On Wed Jan 28, 2026 at 4:59 PM JST, Alexandre Courbot wrote: > On Tue Jan 27, 2026 at 5:23 AM JST, Joel Fernandes wrote: >> Changes from v1 to v2: >> - Added Reviewed-by tags from Zhi >> - Fixed comment formatting nits raised by Dirk/Zhi >> >> This series adds checked arithmetic throughout nova-core's firmware parsing >> code to guard rust code against integer overflow from corrupt firmware. >> >> Without checked arithmetic, firmware could cause integer overflow when >> computing offsets. The danger is not just wrapping to a huge value (which may >> fail validation in other paths), but potentially wrapping to a small >> plausible >> offset that accesses entirely wrong data, causing silent corruption or >> security >> issues. >> >> This series has been rebased on drm-rust-next. If possible, I would like us >> to >> consider merging for the upcoming merge window to avoid future conflicts. >> Tested probing with GPU name printed in dmesg on my GA102 (Ampere). >> >> The git tree with all patches can be found at: >> git://git.kernel.org/pub/scm/linux/kernel/git/jfern/linux.git (tag: >> nova-checked-arith-v2-20260126) >> >> Link to v1: >> https://lore.kernel.org/all/[email protected]/ >> >> Joel Fernandes (5): >> gpu: nova-core: use checked arithmetic in FWSEC firmware parsing >> gpu: nova-core: use checked arithmetic in Booter signature parsing >> gpu: nova-core: use checked arithmetic in frombytes_at helper >> gpu: nova-core: use checked arithmetic in BinFirmware::data >> gpu: nova-core: use checked arithmetic in RISC-V firmware parsing > > Looking good, thanks! I'm staging these into a local branch and will > push as soon as `drm-rust-next` reopens.
Pushed into `drm-rust-next`.
