This series adds checked arithmetic throughout nova-core's firmware parsing code to guard rust code against integer overflow from corrupt firmware.
Without checked arithmetic, firmware could cause integer overflow when computing offsets. The danger is not just wrapping to a huge value (which may fail validation in other paths), but potentially wrapping to a small plausible offset that accesses entirely wrong data, causing silent corruption or security issues. The series converts all firmware offset calculations to use checked arithmetic. This has been rebased on drm-rust-next. I would like to consider merging for the upcoming merge window to avoid future conflicts. Tested probing with GPU name printed in dmesg on my GA102 (Ampere). The git tree with all patches can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/jfern/linux.git (tag: nova-checked-arith-v1-20260124) Joel Fernandes (5): gpu: nova-core: use checked arithmetic in FWSEC firmware parsing gpu: nova-core: use checked arithmetic in Booter signature parsing gpu: nova-core: use checked arithmetic in frombytes_at helper gpu: nova-core: use checked arithmetic in BinFirmware::data gpu: nova-core: use checked arithmetic in RISC-V firmware parsing drivers/gpu/nova-core/firmware.rs | 3 +- drivers/gpu/nova-core/firmware/booter.rs | 22 ++++++--- drivers/gpu/nova-core/firmware/fwsec.rs | 60 ++++++++++++++---------- drivers/gpu/nova-core/firmware/riscv.rs | 6 ++- 4 files changed, 57 insertions(+), 34 deletions(-) base-commit: 58d26d42818c0f8c9b334cc7cf318b43046e675f -- 2.34.1
