2 *exec,
length = exec[i].relocation_count * sizeof(struct drm_i915_gem_relocation_entry);
/* we may also need to update the presumed offsets */
/** We must check that the entire relocation array is safe* to read, but since we may need to update the presumed* offsets during execution, check for full write access.*/-- 1.7.9.5
-- Kees Cook Chrome OS Security