]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commitdiff
drm/i915: Use range_overflows()
authorChris Wilson <chris@chris-wilson.co.uk>
Fri, 6 Jan 2017 15:20:12 +0000 (15:20 +0000)
committerChris Wilson <chris@chris-wilson.co.uk>
Fri, 6 Jan 2017 16:02:11 +0000 (16:02 +0000)
Replace a few more open-coded overflow checks with the macro.

Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20170106152013.24684-4-chris@chris-wilson.co.uk
drivers/gpu/drm/i915/i915_gem_stolen.c
drivers/gpu/drm/i915/i915_vma.c
drivers/gpu/drm/i915/intel_bios.c

index 0e9b99941946696ebe604caa3a86332f6937d991..f1a1d33febcdf56f08c75a6e325ee9e012c3a8ba 100644 (file)
@@ -505,7 +505,7 @@ i915_pages_create_for_stolen(struct drm_device *dev,
        struct sg_table *st;
        struct scatterlist *sg;
 
-       GEM_BUG_ON(offset > dev_priv->ggtt.stolen_size - size);
+       GEM_BUG_ON(range_overflows(offset, size, dev_priv->ggtt.stolen_size));
 
        /* We hide that we have no struct page backing our stolen object
         * by wrapping the contiguous physical allocation with a fake
index d48c6821461108ede95400692bb22cbac1b900ab..58f2483362ad5f226b5d6bfe0ff39a6e0717a9cb 100644 (file)
@@ -403,7 +403,8 @@ i915_vma_insert(struct i915_vma *vma, u64 size, u64 alignment, u64 flags)
 
        if (flags & PIN_OFFSET_FIXED) {
                u64 offset = flags & PIN_OFFSET_MASK;
-               if (offset & (alignment - 1) || offset > end - size) {
+               if (offset & (alignment - 1) ||
+                   range_overflows(offset, size, end)) {
                        ret = -EINVAL;
                        goto err_unpin;
                }
index f6d37558301d36d51bb70fadf04d87d361465a0d..e144f033f4b5a70ee01d140a619974af81fdfcfd 100644 (file)
@@ -1416,13 +1416,16 @@ bool intel_bios_is_valid_vbt(const void *buf, size_t size)
                return false;
        }
 
-       if (vbt->bdb_offset + sizeof(struct bdb_header) > size) {
+       if (range_overflows_t(size_t,
+                             vbt->bdb_offset,
+                             sizeof(struct bdb_header),
+                             size)) {
                DRM_DEBUG_DRIVER("BDB header incomplete\n");
                return false;
        }
 
        bdb = get_bdb_header(vbt);
-       if (vbt->bdb_offset + bdb->bdb_size > size) {
+       if (range_overflows_t(size_t, vbt->bdb_offset, bdb->bdb_size, size)) {
                DRM_DEBUG_DRIVER("BDB incomplete\n");
                return false;
        }