On Mon Jan 26, 2026 at 8:23 PM GMT, Joel Fernandes wrote: > Changes from v1 to v2: > - Added Reviewed-by tags from Zhi > - Fixed comment formatting nits raised by Dirk/Zhi > > This series adds checked arithmetic throughout nova-core's firmware parsing > code to guard rust code against integer overflow from corrupt firmware. > > Without checked arithmetic, firmware could cause integer overflow when > computing offsets. The danger is not just wrapping to a huge value (which may > fail validation in other paths), but potentially wrapping to a small plausible > offset that accesses entirely wrong data, causing silent corruption or > security > issues. > > This series has been rebased on drm-rust-next. If possible, I would like us to > consider merging for the upcoming merge window to avoid future conflicts. > Tested probing with GPU name printed in dmesg on my GA102 (Ampere). > > The git tree with all patches can be found at: > git://git.kernel.org/pub/scm/linux/kernel/git/jfern/linux.git (tag: > nova-checked-arith-v2-20260126) > > Link to v1: > https://lore.kernel.org/all/[email protected]/ > > Joel Fernandes (5): > gpu: nova-core: use checked arithmetic in FWSEC firmware parsing > gpu: nova-core: use checked arithmetic in Booter signature parsing > gpu: nova-core: use checked arithmetic in frombytes_at helper > gpu: nova-core: use checked arithmetic in BinFirmware::data > gpu: nova-core: use checked arithmetic in RISC-V firmware parsing > > drivers/gpu/nova-core/firmware.rs | 3 +- > drivers/gpu/nova-core/firmware/booter.rs | 22 ++++++--- > drivers/gpu/nova-core/firmware/fwsec.rs | 60 ++++++++++++++---------- > drivers/gpu/nova-core/firmware/riscv.rs | 6 ++- > 4 files changed, 57 insertions(+), 34 deletions(-) >
Reviewed-by: Gary Guo <[email protected]> > > base-commit: cea7b66a80412e2a5b74627b89ae25f1d0110a4b > -- > 2.34.1
