From nobody Sun Feb 8 09:12:30 2026 Received: from SJ2PR03CU001.outbound.protection.outlook.com (mail-westusazon11012033.outbound.protection.outlook.com [52.101.43.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ADF7D2D59FA; Mon, 26 Jan 2026 20:23:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=52.101.43.33 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769458996; cv=fail; b=JV9awsCVNfF4rnWTTZ2nYxbsiH+wiZ5IHof1x4ewmsBz9m+xnCmdIQ438Hc54WaVGCI8N9Rp+/F9eZvjQv/yZXO+xQBdST7wFmteZX5EPVJKEoeaq8xAjKwVuNuqDh9ZLm23eA1LyfROsRZPZHOI+tC9B3sB98bmh2u/rLNvXp8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769458996; c=relaxed/simple; bh=quAQACGeGwSx/G4wGiIUnhx7WTx8dOh2Gorz/fBYxIE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=SKaqnMeh5FrKBP9Vf/vZFl0WT9Y/DXZDqk3HrUtVacT9whuQEp2atg938R2kTRx8b7jAx8L1OriZI4ntLN0lwHyF2Ep4V39puc1wE04kRUwUCsfqnyZdhzWlp0LoSG3U6Yl7aUzjDjKX50SU6aL6WAv1CG2xmz+dyQKeIqrQISA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=OCWjWWrh; arc=fail smtp.client-ip=52.101.43.33 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="OCWjWWrh" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=FBOvcqkVVcBnqyjQh57bJV96NegZNALbMcYP4KMrTL441+iNi/D4kMmwYPU2WzrHlrsUWGyAru5b5u8Z9jBh0nELSQzIKYkkmNSxxRzQL8nzSBVrkLg35T5leOIJphgj2IewPdvpGM8Wiep1rS5Qk9WzYhB0ufIUFLaqFt9skyz3zFSsNeZSAKx5T9qos084RB8qLtx8TZ/SQbOFuLIhberAFrRcVVKSXhH2KCIA3dP9IbG4clZUJwHnR9gzPH1jQZaH/hbYm9Z2OcYAPnjwHyorYSmXVWFk/RKWKjI8FXSw1gbuQ12gK6bljWBsY7NRTUweZaYVSUrmxsP75BVAcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=emNGAWJg6q4LlDY8LZkvYlckRtr6T+gHFR+egELQEPs=; b=syi6nqOrasbokqCSC76TGQzIxpRAvDDjOlW/xuDcPVz2qpaVSPQiKbmJ5YCHZG9Yvpj8wZAtdo8uBGZdqeWDTq++jJwiz/E6FEJhdZC23vDJeyl7iskkEDZLVSHAw0KWT0TgQG28wTQHVm9WymQIlIOUFDsWelFN8easrafuJentjf9CDnE0LCVl03T19zIgg53AOYhvCjtDe3SM5Hv5K9EQrMv6VluTLLynBaDugBudjm4gQWyen7s2PIw+rcZB8ly/4ggzCULjoRjh268skZTxZH3CYM9mtWMm1O2lcaDONpELn3KSMx0wQigQJuMm5xWD593IxnNhfc6qqgHfeA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=emNGAWJg6q4LlDY8LZkvYlckRtr6T+gHFR+egELQEPs=; b=OCWjWWrhzuGWKPuisFAUflwYVPPiotcWvSsVthUhemw2+NSu/MzgC0VNZCTJTAAlnvr79rRJZIz2NrtQE1yPUrzf+zQDzOYNql8ClR6oqn80pVXOWnFwzIrya4KmdmVO5Bks9IkhhqF+8Vu80HOPrf4YZy6NiOI9dUf/7DploI0GzBhzk+0TzkiPOouWwxVrjUoWAwCiBURg4uo/ijlAD8wSiRDtwqYBT0m+5lrApuftU/qGf+fcYQLJlC/6lkFOmELZqEEhrW6czD+mXZm7yuDLdaSKLUq3axyc+9z5JPKb4rSwdcUbsU4+c/5mfo6TB8o5mXaTqYczo8/VepwHmg== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; Received: from DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) by LV5PR12MB9827.namprd12.prod.outlook.com (2603:10b6:408:305::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.15; Mon, 26 Jan 2026 20:23:11 +0000 Received: from DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33]) by DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33%4]) with mapi id 15.20.9542.010; Mon, 26 Jan 2026 20:23:10 +0000 From: Joel Fernandes To: linux-kernel@vger.kernel.org Cc: Paul Walmsley , Palmer Dabbelt , Albert Ou , Alexandre Ghiti , Miguel Ojeda , Boqun Feng , Gary Guo , =?UTF-8?q?Bj=C3=B6rn=20Roy=20Baron?= , Benno Lossin , Andreas Hindborg , Alice Ryhl , Trevor Gross , Danilo Krummrich , Alexandre Courbot , John Hubbard , Alistair Popple , Timur Tabi , Edwin Peer , Zhi Wang , David Airlie , Simona Vetter , Bjorn Helgaas , Alex Gaynor , Dirk Behme , nouveau@lists.freedesktop.org, dri-devel@lists.freedesktop.org, rust-for-linux@vger.kernel.org, linux-riscv@lists.infradead.org, Joel Fernandes Subject: [PATCH v2 1/5] gpu: nova-core: use checked arithmetic in FWSEC firmware parsing Date: Mon, 26 Jan 2026 15:23:01 -0500 Message-Id: <20260126202305.2526618-2-joelagnelf@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260126202305.2526618-1-joelagnelf@nvidia.com> References: <20260126202305.2526618-1-joelagnelf@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: MN0PR04CA0024.namprd04.prod.outlook.com (2603:10b6:208:52d::14) To DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS0PR12MB6486:EE_|LV5PR12MB9827:EE_ X-MS-Office365-Filtering-Correlation-Id: eb97073a-7deb-4066-a8ad-08de5d18b993 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?L0dah+1IP1mI+cs/+tFBe9T/NYZvHG8tW32EalZi7rbbweWtnniUWcAmXqLV?= =?us-ascii?Q?zAlUWTDBSFnHL+r94ivxdfJLiNCl5ZoOueE/XNL63mXsE13S5FOGDs/J8xvn?= =?us-ascii?Q?+dmSzAQrisRWG2ETwdKj+UXJpelpyPQalCg3VIN3224XXpstiNTd+nnoUWG3?= =?us-ascii?Q?MQxPj4ZVGK0+qnemXpJ8AA1rcyJKxyEkwWyBTnagWuYwNV6Sx+2b2GVzTIgt?= =?us-ascii?Q?+jgPRzcPgva1DTZUgJ8CCZBMkuo1KKRjyo0/FYvhE+M8hENXH86AkH1j+SL6?= =?us-ascii?Q?jzYu/Vz78b4VcNEoJ+WjgWrFSOC7Ej03XnCRimrkfnzZjjOJzugKlwCxPaYE?= =?us-ascii?Q?zA6uiYgH5mSlKziEI/9vqGDVmorn+tcY+k4ISHc4RcvYl4KUSQHneRmYQNt/?= =?us-ascii?Q?8nWI0pwVsrTxpTiaM6P8Ea9hcb/JuTlTCl8BGxfbjc6GVZD38MambaWG+eoJ?= =?us-ascii?Q?vYv9d4LDupzjhTKYdPg7eXMC1hPrbE1eB9Ib9FoSkypZEzgxWGhcRiqfjzlJ?= =?us-ascii?Q?/EDDnonU0rTi6sUnTxp0f/ted2Vgp0PngJrksyhUYNPmJ+YhfuagocGtKREY?= =?us-ascii?Q?98BM/G+fFNwAwnqT6eYXy5noGl72dvslktnJ7kElwwC/Wmoa52ApOT/wfbds?= =?us-ascii?Q?7dcMyNcSDPuNMYhcaDIVeVMBLfvt6jxB52Awxq9rHbrYqzAWwCGKNpv65bzT?= =?us-ascii?Q?FUrgLeQwj1cjUB4rvPauoBgV881pcFhlInAJh+L6w4QzKdeiZF+6NffDd9Gu?= =?us-ascii?Q?zzZfJKyCzHDAUjQFgdLG3hPVKmz+1aFI8bhGVeR/O0uOawapPtG5G+uhqya4?= =?us-ascii?Q?zq6TTAfWYCZrMM4Deyjgwm3Wh6WNW2tXCyPs81zZtzCYE6WTg+c80FeM52cV?= =?us-ascii?Q?9uHAxeLiJh4yT9nE8iEeyR887+WcJImhgh4skj2YR/w7yIpU34wlZkJjekhH?= =?us-ascii?Q?SNtUwOIJg7/p3XU+z1J40q75335GhGWEYoOfBBIjBFQz1bLlSgz8aMweMEKA?= =?us-ascii?Q?1xrTdvVLCLFv1jAPhAoQR3k9xHfQDrBWuPutT6HonK2ZaFYV70hs4sk8WQL5?= =?us-ascii?Q?mzuDb3kukgq9mvd/QvJTEOxx30MRQAbGi7UZIgIcqvJlK7Q5dz9WEsf8HtaZ?= =?us-ascii?Q?2oHvQzmCXdgxfuCPnzkbkfCtJ4ihoOdQN26ylX9FFBEdGhdiQ/ZX/aV25VzL?= =?us-ascii?Q?wJdkZN5cGq/TSnmYpO9yEGvEW9zAVtDQUUTT6ikvKpUEDkiJAqHsSJLzm2FE?= =?us-ascii?Q?5U+02X8GBbu6657JQsSwt5bLbH6fgbz1YxsFXXOgdP7nZS+MRZGZJMq5PEN0?= =?us-ascii?Q?oAtAAE2ZPz/5CAmRFckGKNWWdj/OuWjIyurt/oxkBNUJw2FxNKOq5CY4wMMb?= =?us-ascii?Q?ItlV9LkANxOT/aNrTBdVwe+Iw99rIcjRwrfho5gGpFhgFqqDT1DcYpvhYFNj?= =?us-ascii?Q?+j32P/9ybvptU8h0WPImmqj+QyupgZPpPHqnS501ThuNxMlsweeazil0qFRg?= =?us-ascii?Q?gqV9sK8QrwUd+VshPtbO4fCQBK8FyxCtQtkK4OyTJfFUmGAYi9Ge2/8KqLiC?= =?us-ascii?Q?DFCqxDRqz0C/D/YTbZY=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS0PR12MB6486.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(7416014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?orzSp7fuJC2F8F9UqnicJaR8GyEMZ5yWoQMP0VHo3dOjP54VlXWIrjn3pNbC?= =?us-ascii?Q?mNOSV/9MAyRMNUR86YC5CCU+YP2aJFI+RR39uqbiTJmAhWZ0j/hqkYdArfVo?= =?us-ascii?Q?XoPj5N0u6TTMCNxR5fa3dzr8d6ZFIyUxptBrO155Gn7+ScCh4CyrQo+F7vM7?= =?us-ascii?Q?z0ELZ8ml/7FaZ5cefFBL093ow4CE3wINESyNN3ROCIwm4RQObytvq+mYSTEv?= =?us-ascii?Q?1mFmqui8no7YMK+rH7vCh8KqiKs2LnohP9K4nq9/rk55SvZtQprN7+vnue/D?= =?us-ascii?Q?7CYWryWqSTOwDk/HPL5sHConH9wmx0Opcd6ykcxTxzcTLKGf9WPlvruMft5u?= =?us-ascii?Q?aIw5WgQq6OaC92isXQCffx8SaL6NijEPKtkTdz+Nb/MSpnbJeeuNjGV8soXt?= =?us-ascii?Q?oq9Y8bA314bUeFuGMRG8kC2uJCZhiKUrKfUcG4zv669xe8PJAon1R8Gy3SRW?= =?us-ascii?Q?2F3frhf3IdZaz+DE1noLp9a+I8qUyxdxGn/r6mIfk872J95GWMIe8PywOMgv?= =?us-ascii?Q?zMJP7Wlpgm7Xjs5jIK9jK37KeC5YJGrc+1v9Vwz4rwoYakjDdmP6GptLaRIF?= =?us-ascii?Q?rdzTHGOsbg6EzDexcoY3gF9t+IbdWUNCYtvCBLBjS2sWRmrR9WxBxZXMBuxq?= =?us-ascii?Q?7Mm9WgPfyloJ3cBLTdfgm8wfBdaYTrL4vtWkrbos0SSImCmDxTKlPWyC3j7N?= =?us-ascii?Q?vhu9Kixg4H2x/Wvbh1l+uXNBeXFYSZ9Qcmb/DJFZ6fAW6+zSF7XTeupy/vH4?= =?us-ascii?Q?5miThPJOg7ciQT7gKrVfKVF+mUghPKvWmQRB9bMSP+jkZqpMGt8K7m0UnGtc?= =?us-ascii?Q?c4mxopky+ehidH8g0THcnSaavKGVKHfvsDSyv+mUQaa1+p4njA7xM462I1rm?= =?us-ascii?Q?N0FNcZ+FuLqzRg9ny9kniCMouXgd39DC1mVATfV7OpYvaHlQSZ1FVH2TvIiq?= =?us-ascii?Q?pyzwvCIKPboK+6CtNXMx/sXv159R/Wuk3d3pDBhO5w9oxqIPfRn9Fq3V+R3I?= =?us-ascii?Q?FOSZwjm2OBoaHAzGcYTZHTRP+U3HR3JqjiGC/CfygxVlor5QLI36aDQtgAip?= =?us-ascii?Q?Z1Qo7J31LAtlPJmsjJUASYed25jmHwI/p+qHagRb/UjLnnGbvTYEmrSk30a5?= =?us-ascii?Q?48itguUyi29a1mG0gbJcTNKOOxMF+52QeMB30w/43ASeYxkCIO733JuQdBkM?= =?us-ascii?Q?JqWoesLURvSXhsju4eYmXLDC3n+kBV3qY7F7X3XdaA0S1yNqgXMjTQdCU6pX?= =?us-ascii?Q?Gacj6h2IwEARtzshd65pCCDkBtDjrnrKAP/+WcilQewqTKjUv0l2yvlSv1As?= =?us-ascii?Q?hhL53/jFnADXkA26IurO8151hec/Fo+rVgHRHgv6clxQxan2vS5fdQUt7JNn?= =?us-ascii?Q?P14iFffsWd3qw8EKYat1jmoc4OJNN6+K/IW7Saj+X9/5xfkZAETKXZsqcNjn?= =?us-ascii?Q?V+ICohuQ5bPqOR1AUJiNsVeFNEswV9iEQW0x4ujZ+46N3bjmCNDOkWxpD0JZ?= =?us-ascii?Q?7dEB2RAYIsdCMjdpzMErVH5H8ZjqVHoRlZbAw4zg8PimZUnsIIM5CGQoCLRE?= =?us-ascii?Q?oYvKLID5ESgPk+dDPXX/Q0ZUZn9CAn256oUG+j1hktWUTsjq4NJPvXJ4dk9H?= =?us-ascii?Q?bfk8bLtuV6aTw1Xnd+5/Yyt+SmKdkFoIAJnOHf+pzSJzvdFXpWT5uvght788?= =?us-ascii?Q?b9VdRRR6Ogv5Pbf5x3BeGLLWPal2H9TXli84ZQYDtBr7hNfjrscUrp0408m4?= =?us-ascii?Q?6zP7Qyar9g=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: eb97073a-7deb-4066-a8ad-08de5d18b993 X-MS-Exchange-CrossTenant-AuthSource: DS0PR12MB6486.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2026 20:23:10.9116 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: hBALSfAkPM9879pm9fhiWXkfYjyLQ7Ti/X0uyume9o0zK8ODGNQW4maiyRggH1L5oZT5Otk4fd4EMrHeS5FrOQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV5PR12MB9827 Content-Type: text/plain; charset="utf-8" Use checked_add() and checked_mul() when computing offsets from firmware-provided values in new_fwsec(). Without checked arithmetic, corrupt firmware could cause integer overflow. = The danger is not just wrapping to a huge value, but potentially wrapping to a small plausible offset that passes validation yet accesses entirely wrong d= ata, causing silent corruption or security issues. Reviewed-by: Zhi Wang Signed-off-by: Joel Fernandes Reviewed-by: Gary Guo --- drivers/gpu/nova-core/firmware/fwsec.rs | 60 ++++++++++++++----------- 1 file changed, 35 insertions(+), 25 deletions(-) diff --git a/drivers/gpu/nova-core/firmware/fwsec.rs b/drivers/gpu/nova-cor= e/firmware/fwsec.rs index a8ec08a500ac..71541b1f07d7 100644 --- a/drivers/gpu/nova-core/firmware/fwsec.rs +++ b/drivers/gpu/nova-core/firmware/fwsec.rs @@ -46,10 +46,7 @@ Signed, Unsigned, // }, - num::{ - FromSafeCast, - IntoSafeCast, // - }, + num::FromSafeCast, vbios::Vbios, }; =20 @@ -267,7 +264,12 @@ fn new_fwsec(dev: &Device, bios: &Vbios= , cmd: FwsecCommand) -> Re let ucode =3D bios.fwsec_image().ucode(&desc)?; let mut dma_object =3D DmaObject::from_data(dev, ucode)?; =20 - let hdr_offset =3D usize::from_safe_cast(desc.imem_load_size() + d= esc.interface_offset()); + // Compute hdr_offset =3D imem_load_size + interface_offset. + let hdr_offset =3D desc + .imem_load_size() + .checked_add(desc.interface_offset()) + .map(usize::from_safe_cast) + .ok_or(EINVAL)?; // SAFETY: we have exclusive access to `dma_object`. let hdr: &FalconAppifHdrV1 =3D unsafe { transmute(&dma_object, hdr= _offset) }?; =20 @@ -277,26 +279,28 @@ fn new_fwsec(dev: &Device, bios: &Vbio= s, cmd: FwsecCommand) -> Re =20 // Find the DMEM mapper section in the firmware. for i in 0..usize::from(hdr.entry_count) { + // Compute entry_offset =3D hdr_offset + header_size + i * ent= ry_size. + let entry_offset =3D hdr_offset + .checked_add(usize::from(hdr.header_size)) + .and_then(|o| o.checked_add(i.checked_mul(usize::from(hdr.= entry_size))?)) + .ok_or(EINVAL)?; // SAFETY: we have exclusive access to `dma_object`. - let app: &FalconAppifV1 =3D unsafe { - transmute( - &dma_object, - hdr_offset + usize::from(hdr.header_size) + i * usize:= :from(hdr.entry_size), - ) - }?; + let app: &FalconAppifV1 =3D unsafe { transmute(&dma_object, en= try_offset) }?; =20 if app.id !=3D NVFW_FALCON_APPIF_ID_DMEMMAPPER { continue; } let dmem_base =3D app.dmem_base; =20 + // Compute dmem_mapper_offset =3D imem_load_size + dmem_base. + let dmem_mapper_offset =3D desc + .imem_load_size() + .checked_add(dmem_base) + .map(usize::from_safe_cast) + .ok_or(EINVAL)?; // SAFETY: we have exclusive access to `dma_object`. - let dmem_mapper: &mut FalconAppifDmemmapperV3 =3D unsafe { - transmute_mut( - &mut dma_object, - (desc.imem_load_size() + dmem_base).into_safe_cast(), - ) - }?; + let dmem_mapper: &mut FalconAppifDmemmapperV3 =3D + unsafe { transmute_mut(&mut dma_object, dmem_mapper_offset= ) }?; =20 dmem_mapper.init_cmd =3D match cmd { FwsecCommand::Frts { .. } =3D> NVFW_FALCON_APPIF_DMEMMAPPE= R_CMD_FRTS, @@ -304,13 +308,15 @@ fn new_fwsec(dev: &Device, bios: &Vbio= s, cmd: FwsecCommand) -> Re }; let cmd_in_buffer_offset =3D dmem_mapper.cmd_in_buffer_offset; =20 + // Compute frts_cmd_offset =3D imem_load_size + cmd_in_buffer_= offset. + let frts_cmd_offset =3D desc + .imem_load_size() + .checked_add(cmd_in_buffer_offset) + .map(usize::from_safe_cast) + .ok_or(EINVAL)?; // SAFETY: we have exclusive access to `dma_object`. - let frts_cmd: &mut FrtsCmd =3D unsafe { - transmute_mut( - &mut dma_object, - (desc.imem_load_size() + cmd_in_buffer_offset).into_sa= fe_cast(), - ) - }?; + let frts_cmd: &mut FrtsCmd =3D + unsafe { transmute_mut(&mut dma_object, frts_cmd_offset) }= ?; =20 frts_cmd.read_vbios =3D ReadVbios { ver: 1, @@ -356,8 +362,12 @@ pub(crate) fn new( // Patch signature if needed. let desc =3D bios.fwsec_image().header()?; let ucode_signed =3D if desc.signature_count() !=3D 0 { - let sig_base_img =3D - usize::from_safe_cast(desc.imem_load_size() + desc.pkc_dat= a_offset()); + // Compute sig_base_img =3D imem_load_size + pkc_data_offset. + let sig_base_img =3D desc + .imem_load_size() + .checked_add(desc.pkc_data_offset()) + .map(usize::from_safe_cast) + .ok_or(EINVAL)?; let desc_sig_versions =3D u32::from(desc.signature_versions()); let reg_fuse_version =3D falcon.signature_reg_fuse_version(bar, desc.engine_id_mask= (), desc.ucode_id())?; --=20 2.34.1 From nobody Sun Feb 8 09:12:30 2026 Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012049.outbound.protection.outlook.com [40.93.195.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 61F832D5C9B; Mon, 26 Jan 2026 20:23:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.93.195.49 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769458999; cv=fail; b=hIb9Uu5F6qewNYlvKXV5ZMRBucR8deEYud5vak0pZt/OLOPKCNs4voKRMsGAIR5qUEXbqGy8jfsq9AJEBuBp1s99vcDmi5K0aWIiMdO18jWE08wXJW8JaQOONxSWSueApceEGndmQzoFjcYpl0R7EQ5YqIcZTlSaZfWEY61kcTg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769458999; c=relaxed/simple; bh=4WaoyFDVlqYPYOMA9yn88oTSchPDin4Yz+YaGFw6eAI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=R1gB5lSlGinS/EcfC6rOSVwA1LV2UpUVoHCF8RQVIv41UJqZvldecsrmXEDZM8gdnM7sMxha+Rg1pSumYqrgQaY0uPK3wOXmEX7T9jSsYSg3zpWXM3emUlR0iRbD2l14yBoa9Jk7LTbIO9gilrZFWH3F9mfu2WYhfx8Us8p8OUI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=ont6mIPe; arc=fail smtp.client-ip=40.93.195.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="ont6mIPe" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=oVjgWB9u7tpob0YquNgNV5q60SoMSQRHRqX8GY6DvsYWOhnxO1FEQKZWFaoSpnvNSpQRxBF9BxhKNy9/Ivt+t3sdxhoPNSQrpuOzArFy9/br9Uk/nEO2RAu2HqMfq8XAiAIhxft/5f1MkoCJqsz8jQL+RhJ+Ti9wWv3q/u71Xx5UukOAzdnBowdJmJvwGz+QBOF3UFz6iK6bH3dN7tTcAtug0V3xFDgMcdZRPIRWyvMkfNAxkr09pQp7XIU3dWGkjJcv007CUKdDDH5ggMxs/JU6o8KZItPX/L9rfwEEt4TytCFOoKzUlKwdJeNRu88rDOZa9vecy9BDZT0geZh6ag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FNv0Onnck5c0tq+xq3hg2s+92j4SJEOni/Mx6b12OW4=; b=LX74GruD7OFu1BgeeZa3IHOKym10CADIqat+NMRxAalsLtwbdcPZX0Ky7LRRx9Ccc5oMFk/P80hY/FuucFOlB+ob2kTAaMu7UpNGi0NpNUEkruPJX+ieLAamUiuAh9+OHvy+bw5J2TlJIDIgPPu2576AZILwFXo7ILroCecXg5MsOOmDAtfflp6uQjkHwvi0lCnHGIFsTWsoSkstLJGEtGjnQjuR6GckMoNDkxnFqkOobEZ2bYaTC+i3Et57b0I5jyag3JAZSqjlSZYJrKv8epi0SwXPX+VKsKaDeghUM5YoHAcjF08lfv22RMeqX9ogh0N+9dxRYv6EaEq1u7Eb1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FNv0Onnck5c0tq+xq3hg2s+92j4SJEOni/Mx6b12OW4=; b=ont6mIPeU8crpQka1RndtOobxFhNMCZxXX6JMFmEjOPEMfaFStEQCRA5nu7kcwSTGPOZU6ZXuhCTouRppvWkW2Pvmt9Rq8Yfba2cNg/JhXElhnkNm/nmhI+4E//kumuJIyObD2R5Cpp1QgSXFCBPMKA17sQ4QwFOn+aVZBaykAiFdCrkElulbVmYPzyjYzeNUxjbmoWrhPfZoK0mdTqrIxGmPxxJ6swnD2dasWcCfJ8Myy9nWKOx7yy0yj10Y5iJO3ExTv6/g+7v1BEXRnQTRsoGC/hp4JmL5RSXpdYkv1q6ETiZdWeqqzrj4ZM/PyqjFc4rPmj8cEkBR76wR0P/BA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; Received: from DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) by LV5PR12MB9827.namprd12.prod.outlook.com (2603:10b6:408:305::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.15; Mon, 26 Jan 2026 20:23:13 +0000 Received: from DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33]) by DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33%4]) with mapi id 15.20.9542.010; Mon, 26 Jan 2026 20:23:13 +0000 From: Joel Fernandes To: linux-kernel@vger.kernel.org Cc: Paul Walmsley , Palmer Dabbelt , Albert Ou , Alexandre Ghiti , Miguel Ojeda , Boqun Feng , Gary Guo , =?UTF-8?q?Bj=C3=B6rn=20Roy=20Baron?= , Benno Lossin , Andreas Hindborg , Alice Ryhl , Trevor Gross , Danilo Krummrich , Alexandre Courbot , John Hubbard , Alistair Popple , Timur Tabi , Edwin Peer , Zhi Wang , David Airlie , Simona Vetter , Bjorn Helgaas , Alex Gaynor , Dirk Behme , nouveau@lists.freedesktop.org, dri-devel@lists.freedesktop.org, rust-for-linux@vger.kernel.org, linux-riscv@lists.infradead.org, Joel Fernandes Subject: [PATCH v2 2/5] gpu: nova-core: use checked arithmetic in Booter signature parsing Date: Mon, 26 Jan 2026 15:23:02 -0500 Message-Id: <20260126202305.2526618-3-joelagnelf@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260126202305.2526618-1-joelagnelf@nvidia.com> References: <20260126202305.2526618-1-joelagnelf@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: MN2PR03CA0013.namprd03.prod.outlook.com (2603:10b6:208:23a::18) To DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS0PR12MB6486:EE_|LV5PR12MB9827:EE_ X-MS-Office365-Filtering-Correlation-Id: 84a28dcb-4ccc-4f9c-5e33-08de5d18baf3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?zF3MDgXFqxCytvmZBM7b9lQ6qBhqoFF9JrumDIejK1bMnMCHG61ueLiI9iEJ?= =?us-ascii?Q?SDXQSfKRdC2tVFvRUsMWLNWEtnm0US7w9asfcol/VO9Zmy5hEWhmDTIex9Qc?= =?us-ascii?Q?w34iAsiDBQ/iACHgUnPLvG3X4IGn8zPFv826S20azEaPjHaUObg/BJZtyjcN?= =?us-ascii?Q?7Qw7+e9pWQX697hRWS2JANRWLfnngh1P3MQfMGNQWkmZF+P7e84ItjxqJiNP?= =?us-ascii?Q?IV8io8RWVCGPsNh/K+JlvD4OxuaZaDj0aVFPHweuTPtPVLqASUtKD6ZLrHag?= =?us-ascii?Q?4U9nXQcAA4voeIvlQpnzAUTjw0iyCVw52clu7Qh4KAhcpWbW2oqIUNeLzbxx?= =?us-ascii?Q?G2a4I9b4j0Xyah/k1FsPsmEpZJtP66hoE/eyIqDKg3cxACZ+WG8MO1tcIHD5?= =?us-ascii?Q?HPOoHBMooTVjggn8N5F6Rt7fEWj+qLmLfNlPXRS7MF88pwx6Fjh9qpXzpNHG?= =?us-ascii?Q?9s7kfO1T/2HxIm9ymmzBFlQsZSIHZlxDeDGF9ERyjpT7HthA7fvPNLHSOqAY?= =?us-ascii?Q?FdyLVJ5qL3MV6NZAa5twUntGOBoacBYcmyZ5fGjhG/SSLF9/1R2iph4X7SWB?= =?us-ascii?Q?xpMdKA7XVswoI2tUqwEQ1zOKZqmzWgrok0M+2DUzCxtSlFCp7zjlMYX829xZ?= =?us-ascii?Q?c5UeyKT4C59Qxshossc+tRTsqyYSblUaZJjD+2KIXBkYfLzEQfWpLMKbPHK6?= =?us-ascii?Q?FIgvhCPWmwAHLH878zLzImK4ly9pwYxtOKP9qAASYfY97evOLCuZVCwo+SwC?= =?us-ascii?Q?zbQlvtFgWj38dIa32YEfqev6l3PmgZla2DBNy+kLMRmWiVdcIUFVrOZ+PlWK?= =?us-ascii?Q?/HRnIu6tqkj3BbN1iCUY1p7BVPDlE7/UjA7gUSONkKhStkiLGesmwtj1KjJ3?= =?us-ascii?Q?h3c78UlIm+TVDwq8VHGkqLV7vFfZRNZElQbegV7jm4uumec5jUTxtbbzVmJD?= =?us-ascii?Q?u1djsj+eM+ThIDqxx4Oj6/6bQEgDGMtrLpAWNTnViIb055hlFSXdtGucFYJ9?= =?us-ascii?Q?QJ/eE5DlNiMSUyigT4ak6R3UZvI+dc11W2zwQTaqRQm7RXNFWnBiBBQW/lKp?= =?us-ascii?Q?/QKknxJwsijsPfiOYC0Jks6xrdnVCK9YSaqE30imoruVRYQrb0Jjh7/yjMaW?= =?us-ascii?Q?BwRP1tjqcczZDo8ZZVT6tpF0uwWRY320P161fZEGdWazCYh4p/FuARTs2Llc?= =?us-ascii?Q?LUNLDlLPcAJL+EH6boLdy3y1qbynj78WS0pLlZAMOkTy9xGk5oQY06Db1qMy?= =?us-ascii?Q?bfwx24MzpZluG6jvK/a+M4mB1DZ2b+Sw4MmnCkDAqsMzvk3Yz/7LfCKIvdi+?= =?us-ascii?Q?Mf2RhR+fa++uKg9Y/GFN/1DwGPHnhPuMgfDRUSxrOZHkcUAMwoF0PlOn9iwg?= =?us-ascii?Q?jClb5dIuk2cws9yFNcLUaT8gdzIXMYwbRrmB+ZGWNkrGsGGo36Kd3YrFiHJV?= =?us-ascii?Q?Xi7b9ST7Pbl2vle+s8nP60bwZDNTENQylECTIqcBKaIr3dTavSpZ2n3aERcV?= =?us-ascii?Q?+n0Q1sjCrk1kMDR2zylnjE0en7yjiCZSd7Av2RJ0h8kQvcdDkftttM3UCgbF?= =?us-ascii?Q?wiLtIozfOLVdOXarmPc=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS0PR12MB6486.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(7416014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?P728xREyq6hP3VDVacb2SCOKV0nnfeWis4HVuOIjRbWJ14qI2KVCtBDXuAp2?= =?us-ascii?Q?e0QdRtCoFa5tOJzS0O9iTlHZy3suVll3vojsrLzoYmVSHdpL3NvtDlVBREPq?= =?us-ascii?Q?6rl9w6QJipkOK6bsOpCo5qgTaWHShNLiu23xByV7g0/tAtZftLbqNn/HiArJ?= =?us-ascii?Q?0ke/7ClIpSE2zVFoCHSM80jE615s4H2/tYOBEhPYifhMabS8xRnhAba++kwI?= =?us-ascii?Q?cmbVd6L4MuCVuDCa3v74zIKuNivihiDqRVpQENSIRPpz+EkrwBJfIr3E4Sw+?= =?us-ascii?Q?Y//hCOvJeZAieMaUuaJq61pBYkN8vmUkiDlXoxzcdNha9mVMn2t0TSW2BQb+?= =?us-ascii?Q?6OEXfpSc24LnUSk/M6ti6296pY/FGC/++rdqNRfCYLNC7aoryEXesswqF9iK?= =?us-ascii?Q?ZAlm37hSn7Lq0G6rSNbvkExuw9aleoXzoMLtKUkqw+WgYCAMG6xqpNYz1k94?= =?us-ascii?Q?aMR7XhSBwZM+SX+s7oGU8+gY3c8DRRLiZ9CmDN+R0pnMis8aUUksJu34fb9k?= =?us-ascii?Q?Cv9ToOQI3z3iEVwZ8q5rtG3GpCjL3wfTfJFceIRyOuCTxYDTe1qMkMk2eXbz?= =?us-ascii?Q?v9AIkjOFJhF+KV5MMRvPqUZOI/Vob0FRJz/oaAa14Rj9QryJkQbI1H8e/GiD?= =?us-ascii?Q?zBy/+HVmexVk7ry/xRIfKAyFzF6mxT0Xqyv3E2MVz3P7223BbiDTBbMxKQhA?= =?us-ascii?Q?BdrkeNgEAni6kLSe/pVU4Rr11FY8XKt8mHF8YbcFJ5nxo1r00JJMnf83wzV6?= =?us-ascii?Q?zZz5BH96VQcyqjQ/PnSX2MOd8TbFNX7Tq1WCVcj14Ajyh2qzosQd7ozGYQA6?= =?us-ascii?Q?fOjwRYKUbM7pn/kG+4gwgFHUgTj5MTpRblaRz6fZLipgv5Ipg0quf9kYIOWe?= =?us-ascii?Q?g0jk+CxqHBfOw27pUUFdqubskC3LGCEzhwbni6z68hYO1i3Za8LYIImJnxVQ?= =?us-ascii?Q?gtykq8AJUqgVsstn/Oh0cxXtdNvML6gVbTIyH/QIwXuaLQJ6T/RACr9CErgg?= =?us-ascii?Q?A6npXqi9JAxa+EcbP6Z6Dyl9G/qjzzFi815BE+O0j0P2AyRACKmrUKaSI1YW?= =?us-ascii?Q?+omvQGB66HfQiDCkXf2uA1JQDN3BmqNTJdAcIlTcrT1pI+1mALsbo1FUmoT2?= =?us-ascii?Q?hxrLViwY74lnT7VLQZ67QTiN75tbGBGIWSa17NXIIgmz8L+l+NyWE8bYyjR+?= =?us-ascii?Q?R4xo0J017C2doSw9RIMxAQTfM5T5avmN7akE9FpAR45UhP0wrs9qpImV2vh+?= =?us-ascii?Q?gZ5+yzBO83xjmMdo0TKbZe/M2/MhlgNktm9/2fFlxSgjDso0JGRm1LzFMB2h?= =?us-ascii?Q?2NuXUzPiKAROk3R1BWksse7uG87WxB8fnvNcfKbKmkyjf9qFkNkf42CFEthk?= =?us-ascii?Q?DfVrqyTlFBAXstSlxeHCbRXo4x0kva6x/uhf+GkLf530a7QQmSY8pBO9c3Ca?= =?us-ascii?Q?TLrXN2oaF3iT63qRVO3dqVZInExpL/j2VeKmrSSaFZeRLcrdjlno3qJYPScc?= =?us-ascii?Q?zQdcEWrgUoBDq7obciyxGZHAbDJvnuHmEpXtEW1zNMywFqoe9kpKp/DwkeWy?= =?us-ascii?Q?dYgu+LAtzbYFuLEZVUjYSYdM/BVL00xmG/dx2Bx4mrlg20hGpQoXxrKEL4C6?= =?us-ascii?Q?ZDJyGeJVd/k6qkCeahFeCSruSZdFggy3rbIYy9UIFzWv3uTg3yuNZBCn8ghv?= =?us-ascii?Q?LAD7kZcdsWmZy1kJfnFBuHzHczOrYPr0TNvDInh9K7hbwUTb/XZO37+lyvdj?= =?us-ascii?Q?vilxGGxh7w=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 84a28dcb-4ccc-4f9c-5e33-08de5d18baf3 X-MS-Exchange-CrossTenant-AuthSource: DS0PR12MB6486.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2026 20:23:13.1594 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 4wqyUm1zsBu4DCCdLkNqX7dsgNG4uhpsI55PI5zsOOOo+JLatNTNeajPUVCAv9Col33xr1Diq1Uw4JU2Lc94bA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV5PR12MB9827 Content-Type: text/plain; charset="utf-8" Use checked_add() when computing signature offsets from firmware- provided values in signatures_iter(). Without checked arithmetic, overflow could wrap to a small plausible offset that points to entirely wrong data. Reviewed-by: Zhi Wang Signed-off-by: Joel Fernandes Reviewed-by: Gary Guo --- drivers/gpu/nova-core/firmware/booter.rs | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/drivers/gpu/nova-core/firmware/booter.rs b/drivers/gpu/nova-co= re/firmware/booter.rs index 86556cee8e67..40ac7e66d228 100644 --- a/drivers/gpu/nova-core/firmware/booter.rs +++ b/drivers/gpu/nova-core/firmware/booter.rs @@ -119,14 +119,23 @@ fn signatures_iter(&'a self) -> Result> Some(sig_size) =3D> { let patch_sig =3D frombytes_at::(self.fw, self.hdr.patch_sig_offset= .into_safe_cast())?; - let signatures_start =3D usize::from_safe_cast(self.hdr.si= g_prod_offset + patch_sig); + + // Compute signatures_start =3D sig_prod_offset + patch_si= g. + let signatures_start =3D self + .hdr + .sig_prod_offset + .checked_add(patch_sig) + .map(usize::from_safe_cast) + .ok_or(EINVAL)?; + + // Compute signatures_end =3D signatures_start + sig_prod_= size. + let signatures_end =3D signatures_start + .checked_add(usize::from_safe_cast(self.hdr.sig_prod_s= ize)) + .ok_or(EINVAL)?; =20 self.fw // Get signatures range. - .get( - signatures_start - ..signatures_start + usize::from_safe_cast(sel= f.hdr.sig_prod_size), - ) + .get(signatures_start..signatures_end) .ok_or(EINVAL)? .chunks_exact(sig_size.into_safe_cast()) } --=20 2.34.1 From nobody Sun Feb 8 09:12:30 2026 Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012049.outbound.protection.outlook.com [40.93.195.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 138E62D594B; Mon, 26 Jan 2026 20:23:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.93.195.49 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769459001; cv=fail; b=fL/q4vQ5iCvzouP4Cb+OwchA0hMzFEFYCqaHlvzbpcdS8fGU37cgrLgD52p66y8xH0iQY744dSacqsPrXHxpgTUZiNWaTo7Yjx31s1z7uU4cglEK34LgsuwkYBDVZpHFntOMZquzU6+HBGkFfnX9wkY1STVJhm197L3kFEGgBII= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769459001; c=relaxed/simple; bh=TseTBS9T3D2CJmQboPXcMaErz43SFBFfG0oCNcruC60=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=ctLOo57MxSNY0rJO2AX+VUqqRZwQTMW0QzgkfM1JLq5EvDkzJJp93xw+jQkAqO1Yy/VH9ickrBm7luFTy2VGNmg5mehpVkOVd5d+e3m0lmOB+GGZXrgeMNmwGJgwILMCjHtLJrp4YuoR7rWpTNgppGPuMc8uSRxyr4zm2uXEXKw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=UdtSN6Nl; arc=fail smtp.client-ip=40.93.195.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="UdtSN6Nl" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dsKCO8O0t3JimkFgdPHroD08fgqbhLSRU2t1ozb5ADXAO4V7cKd7ceNOvcsPJBiAlV0tnXveBamIh/Ph7Z4awcadmLn13NR/9x/RiR/SGverRElP5mfmlbNKdWyPjjyaOw2N6x11QMHdQ589CVU8rd49dceaCGmEbwjTQlNwyS3+Ly+jVSJLwIcueU1phYNNVJGOAJChgzOEuiu9ByQXVRCcg7EPfw4kRtx+uMc2EKBOawfGEZwdX/SseVHsE64iHO+VSjlDKtiPkvPVuuZwjypIiEDGg6QKZnFuk7kv0YpH/fXN298xWoCpO7VmBsrsJbZO8Sjt82iVRYMK6h+yrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CR7y9ABhJFTdgTrB9RQbGWyU6hRgNWjPb0U4Cu/4C2o=; b=XohtVjcp3Q0mdRSx9n6Cv+jCWc7rpvKe9fzlo9F86DmOOURD2v92q+TUWRSd0qtbIaxIpi/mlH0aiqkO6yq9JIrtQeTtIobEXg+az1agfITRUtbLAe55x4kgIGSyk6z20Y1a6DH+pvOWPO4zVN0zyk5/s6lq8+l/PlFfCmAN4VJIjQHQ4PgKmZpRUOWR29nbM2wjakixvEecoMrRVF8cbFEQIdXPDfO61/D0w45nHdHqxbr3qA2SRvsH3sV8/4MrkS9Z5IAxfjaaojooxKLmMbZFG7R7doOc97vVmzGyGspbSuvxUw7yY9QsnrNMZk7CtitBI6ihFZ8OH6diUtjDBw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CR7y9ABhJFTdgTrB9RQbGWyU6hRgNWjPb0U4Cu/4C2o=; b=UdtSN6NldMsGkR+AIz3uJSHAdLj0e81uzU0S/v9uBKkIZYKcOZkwd4g99+C2wphZQw+UJMmXZ1cXeG8GWPJU1FTtUZZNR6lZ0MaPVFJvMCZE21h3tiKovcbuORtkbB1PMgjrO0Hp2SCF60cY8ne+SiPcpQSFCKenPuJOI+OyAEZQplMi6V0qfL3W4kLURnhfztdhIAgbBdnGNVv7lo7uaSUzQY40a+DjuZQ5AA6zJbknYcjqeSyiDTf0TrTPQrbzOuzjOC3ismJfs+5UrveoRFFsR/+yHJMmv4xSGR1GjEPJHLqv1Cw14TTD62x2q2Cx9pzR4C97ngwj3+LDUn3pcQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; Received: from DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) by LV5PR12MB9827.namprd12.prod.outlook.com (2603:10b6:408:305::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.15; Mon, 26 Jan 2026 20:23:17 +0000 Received: from DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33]) by DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33%4]) with mapi id 15.20.9542.010; Mon, 26 Jan 2026 20:23:15 +0000 From: Joel Fernandes To: linux-kernel@vger.kernel.org Cc: Paul Walmsley , Palmer Dabbelt , Albert Ou , Alexandre Ghiti , Miguel Ojeda , Boqun Feng , Gary Guo , =?UTF-8?q?Bj=C3=B6rn=20Roy=20Baron?= , Benno Lossin , Andreas Hindborg , Alice Ryhl , Trevor Gross , Danilo Krummrich , Alexandre Courbot , John Hubbard , Alistair Popple , Timur Tabi , Edwin Peer , Zhi Wang , David Airlie , Simona Vetter , Bjorn Helgaas , Alex Gaynor , Dirk Behme , nouveau@lists.freedesktop.org, dri-devel@lists.freedesktop.org, rust-for-linux@vger.kernel.org, linux-riscv@lists.infradead.org, Joel Fernandes Subject: [PATCH v2 3/5] gpu: nova-core: use checked arithmetic in frombytes_at helper Date: Mon, 26 Jan 2026 15:23:03 -0500 Message-Id: <20260126202305.2526618-4-joelagnelf@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260126202305.2526618-1-joelagnelf@nvidia.com> References: <20260126202305.2526618-1-joelagnelf@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: MN0PR05CA0003.namprd05.prod.outlook.com (2603:10b6:208:52c::33) To DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS0PR12MB6486:EE_|LV5PR12MB9827:EE_ X-MS-Office365-Filtering-Correlation-Id: d3834c66-24d5-4f77-f707-08de5d18bc26 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?cKb20ZCVL5NnXUckC09AxyJMJFkjvljMDNyvqErgTnBTnCCIBoDxtO7lppay?= =?us-ascii?Q?CxNp/aotVd6cqw1EjgTA2Z9Y8fxZF+UR319fq0TPlZ2y0nME9prq9YR1V6Pc?= =?us-ascii?Q?2ppanXb0PIoyoYWsfQMI3GZJi4tAlIReT+kUFhRGSw3CyswJv5gZjM/MAnZc?= =?us-ascii?Q?+1ASWdLQx0P/EKfwTWlMXlJPeCuB3WL/4IX3t2DQs21dBzfFyfRM1aG8EiBR?= =?us-ascii?Q?q1wP/shri7Zh1x+I8PWm3d2IfSrJIlxwS4ENLwPKlp1lKfWkLWj1crhBkm/u?= =?us-ascii?Q?g9MTGcO6CkFQVK3UwafXXyrEq88lnfGFRIQYS6jn9gVxyB15gROxCbYaMaDS?= =?us-ascii?Q?5Yx3pGsT5UHg8t3L8gnlIj0FjzDD8DUomLa5xZFGY4Gt0C8O9mi/7TRJm+vt?= =?us-ascii?Q?zWK/rjDGrQPScerpvO2p3cwU+DHVZhXK3ZvLZ7ksaCWwHZexpql4jqsZ7sS6?= =?us-ascii?Q?g3HXpD29QlQZ8xHfDSPhU1kqFCsNcXaoUKW/1v+Jo8q975Fo+aQBmPaf6YAF?= =?us-ascii?Q?T7HC17aKeKyscMTQawHiY5iA6lojid3C8Z6KpDK2IewCxR4sn1nPZYhwYjOc?= =?us-ascii?Q?WpmweIR7lM8anktnEFik3qANlJeLawe2D3mapKRUcyxOLuHWEnlat9pLVbeQ?= =?us-ascii?Q?YAY1hKbz7tz95bX1bOvkzCIlyq+xv4munT9Av1vPpKFZFY6Joe9hGzby2Kk4?= =?us-ascii?Q?gapsTy1ppC4RdcFYRAjieejvApEaEr49v1hEvEuw5c15d+tA0hBlSwyfWGLK?= =?us-ascii?Q?mJ5X7DYkKVv+1EdvARoCUl1SKKXUl5YiZOeRyypQgD/Y1VJh+HVSaPDk3o86?= =?us-ascii?Q?Me0azf/IPTcCj/t84memmBeIDUHR3a21xxvdHOazT8ruBCPRJ4gMZ1ksivpc?= =?us-ascii?Q?3Kg/kBC/vpdtDntylACPp22/Pf4UK7dnD1yM0MOB3M6jakj5qsK47DiUnhiU?= =?us-ascii?Q?piNg0p/8xbRH3CiSywM2W0oIGq5bdtf3kEq/+A3zhBhhoYV2eDV4aRXFz/oB?= =?us-ascii?Q?Jv+7VSwRN+4aX6SGNeb+ZD9NwfNm5PVaBKPaOe896Skpwcta4LugO1vNUMOs?= =?us-ascii?Q?x0qo1fO7z+J7bxVdhVFhIkde9dN/Y5UpggZU4cj5LoepW8/aezqdZM2o7dmv?= =?us-ascii?Q?oz28SUzogpdj1uC1rtuNjsZdrNaI4Ts5Z8Cul2q1cCs3ih/JStT/IgY7bC9n?= =?us-ascii?Q?EY6JkUe9hsffxAP8CvfPKySK9O33KiLP+nsPQlXb41HxWZE3amJs8FEQT8Sh?= =?us-ascii?Q?5i1mlUZzKTcuLh/qUturgF9ty8G2Nk+JHd390oIEUmezfDDpMroVwyVnAkej?= =?us-ascii?Q?tAtJFS60enGpwp2rvjz1+1ji5j0Ejo6+eN0DKgHpkYLOQOgnwiiH+7iCal/2?= =?us-ascii?Q?wWKo/3cpwDFID6zGk7HKax7FO3lGWsEKYPch6fujY1nfgQGdFK9SG0OLU4kS?= =?us-ascii?Q?Sp43BOS/i78bnd6GSpcVl8lN6EoSwJaf5q2z9VNLiPfhx0Wc5os0ZjR/l9Uk?= =?us-ascii?Q?FZrjNxxGZqo/+F9legWrzfkYO5wwmb+LYQx079U6KDnjJ9TEOLxepgJui77u?= =?us-ascii?Q?u7VM68ndko4duXw9a9Y=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS0PR12MB6486.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(7416014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?AtN6kkrNdsN2zJ0einIQp3NfA87+8Frv6l6pKEw0/Y1rJCRHERDr2oJaX2EY?= =?us-ascii?Q?NcoMi0FScFEO9KFmLUo+kuWGWf0gTLM0WcLLTefipwc2/nE8x//FS8OSIHeB?= =?us-ascii?Q?masjdNWtTdwqJnxGK0vOPS7Cjkw4ex2o/8+c07H9487YvNAkBkuMWvlfnmkk?= =?us-ascii?Q?h8aY/fefCQz1Qcb5dIZq7CMU8EW+slbciBHNNQvdRGglNl/VoHp6L8j0mQwV?= =?us-ascii?Q?Yj7+cHjGcmsE8pJYmO2SfA2/V/aHE83XdCJRB0hVohTR07VOySGvWE4B2305?= =?us-ascii?Q?G6Xe+c2Ns4p0HT+KcnhRjXYWzgauJQzb9b0QBf4mePMzSVoZ4ffoXhTSAI1I?= =?us-ascii?Q?YBzV9PviakXDHiQP5wEtiPvqidlZ7AJDeE7nQQPCZAGj/8FaNQ+362QtqMns?= =?us-ascii?Q?l8jQ2aKjLVTXfadMJy8RIAtIuJDBe47t0ATSL+0lY9FNOB5pm81+uEoKBhPN?= =?us-ascii?Q?KRY3CFayFLGB+VBpUOFIIHnfz1Gu+9mXXN+BrJiymC+PARNotpIXOV7/stbH?= =?us-ascii?Q?DVKThx9pRn0G/jB44zTLW5AICq+7j+5J+gtkCohKpVcJUXHVNw4Jl/sJ5q6J?= =?us-ascii?Q?0tzoB46/2dJdZjs+e/iFjH7cLxXD7tdlOy9Wd+mw8G1PA0K/T/b2rlka1EOZ?= =?us-ascii?Q?uGt8FcESiRLR3HJuMUplUFVVLOxY+gejFILdoJQ07FJT8jgMbH+9X/MSDZHN?= =?us-ascii?Q?n8Kj8XVohjFRdsCWOce0tkksnNCOQmGB50dmvPuosan91VIZw1bIQftWFKqL?= =?us-ascii?Q?Q1Q7HIF+UH5Mw67coVpu5s28hwlSYKjcPsdByRHNpn32yB8i+iU3bnUnlfiM?= =?us-ascii?Q?wH72Xd+byrYChPtXbNXLPIMuE+glqUmXRzOmYLs+o+YKOdU7joy5c78Znq6U?= =?us-ascii?Q?WGQ8wYojFuIJ21uFoIRV7TvyL+LCjhZ+3mdIxFSxxg2cWdp+W1lLpptRwL4u?= =?us-ascii?Q?ANn/k4FHBTdthdYo6DmGob0USX6PJPgBMZ6JKC3DouZT6wGy9IXM6xju5dtu?= =?us-ascii?Q?Rw+vxuUA9hu8uvT/OmlChLmWPg/wi/0oIoN5Pj1fRlm9JCvXnTeWnIiJc3gW?= =?us-ascii?Q?D/ykeJX7ct6xOBljMy1Pa+atSQY8ao8EQPwES8ThnAFx1NriB7cCP7T8AxOZ?= =?us-ascii?Q?NW+px3nqunvuGhkN/LdmT9NDJ+NGHxp/GETmf/uNxzPc3bj2j98PbZL5/8Vq?= =?us-ascii?Q?dSo116HwAdUMkoC4yybKvsqGb2S2J2e2KgNmKnlkRN34IKebMeuvMmKwuStK?= =?us-ascii?Q?Y4/V9jO8dij/gPZuOku54f6pTmbvD1oXojavaRx8siOOvM0dTn6V0OIMuqo3?= =?us-ascii?Q?1YemjVtPdd4dxd8unRrv/SX9CdZ7s4IEmweEudUdJyx3wZWrawUuBkmW1WzP?= =?us-ascii?Q?jKdvxSI69NkK+Mzfm04euXLbRhru0vPZYbMWj/uJ8wo9MXreqvQARxOHm4Ar?= =?us-ascii?Q?HgQa1qqB6oU6CjhtXiVT+n1c5Hx7UahACs9MbOsk6hJ5brVu5TdpmBmaohcR?= =?us-ascii?Q?aIUWu3307dw+K7JEy4jDPo/5ed4EV5e06IzLnHSz/sBVGqcNmcLwhqKdoPxE?= =?us-ascii?Q?KMiGwRSF1x45K/wVHW6cfxg/wMz+gYv7Ha6aww6Px+Dzay1neVGUnbSU+gjA?= =?us-ascii?Q?gaeGDAQ/j/qdAB9j4ri/dDK3Kl3FgC7CNs7i9McXlnQkJh9EtxR+QZiIVu/T?= =?us-ascii?Q?or3yvF5smqQ7ydW+Q/H4JknQRO0gdh16MrK0IzafWyMVBc88rndtbKcUDVUs?= =?us-ascii?Q?kmgGDoh8Bg=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: d3834c66-24d5-4f77-f707-08de5d18bc26 X-MS-Exchange-CrossTenant-AuthSource: DS0PR12MB6486.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2026 20:23:15.3748 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: xG3YJMVaFlBWxx7FQ9573IQfB5YaOrOnNqpn/2IvNMo9sX92Ij52Xze3lW7NjxNDpW5YK72VDqBdUy1k6aCGJA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV5PR12MB9827 Content-Type: text/plain; charset="utf-8" Use checked_add() when computing the end offset in the frombytes_at() helper function. This function is called with firmware-provided offsets. Reviewed-by: Zhi Wang Signed-off-by: Joel Fernandes Reviewed-by: Gary Guo --- drivers/gpu/nova-core/firmware/booter.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/nova-core/firmware/booter.rs b/drivers/gpu/nova-co= re/firmware/booter.rs index 40ac7e66d228..bae24c756853 100644 --- a/drivers/gpu/nova-core/firmware/booter.rs +++ b/drivers/gpu/nova-core/firmware/booter.rs @@ -43,8 +43,9 @@ /// Local convenience function to return a copy of `S` by reinterpreting t= he bytes starting at /// `offset` in `slice`. fn frombytes_at(slice: &[u8], offset: usize) -> Resu= lt { + let end =3D offset.checked_add(size_of::()).ok_or(EINVAL)?; slice - .get(offset..offset + size_of::()) + .get(offset..end) .and_then(S::from_bytes_copy) .ok_or(EINVAL) } --=20 2.34.1 From nobody Sun Feb 8 09:12:31 2026 Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012049.outbound.protection.outlook.com [40.93.195.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9397E2D6E70; Mon, 26 Jan 2026 20:23:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.93.195.49 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769459013; cv=fail; b=IGkBHQ42a8wwAWqUjurKSEbwWoFtQoYsfzgZwtJwSTFGluOjluskgPTZ4pjM9TGh1T2ZViqPRau9wn9SCITTy3X3HhBBcyGjCg1TwdJrFNjw1pflvg0VUy08eIUvChkesVnx/BW3l+0hYKQD1q2ycmQXJYk66BlLYVrkW0kQ7HU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769459013; c=relaxed/simple; bh=7XOX7Ltyb9hTLH9ipRF2Y82MH7cGn8gd7j00lJyt99Y=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=KGD154RYnpNEYbE9ueeIrB+Irylj6o0Z1zj29NOE1EJJN6gfnRpo9+qJQ1NjC5EMe80hCfuMcqqJdIOkg3CRDLRMaj1r92sTGls0cXyEtbXc0SocfQt5pbRgUm0eanzSwASnJPoP8m8XpSQbm18fMnGTS0+khq+m29acLV3FSVg= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=qnJmKDZQ; arc=fail smtp.client-ip=40.93.195.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="qnJmKDZQ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=kP7zTHQtHMHMmFjQ7EunFyYiLTS0LGC3vrLkq3UucFhkL7aWMzyyIF3VyOPPF0W+baxZIvQ9wpHPUtnY8KmjiIhqQRXVLpaT4ZDkiQ2zksXUqdwilWxUMuqBXfZVBpDi46PiUixyZzm2UI4o0/GK9cKA7ElpCgWm/VY2glM1h1COpPMO2aldhTZtdnBRLwfAkkoYXRSIEBgnb0swdEgBi+A5mEIBJIOCmBaPpjQD7LkLFLI+zqsGusopEO253db902GFrMAMdeU0PW1asdpZ9wd7z/ku7xKurFJtvcfKpg/Ru/palJK/uFvXIMGl03ymL7b1hJd/TRwIfYKMLOo26w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VYIOws1roaCG1oMqpOEE874fMPzFHphr3jJgTfAaAGs=; b=kG6bWpvHq9q1VLbnL7XLcxjjG3mlglTl5NftoJW3emDyjfUxST0TbHzq2+IOuXa8Q0Q3LpHNDA+eky4WG8L3yRXf5RaYb/GqpZqgOmA8JXfQDta71xjto969VJMJBzqhkf+7FJ/jXq+xZ5NjzWgogI8EEk9fBO7l8cLzEcQxG60G0cLJKTHFHI5K3oY7dC2cRUtLNUxnlMSThjREVzAzInT6fz8rLRAojt7uTKJF9fG63F4vwHwzolbJ7QoKTDsTVcLAxK0Hj0CRYp2id/SwhWJijKgfm+hW9QWStr6UEvUSTWV258I7aOmDmu8WNHnad49x5U/Byk0VkExtUQUdGA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VYIOws1roaCG1oMqpOEE874fMPzFHphr3jJgTfAaAGs=; b=qnJmKDZQ8+FORYTEwIdAKjHvaUKuVqNStXuaKMngQiQ5OZD6qnxLuM7SuoF7LVDVDueWFwtqV0IWsu8o6xxdwKsWzXMxZjeyrqXn49InYkc07oF7vciYRd5c+kgWTutwY1tTNnF6ifqW6H/8QvwSBBcaKO0wlXL1zxs1A7aQ7vsPQzJhL5pHdUxvoA6KIwtFzluUJmuTnY/8D6CfHjoUTEGtVlde+P3xTgoOmx+j54mFHH7L3LIwaqtm2RdP0OoDwFi+AfLQzboOwp5p69dDViJDPQ57MeRRPD8ygs0IfpPOgKRnisxV44ENhoy1lejYykVhL7cnVqej78m52/7YPQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; Received: from DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) by LV5PR12MB9827.namprd12.prod.outlook.com (2603:10b6:408:305::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.15; Mon, 26 Jan 2026 20:23:17 +0000 Received: from DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33]) by DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33%4]) with mapi id 15.20.9542.010; Mon, 26 Jan 2026 20:23:17 +0000 From: Joel Fernandes To: linux-kernel@vger.kernel.org Cc: Paul Walmsley , Palmer Dabbelt , Albert Ou , Alexandre Ghiti , Miguel Ojeda , Boqun Feng , Gary Guo , =?UTF-8?q?Bj=C3=B6rn=20Roy=20Baron?= , Benno Lossin , Andreas Hindborg , Alice Ryhl , Trevor Gross , Danilo Krummrich , Alexandre Courbot , John Hubbard , Alistair Popple , Timur Tabi , Edwin Peer , Zhi Wang , David Airlie , Simona Vetter , Bjorn Helgaas , Alex Gaynor , Dirk Behme , nouveau@lists.freedesktop.org, dri-devel@lists.freedesktop.org, rust-for-linux@vger.kernel.org, linux-riscv@lists.infradead.org, Joel Fernandes Subject: [PATCH v2 4/5] gpu: nova-core: use checked arithmetic in BinFirmware::data Date: Mon, 26 Jan 2026 15:23:04 -0500 Message-Id: <20260126202305.2526618-5-joelagnelf@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260126202305.2526618-1-joelagnelf@nvidia.com> References: <20260126202305.2526618-1-joelagnelf@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BL0PR0102CA0014.prod.exchangelabs.com (2603:10b6:207:18::27) To DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS0PR12MB6486:EE_|LV5PR12MB9827:EE_ X-MS-Office365-Filtering-Correlation-Id: 1b2a4e4a-d62b-47d3-edcf-08de5d18bd9a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?DFVFrt3V9dvZiRDHUUFoWsHiu1CZ6Cw0K+c5MBUkkWzsIFE+siawzmve9cee?= =?us-ascii?Q?xWnO/r1m+EfXXIoMgwrMD93/l6qxmwLDw+wP5TsyLjMv8gq3TbIZ8mt4bGY8?= =?us-ascii?Q?75VddDSkJnDU8ZnYrHg7uS7jdu15bFE76F22/AVUmHOqDbViU/ZSHc6Q5pCE?= =?us-ascii?Q?/NuVOhSpmB6VwR4qF7d4gPWP0avOaq9vdJAzMsJpOyXCkdZwi+Jt5KP8dQQM?= =?us-ascii?Q?f0K6IRPovoVsY96Rx+juJ2lGa2KzQ+/c04XvMQTt9DJnMuolSmi9umAusIjT?= =?us-ascii?Q?LG9h72QDYsv6PSv+zmwMtnHtRYj8/59ryP8AqYq4jVkoBzIuUHlI6Qwq/Q6M?= =?us-ascii?Q?j9Dq2vOciUrYIejuHepwg7bPJsBMXqzx0uyQb0mknxqvukK94WGQanBmr1mV?= =?us-ascii?Q?H8Hv21Qslg1Glg9d5XP6Ii8wSGgZXPsyNnEQLAbWRZXtFtEgGriR5eHFoEcb?= =?us-ascii?Q?e3T+JOIvUUHWNDJQ5OS1RBr5Sxyj0YvjNufbTQAWmdYf02h6R+Vt5mNdfdEJ?= =?us-ascii?Q?5flC3Su/QBrFMFJdt1kSycKhRniXKd7+D2C/o1dOLwiq4FqYFpeKDe92B08Y?= =?us-ascii?Q?XVXdtONoT62gv0FBCWsHcsd9FCpOQLrr8FAOdp08Why1ipVhzVuQPgopj4YN?= =?us-ascii?Q?5UE39mZM9Wycy010rNdVTdXYUpxX+v7YzJIbQ/VGiKR82qNP2b9mqpPm4RNA?= =?us-ascii?Q?iQmxZZMwsBJ11tn3cPj9U57t8AaRF+2HP2IcB+JJ2mLKkcNsDjlfXl98GkE5?= =?us-ascii?Q?JvOoK2Mkyn/FDD4lpdRunSNi2VLAzIMgZR/CrSczU7d2RdCxnA9S4WrMLPRU?= =?us-ascii?Q?naeIoUMtJNTzKJqN1izrOt6d3asYdpd5gEE25BnAf/LfG+GnnOb7sdFKQloU?= =?us-ascii?Q?1+oIXEF7vVvo9kPPLkDgTOswPiE4CqunLOw0UqeW8N2SYQyCMSkRyklz9KSU?= =?us-ascii?Q?PyMtekBWA0exqd6P/3/yDWPZY8q8hrhy/JTMtbwi8+Ns/lS08JWIA6BLmhz4?= =?us-ascii?Q?O1zZ1aT1q9acsDRRH+f/krQTGWXb5J2Mson0nX9RZacMknuig12yiJKybot3?= =?us-ascii?Q?Uo9Uq0E555IrVigf25J9tYK9oQgL2ynyTx7ACNE+ZCiMMcKDat0fV7U2JboC?= =?us-ascii?Q?yYNZ1aUwOwneDHM4WneX9vCijG5N1Ri16Kgzq9DSncrAnxzTxYSLzSzjeNAo?= =?us-ascii?Q?jhx/V4UAYa+ppU1xCSMLcUmEURIAydTfHCm0yFXcq8Qxdl+7dwjM6bL2coVk?= =?us-ascii?Q?kdgSX2y/SJsxqBNCxwFIjl1VTUo71w9VVKW4RzkVArvh7yxpw9LAP7yRXyK/?= =?us-ascii?Q?7nJJCY9NJFDnkPxGiGGgfwjvKz0xcr5m6RemIlGvbNXi380uPPZx1PDSKYab?= =?us-ascii?Q?FmZq9wOK2LX2jTooyf22jog2DzMILablU6VL7DD2xnadgOsC25fnOkYXPuwC?= =?us-ascii?Q?Mc79op0XHphhPvU0gMlpMJRdDmSLqMhjblb257dG1w1YzmtJE/cRKsgnjvJp?= =?us-ascii?Q?X2RbTvR42nwjQUdT07tkVp6VoJtcdXUk1kqXaJrIh0LXuVMjuoFevnxFoDBQ?= =?us-ascii?Q?wid2Kp6/txO2JjieS1M=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS0PR12MB6486.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(7416014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?P4Uy8reZE0sBGZP3U07HcNYd4oqtn8GEFugTfHhrTFFc9jbF+mKJAasFxDKl?= =?us-ascii?Q?b10N3/N7CsIFmbWHk0YmswIkvdO7aaV8OyRo59pbqDJSx8oJCEX/p6s97A5m?= =?us-ascii?Q?Co5WpuwJ7QliFR2yGbKFS3PN9pTdR/hxw8sBH5KOoxXxPoAlz/E9Im8VcDBp?= =?us-ascii?Q?J+O0nDge2v/fy3WjUYh4jRotRjZtFJH/G+WlllkkYthWyFAGc9Sjdkg3YwaG?= =?us-ascii?Q?PlSnVMrRkzbgXE9p0caQBtf2OOeEb49KW8H7/Or/9Ttd0JQzFRnkwqW659oD?= =?us-ascii?Q?Pv6NN4DLPCnRVI4b+HaabKc9j5B1Uw0XzQySdD55j1NN5IwHt6Mvk7Z3OJp1?= =?us-ascii?Q?gGDJFvwsQZ3ckTaof6R8K/+/bkhYVqyv6oY/xFXVXAA+5Re0Urov4kQzk7YL?= =?us-ascii?Q?CAOkKysfP3IW0rboPVTGW0VjbXIN5uIl5ITQq8VXxVgZo1TV7AvEmFD6FlWQ?= =?us-ascii?Q?+HIF8dSZ/ZrkyRjU6jmxxbpT7IyK0i5XAAC6no05hHgd7itN/OHFfV4uguhA?= =?us-ascii?Q?ZOLRWuKYBFfV/NEAW2BgnMMINnPLL8BIsavwM35wXZU9VXutLRP30H5S98mH?= =?us-ascii?Q?9sESsoCpkjOb0VFv1SgVKjq0Q70nFUbDTodd8Qb1mctXx1GozOwnqzO8ZRey?= =?us-ascii?Q?+1cSkeIqa0d3Fjf6X4BR11O+SBQNKGYcwbLSPTAbY2nejPvwKd6QrNde8ONW?= =?us-ascii?Q?Xc5JkxRQU7aThnQsr8eHyiRb67xEol1d4/7dyLF0SSg5U7Q1ITQVoFW3TcdS?= =?us-ascii?Q?wjVgxwVi7qfTK9vSEEa8edocN/T3FfF2gs1k6csM3/xR5/h+t023Nb5oswrp?= =?us-ascii?Q?7inLDr34iMFWIBGsNuh0PQUfuP31JEQf3vCXXVoZxVU93UuGxF2kIaO9WTsZ?= =?us-ascii?Q?pRpAZyu02Kg8uiPG3/BhO/TPBSs0dT7ayChq+Twvyjy8kne9YGItFojTpp2P?= =?us-ascii?Q?3/+59pvc4hgIZd6jDjHrtPSsWa41O6Ikb1QIveotCjms/6yy1nJsbrJYZN6R?= =?us-ascii?Q?s1l5qnzX5tDPio4f536LOWfEHFJbd863Np+UWN9jm7S0UTUaeaqef5QMlgpU?= =?us-ascii?Q?IYamUw9odqaPifs7/it40kfR3AVXPRR+qI5l0BE8Lg7HLs7K58xdzw9IpRB8?= =?us-ascii?Q?mK0lQLL8KVCvG6wdZuj4ozkiE07eZTd6tj/VDd/GYxlR56Axcu2c2rQmK7D6?= =?us-ascii?Q?aXTx6X1MOP17aNC9tDz2T8G4GWaE+P++/sa4wKppPtYsqI9xYyEHEvDfNaOm?= =?us-ascii?Q?cLeCRssHdsqhcXzEG6sF3q8HllujiEqOQYlCR8iVA/njk62GZZVoVlBHyBTN?= =?us-ascii?Q?eIr9W1tBElxTc9OOUcTOMIwrXmdl8sFpyED3mMB6g1x847ttfC2ho99ZzP9M?= =?us-ascii?Q?2gk9XvmEtSxX7hR0h7k4AjPUbIdq9t7KfTiXsxHnoxN2MfXuHQ37HENk/WOV?= =?us-ascii?Q?p1kC6x0chIj5NXeBrKY/f6Nl0fLWRIW6VQhHNDuHw9aTFA/PsDc4gOtYHCPN?= =?us-ascii?Q?WznsKEvoLWil1qk1Du3+0TcZg4gYsOgROUnXcaINqtRfy1j7W+/zrOJ11Gk8?= =?us-ascii?Q?0ItjcGTWrf7tBtwsrh001mfvGWG8FVi5RXFkxFZf4TclZg7NO697sPnxpT9X?= =?us-ascii?Q?B5auiC5Ak6RfZ+1Id6QaOPxZKafoQbN+1Or6Ui13Cl/Sbm0vyYkl7vHlCC/g?= =?us-ascii?Q?jpwq46H8Q82FjuFTGK7U2K0pRjjlrImvBhBv8exLHLoTn6RWIOSBuRgzO9Kv?= =?us-ascii?Q?chkvvGYsQQ=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1b2a4e4a-d62b-47d3-edcf-08de5d18bd9a X-MS-Exchange-CrossTenant-AuthSource: DS0PR12MB6486.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2026 20:23:17.6906 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: QeuVtT8qASl0g+tHGILUxUOA5EjsxoLmGPoXh3kLQcVkMmRA+4rHAhJlpHFxPbC8BveI7QUrr9jdCecaf/z/1A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV5PR12MB9827 Content-Type: text/plain; charset="utf-8" Use checked_add() when computing the firmware data end offset in the BinFirmware::data() method. The data_offset and data_size fields come from the BinHdr structure parsed from the firmware file header. Reviewed-by: Zhi Wang Signed-off-by: Joel Fernandes Reviewed-by: Gary Guo --- drivers/gpu/nova-core/firmware.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/nova-core/firmware.rs b/drivers/gpu/nova-core/firm= ware.rs index 68779540aa28..4f57a270e142 100644 --- a/drivers/gpu/nova-core/firmware.rs +++ b/drivers/gpu/nova-core/firmware.rs @@ -394,8 +394,9 @@ fn new(fw: &'a firmware::Firmware) -> Result { fn data(&self) -> Option<&[u8]> { let fw_start =3D usize::from_safe_cast(self.hdr.data_offset); let fw_size =3D usize::from_safe_cast(self.hdr.data_size); + let fw_end =3D fw_start.checked_add(fw_size)?; =20 - self.fw.get(fw_start..fw_start + fw_size) + self.fw.get(fw_start..fw_end) } } =20 --=20 2.34.1 From nobody Sun Feb 8 09:12:31 2026 Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012049.outbound.protection.outlook.com [40.93.195.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3BF932D592F; Mon, 26 Jan 2026 20:23:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.93.195.49 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769459014; cv=fail; b=sMVV+tAgboeMMzj/54f5qoCsK4myqzDE9jazDNRyhdAO1z+MLjLO2KjbdBNCVHTAfmF0EQDXrlmqdz4oVPWBQ6ViT+bKarvPp6JT5K0QZpbceW4I5MWkUmRCg7GZrTdUw6+B+t7AXQOnhfWrEVeh2grBYRUzUnYB4jVvdVyDDuo= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769459014; c=relaxed/simple; bh=WCEkRVwLR7l+Q/6QLWMqzxUOmzZenQaMX7cZxnjoZUM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: Content-Type:MIME-Version; b=pQThMddylzcSD0EqC3nLJEcLPeOla+VcRQp+JeTYZesSuomgTAWnfh7a3vIsqz515PkwNQOyO4R9cUDFK76gTIHmbXNnNMEqVLrom0uq9XAg5rg0wlzv/1ZD2Pdgigo7QqJE02LmLSTLh8E8iC6AZAR3SqZm0HxZeqgp9IdsxZs= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com; spf=fail smtp.mailfrom=nvidia.com; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b=LlEALUGZ; arc=fail smtp.client-ip=40.93.195.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=nvidia.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=nvidia.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=Nvidia.com header.i=@Nvidia.com header.b="LlEALUGZ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=fnC8fe0Glt56WXMTfQppxVYG/518wuHJPy0xpMFpYE9SoK1RTm8fKrCrwUtYoCOyAJGLK/fWQ/Xh5gVmaYEgFaZWH5qtf0wav33uQ8XWp+wn/Q5L02qo3jX3jvLkUy+BPA0BqEFUYEPJXgk9gwu2KY7+zuvQzcTWKfZ4GCg99p4LCV8vPH4UGsoLBnhMf90OHLYg6LlLOa0xATLlT9HQUBYJ+tY5NBxn6f/sMPDCz6YviZhldS7o8JWJR57iY1LhRQqodAtFxAGoTwLxhk34Rc84vAMCydelAgge8RNS+WEXVYrgaIiG8G/ilcb00gqt6FJFwonTPuedw/doFU+JQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Bl9J91p+RrmoXb7AzODvS+jKVwwy3HqlSSZAM2xHBNc=; b=MGKYi71T/hYvc5o0orlZA5lA9sN+RwBjZ98sQWnZMV5NEhbl5Kj8Pkz6Hjsqlll85jmBHbH/XF1s2ZuQfgWVfP7VpzIWz2bxRhiWx06vqIZbNomJL8a6sxHj7MNUGQcde0xkLH7fWhTpJKJCsjG9Jf7oWSI/BxNP1Kcp1GGk0VPGtvYQEEnZh7Rh4EXOwGLClSlhUEzFP+Tz+q/0IgtEZrkcB9QfP1qhR911PkcPgtw9k5QY2JqlLjixr8PN2Hj0KTboqoyngwAG+YnNNCowrLXsyd5aAveYHiMkwbk4XqgTsb5jnj6gnVVc1dPUd36/ZPXfSBGZk4VxSgMFhHuEDQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bl9J91p+RrmoXb7AzODvS+jKVwwy3HqlSSZAM2xHBNc=; b=LlEALUGZZHJeUVry2ZZj7u4kCpusW6UlsIAWqH3Rblpk09gI5Jx6pgx7YY8NLRm+AEuM1FdyQP7i9GAXh4Z9eZS8judO0Kc0CCC7bnoHvsRmXhsm6IN9iPhfwwxIjTPLjcSRz3grLw9dYTEpSQOxeikFoAsd+oAUCrlWxvveghsU1KbWpt1ujcTeP7GAF3e0+3TBvLUzwpexg/zoFm4dNtZHwDME8rP/8OorwEK4vUzCYhp8VSlUt4+MxIuqt4cwcxTbvV84jxOC+DYPzk+U7HEka3o/Dg0cGfu/roJWjt8S97f4lgeU7T2E44+zRP65/UOl55VqTdFRrTNIIeaEVA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; Received: from DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) by LV5PR12MB9827.namprd12.prod.outlook.com (2603:10b6:408:305::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.15; Mon, 26 Jan 2026 20:23:20 +0000 Received: from DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33]) by DS0PR12MB6486.namprd12.prod.outlook.com ([fe80::88a9:f314:c95f:8b33%4]) with mapi id 15.20.9542.010; Mon, 26 Jan 2026 20:23:20 +0000 From: Joel Fernandes To: linux-kernel@vger.kernel.org Cc: Paul Walmsley , Palmer Dabbelt , Albert Ou , Alexandre Ghiti , Miguel Ojeda , Boqun Feng , Gary Guo , =?UTF-8?q?Bj=C3=B6rn=20Roy=20Baron?= , Benno Lossin , Andreas Hindborg , Alice Ryhl , Trevor Gross , Danilo Krummrich , Alexandre Courbot , John Hubbard , Alistair Popple , Timur Tabi , Edwin Peer , Zhi Wang , David Airlie , Simona Vetter , Bjorn Helgaas , Alex Gaynor , Dirk Behme , nouveau@lists.freedesktop.org, dri-devel@lists.freedesktop.org, rust-for-linux@vger.kernel.org, linux-riscv@lists.infradead.org, Joel Fernandes Subject: [PATCH v2 5/5] gpu: nova-core: use checked arithmetic in RISC-V firmware parsing Date: Mon, 26 Jan 2026 15:23:05 -0500 Message-Id: <20260126202305.2526618-6-joelagnelf@nvidia.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260126202305.2526618-1-joelagnelf@nvidia.com> References: <20260126202305.2526618-1-joelagnelf@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: MN0P222CA0013.NAMP222.PROD.OUTLOOK.COM (2603:10b6:208:531::18) To DS0PR12MB6486.namprd12.prod.outlook.com (2603:10b6:8:c5::21) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS0PR12MB6486:EE_|LV5PR12MB9827:EE_ X-MS-Office365-Filtering-Correlation-Id: cfddb43f-7a67-4989-d85a-08de5d18beee X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014|7416014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?S1dVPnKHOY5YGy8X0U5LnzZ+rZSSihgr35nOToG6gy2CHwXfAZ2nhIXmr/uC?= =?us-ascii?Q?SUDlcz3/tADfYd7ZNuq8nGkG43+6zU0+54infDTKodF+dLYUqEfH5dDIwkQ1?= =?us-ascii?Q?yzwg2XzqmIeaaZvtO9FUxqxEhU0iPRlQr0zOiXCo+OWyyVIdRb45DtvIzQrK?= =?us-ascii?Q?1ia6AhdfZ+1ZEfomxyJfZcor2Z144sUA670CSgSGYvAlcVGzsyPva2sq1QcN?= =?us-ascii?Q?0kTOcC3R5NWJ3ly/gBMN9mNVcexMoriPJb6muVMlj0YgN537U5q8BSN1Ci0U?= =?us-ascii?Q?Lq+HVC+QR0YQAtHR70UniOHT492EjrjdCkem3Cvgj9TBBy+11rIdPHbXcO6J?= =?us-ascii?Q?Z67Pa8DNjxDkTH+rjQHbDCJBWWWtc9k26hc9Sgz1vaAUAhjleLC6ZpSRsj+E?= =?us-ascii?Q?JPH/ghmKBzuUj8CckXuRcxCJhC032ySX12faiYNSMah7s7cfriqZZ/VQRXsS?= =?us-ascii?Q?H6N5kLp1qRU/ROnMYInapyrTD71q57G+PYJ5VYZeuqrYFWV+BsTEGRXMBkNG?= =?us-ascii?Q?FLIIemSqXOv8McMV3Xj6216wm+jAhozTMOt3rFSCgXsO3Ka+B1L/BcVSVLL7?= =?us-ascii?Q?Tbrddo6xrLFDTOEcGSLZFhFr3NLYaI8L/88Gqm6FJzujw3oXmivNB/iJR4+5?= =?us-ascii?Q?vaMBtrTjbOOKJa7cw6Hym3IW+1eFxpqa0tDsEDxjn4Egz0UgawcUAuc/e9rB?= =?us-ascii?Q?aOGZh3WE7VvlSjae/igQpV/x4aWxGVeRwNDnyXZTiXWWU8sEMjz4ZXOdvKA8?= =?us-ascii?Q?W11F3VgeDNxYNTZfa+y9Eh268wD2Dc2vC0UrxMPahcA8doXScI9NItTDthQ0?= =?us-ascii?Q?i9ZgRDnEfnynF4n5EvkVBBEE1J98Kkkf8/bZgPAdWyX03eoagKIhHhEXCEjN?= =?us-ascii?Q?Y4vluAsO2OYG6qOAbdr3Swsj+ilH7/pdslBzB0YLbYGW3Nc4snpCVgtY73H+?= =?us-ascii?Q?OMkhhZl08+I6KWTma/ayhXJPwO3v92HBUyLi6qOBlMBW10GpFPP6fT8cGQxS?= =?us-ascii?Q?QWhQDNqFY96LvV63Zwrhh9E4EVFKEyO9btaeH00heIW4l+HPzIlZUYj2qgGa?= =?us-ascii?Q?54S2fG2OLV2J2Vo/nOsxLlZIU9bMqIBAgp5+xtWZsmnKg9QTwApgKYHfWGIe?= =?us-ascii?Q?U7XKU0FKWIpdc21U4UqzEMmXlWfGnzjiimpdty0RhsagbZ4dy0O49ffG8x3p?= =?us-ascii?Q?DB0wdOpl8AR9vPsSH7mi+jIzK0ivEYFI2Pw8/YHFG8NuLvaA1//uGVEDJyNP?= =?us-ascii?Q?gfTkzQqj0nydlpJFKvKRTTUyQC5rFXn0C7Zt5s7hy7gobSAHlyILfzwtpr0L?= =?us-ascii?Q?Cs960NsjhnXlO4HPGIOdvsO/qfKJ+o1cAyZCowQdrhAI/Muf4eroDLZiHa2F?= =?us-ascii?Q?WbkDmzPLm4FNssDvHaBAkZ88aDJqJ1E4urxWtWJDDQ3cEBEAiw25t5e8F07G?= =?us-ascii?Q?i0hBI5IHWyebEyanKcyLmt+3c5DQRpnMSexyyicVLoxGzMCBA2+KGPIg3PgT?= =?us-ascii?Q?CX42Ff/ZQAX9KtDu2AA1f2YAT34X6UnttWNkvp7TSHVxYyJBdG8sBiWMnZ/e?= =?us-ascii?Q?avOIR1uN1+TbMhJlccc=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS0PR12MB6486.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014)(7416014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?qce40QX2dF95LI/9d9c9rK4sS3/VFrFX0uKq6DnWwLb17m0FCB54Pkfddpak?= =?us-ascii?Q?DCJ1zqWJNhANWemRW4JgKCDYENEVlqwpEEkBAcqqnQl82koKdpBIGhW54qgt?= =?us-ascii?Q?Cu4i5TO5ZfpeDJOnPCDbCIY57mpb5wHUXgRBjGAT1W5RwLfoA6gJJY9Yum+U?= =?us-ascii?Q?L9xy86Rp36c8j8dAbuAXR6wB0wA5aSCkvX3vZc9SKm8WubkIb7juKNcypX6i?= =?us-ascii?Q?bEeZZSdry754UPOr1xssnvcpYnHD1UR0qWaeMozXoWFwJ6x1/r817GAdfWL4?= =?us-ascii?Q?Na0V74z6VCnhRXvPyZxC7h4SW1jyvO2Z8rSBQDSNCnESM07LK33ekWF0WX02?= =?us-ascii?Q?v0sXoEvJ36D+YTlg7nUNnzbzJLGwbo1ub0RKk5zEiTsUq4E6WHaYk+Cw670R?= =?us-ascii?Q?Xh57YHxws/ywaMCoOtwgjr3xfsWTR0DpjaXj7M8kRNswxVHEPFZ278vaNyES?= =?us-ascii?Q?Q/jpnRKhoQZIoL51+furlp2f2lG/M8bpHKvIeG2cjQrlXg5+iOh5SM6fE4Qc?= =?us-ascii?Q?/qPlRgu0wtb8OCdS/X3wwkpEFmzlYSy/MhRPQHu257rc5PsTF9/sk+kd8Me0?= =?us-ascii?Q?9PcPKt7FmBM8d7T4EKlqaayESC2ChxPYG4PCWFwPusXjYbAs+nMMzx3dfxxZ?= =?us-ascii?Q?k76MJuWW8G0qv1XE1wI/+YQ9+cPZmlHWUTh7W+dimuJ8KuPTMEQ/qJNY/rgc?= =?us-ascii?Q?JrlBxXYkH+1Zql+VfXZOoxHpJmlirn3tZCf5dkIYJYpy1isUZfIlghaC09V1?= =?us-ascii?Q?cH8/PWddff+g8UcvYAlB3nsqw0QPQZ63VmCT1d2dg+idD/Ufe7FaLiuuYS21?= =?us-ascii?Q?Ewr6Cz/DI20yQweB1icYl2ZWkQbcDyCxRWi0Ke2fFwsbnVbgeWV5X5Ouz7pm?= =?us-ascii?Q?hYb8EryjhcJZufZMimotU8ZErO89pFsd/Un9SggrhNtkXCBzw+LSdFrLVfOQ?= =?us-ascii?Q?d4DRkbFcyKuVUlkrU9aqeew1mrR9AhK+JC0jHRF4emyzk3VE1atEDTdnaE4h?= =?us-ascii?Q?EXY5slXevDYU2r8nuHfloY7Z3y1iAGnbIGxp0oaHupA+Dc6HsiNY5p/2y/jh?= =?us-ascii?Q?cRtOxTE3GHw7JSQSm0ZJ+wFpRrQc0cuydel42yurnnlw36fQ4pFfCWevJ+m7?= =?us-ascii?Q?EmVWhDi6otknrLv6VbXRWXo5HfU9miMyT3badEiJ5vNehg6Xbz5gm3el/svB?= =?us-ascii?Q?iYAte9QOtAfBYeOM/tRG0+x5aDfn5tLpJx7Da3ngm5BzfvDSbSLagjJR+2AW?= =?us-ascii?Q?ctn5qL0JM6tL61fx8qWoGewzKm+2i23+jej1drtOr/fiGXWpKTOvijjOv0zp?= =?us-ascii?Q?012p8RHySmbM39Zgbfy2+FwksqpC8MvOpVOWv2vRs+P8+/oSrc4SK9J2nPWm?= =?us-ascii?Q?7O3SBQRPVQ3jwpagM/eUtipTuDvcD7Bsg/dRdVkOSLCrI92vNYc003QtXkPp?= =?us-ascii?Q?1cFKGd2tGd8ffhFY6/9hhJ95JG4qQl4L17D3uEvdBPIoP4tqw4lwlI0KCHA/?= =?us-ascii?Q?djmJFWXfae2x3vB2O59rwvmfKZ9Xqc8EfnO8LYGylo6iDvZX3rcCBeEqwd1g?= =?us-ascii?Q?GA2PIr73FAgnomHajy6IQgR0U5izkNqmhV8JTsNQYEF26MNTuLoircs5mE1D?= =?us-ascii?Q?GQKN7vxaMZ9KzoDkAUYhsRSFtKPlwtY1eZJx2U6XQ04q4yq5kjDGLOA6GUfm?= =?us-ascii?Q?5wcAxMZF/ULa7RSQFfqv8b0NaC95WFYi3WDSc9VeSBFJ+Oc9zef4bClhI1x3?= =?us-ascii?Q?HOvSYUWB7g=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: cfddb43f-7a67-4989-d85a-08de5d18beee X-MS-Exchange-CrossTenant-AuthSource: DS0PR12MB6486.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 26 Jan 2026 20:23:19.8959 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: T3ul1msrRGqEGJcVC0rRgCEZ9nlfVCus64pvrx3ZqTOEYfa4OD0Ng0ZquoiqSuG9MwIdTRt/KaM4UeW8/bqtbg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV5PR12MB9827 Content-Type: text/plain; charset="utf-8" Use checked_add() when computing offsets from firmware-provided values in the RISC-V firmware parsing code. These values come from the BinHdr structure parsed from the firmware file header. Reviewed-by: Zhi Wang Signed-off-by: Joel Fernandes Reviewed-by: Gary Guo --- drivers/gpu/nova-core/firmware/riscv.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/nova-core/firmware/riscv.rs b/drivers/gpu/nova-cor= e/firmware/riscv.rs index 28dfef63657a..97030bdd9991 100644 --- a/drivers/gpu/nova-core/firmware/riscv.rs +++ b/drivers/gpu/nova-core/firmware/riscv.rs @@ -47,10 +47,11 @@ impl RmRiscvUCodeDesc { /// Fails if the header pointed at by `bin_fw` is not within the bound= s of the firmware image. fn new(bin_fw: &BinFirmware<'_>) -> Result { let offset =3D usize::from_safe_cast(bin_fw.hdr.header_offset); + let end =3D offset.checked_add(size_of::()).ok_or(EINVAL)?; =20 bin_fw .fw - .get(offset..offset + size_of::()) + .get(offset..end) .and_then(Self::from_bytes_copy) .ok_or(EINVAL) } @@ -80,8 +81,9 @@ pub(crate) fn new(dev: &device::Device, fw= : &Firmware) -> Result< let ucode =3D { let start =3D usize::from_safe_cast(bin_fw.hdr.data_offset); let len =3D usize::from_safe_cast(bin_fw.hdr.data_size); + let end =3D start.checked_add(len).ok_or(EINVAL)?; =20 - DmaObject::from_data(dev, fw.data().get(start..start + len).ok= _or(EINVAL)?)? + DmaObject::from_data(dev, fw.data().get(start..end).ok_or(EINV= AL)?)? }; =20 Ok(Self { --=20 2.34.1