vkr: limit the ring buffer size

It cannot exceed UINT32_MAX because the ring head and tail are 32-bit. util_is_power_of_two also truncates to 32-bit. Signed-off-by: Chia-I Wu <olvaffe@gmail.com> Reviewed-by: Ryan Neph <ryanneph@google.com> Reviewed-by: Yiwei Zhang <zzyiwei@chromium.org>
3 years ago · 94a9cbe4ef
parent 75a64ef28f
commit 94a9cbe4ef
2 changed files with 7 additions and 2 deletions
--- a/src/venus/vkr_ring.h
+++ b/src/venus/vkr_ring.h
@ -8,6 +8,9 @@

 #include "vkr_common.h"

+/* this must not exceed UINT32_MAX because the ring head and tail are 32-bit */
+#define VKR_RING_BUFFER_MAX_SIZE UINT32_MAX
+
 /* The layout of a ring in a virgl_resource.  This is parsed and discarded by
 * vkr_ring_create.
 */
--- a/src/venus/vkr_transport.c
+++ b/src/venus/vkr_transport.c
@ -221,8 +221,10 @@ vkr_ring_layout_init(struct vkr_ring_layout *layout,
   }

   const size_t buf_size = vkr_region_size(&layout->buffer);
-   if (!buf_size || !util_is_power_of_two(buf_size)) {
-      vkr_log("ring buffer size (%lu) must be a power of two", buf_size);
+   if (!buf_size || buf_size > VKR_RING_BUFFER_MAX_SIZE ||
+       !util_is_power_of_two(buf_size)) {
+      vkr_log("ring buffer size (%lu) must be a power of two and not exceed %lu",
+              buf_size, VKR_RING_BUFFER_MAX_SIZE);
      return false;
   }