display: Add dpia display mode validation logic

Dan Carpenter Tue, 23 Jan 2024 04:04:55 -0800

Hello Meenakshikumar Somasundaram,

The patch 59f1622a5f05: "drm/amd/display: Add dpia display mode
validation logic" from Dec 5, 2023 (linux-next), leads to the
following Smatch static checker warning:


        
drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_dp_dpia_bw.c:208 
get_host_router_total_dp_tunnel_bw()
        error: buffer overflow 'dc->links' 12 <= 12

drivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_dp_dpia_bw.c
    192 static int get_host_router_total_dp_tunnel_bw(const struct dc *dc, 
uint8_t hr_index)
    193 {
    194         uint8_t lowest_dpia_index = get_lowest_dpia_index(dc->links[0]);
    195         uint8_t hr_index_temp = 0;
    196         struct dc_link *link_dpia_primary, *link_dpia_secondary;
    197         int total_bw = 0;
    198 
    199         for (uint8_t i = 0; i < MAX_PIPES * 2; ++i) {
    200 
    201                 if (!dc->links[i] || dc->links[i]->ep_type != 
DISPLAY_ENDPOINT_USB4_DPIA)
    202                         continue;
    203 
    204                 hr_index_temp = (dc->links[i]->link_index - 
lowest_dpia_index) / 2;
    205 
    206                 if (hr_index_temp == hr_index) {
    207                         link_dpia_primary = dc->links[i];
--> 208                         link_dpia_secondary = dc->links[i + 1];

Imagine "i = MAX_PIPES * 2 - 1" then that means [i + 1] is out of
bounds.

    209 
    210                         /**
    211                          * If BW allocation enabled on both DPIAs, then
    212                          * HR BW = Estimated(dpia_primary) + 
Allocated(dpia_secondary)
    213                          * otherwise HR BW = Estimated(bw alloc enabled 
dpia)
    214                          */
    215                         if ((link_dpia_primary->hpd_status &&
    216                                 
link_dpia_primary->dpia_bw_alloc_config.bw_alloc_enabled) &&
    217                                 (link_dpia_secondary->hpd_status &&
    218                                 
link_dpia_secondary->dpia_bw_alloc_config.bw_alloc_enabled)) {
    219                                         total_bw += 
link_dpia_primary->dpia_bw_alloc_config.estimated_bw +
    220                                                 
link_dpia_secondary->dpia_bw_alloc_config.allocated_bw;
    221                         } else if (link_dpia_primary->hpd_status &&
    222                                         
link_dpia_primary->dpia_bw_alloc_config.bw_alloc_enabled) {
    223                                 total_bw = 
link_dpia_primary->dpia_bw_alloc_config.estimated_bw;
    224                         } else if (link_dpia_secondary->hpd_status &&
    225                                 
link_dpia_secondary->dpia_bw_alloc_config.bw_alloc_enabled) {
    226                                 total_bw += 
link_dpia_secondary->dpia_bw_alloc_config.estimated_bw;
    227                         }
    228                         break;
    229                 }
    230         }
    231 
    232         return total_bw;
    233 }

regards,
dan carpenter

[bug report] drm/amd/display: Add dpia display mode validation logic

Reply via email to