On Mon, 24 Mar 2025, Jani Nikula <jani.nik...@linux.intel.com> wrote:
> On Mon, 24 Mar 2025, Nicolas Chauvet <kwiz...@gmail.com> wrote:
>> Enlarge the signature field to accept the string termination.
>>
>> Cc: sta...@vger.kernel.org
>> Fixes: 93615d59912 ("Revert drm/i915/gvt: Fix out-of-bounds buffer write
>> into opregion->signature[]")
>> Signed-off-by: Nicolas Chauvet <kwiz...@gmail.com>
>
> Nope, can't do that. The packed struct is used for parsing data in
> memory.
Okay, so I mixed this up with display/intel_opregion.c. So it's not used
for parsing here... but it's used for generating the data in memory, and
we can't change the layout or contents.
Regardless, we can't do either patch 2 or patch 3.
BR,
Jani.
>
> BR,
> Jani.
>
>
>> ---
>> drivers/gpu/drm/i915/gvt/opregion.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/gpu/drm/i915/gvt/opregion.c
>> b/drivers/gpu/drm/i915/gvt/opregion.c
>> index 9a8ead6039e2..0f11cd6ba383 100644
>> --- a/drivers/gpu/drm/i915/gvt/opregion.c
>> +++ b/drivers/gpu/drm/i915/gvt/opregion.c
>> @@ -43,7 +43,7 @@
>> #define DEVICE_TYPE_EFP4 0x10
>>
>> struct opregion_header {
>> - u8 signature[16];
>> + u8 signature[32];
>> u32 size;
>> u32 opregion_ver;
>> u8 bios_ver[32];
--
Jani Nikula, Intel
