On Fri, May 30, 2025 at 10:38:24AM -0700, Nicolin Chen wrote: > On Fri, May 30, 2025 at 01:14:55PM -0300, Jason Gunthorpe wrote: > > On Sat, May 17, 2025 at 08:21:31PM -0700, Nicolin Chen wrote: > > > + offset = > > > + cmd->nesting_parent_iova - PAGE_ALIGN(cmd->nesting_parent_iova); > > > + max_npages = DIV_ROUND_UP(offset + cmd->length, PAGE_SIZE); > > > > This should probably be capped to PAGE_SIZE/sizeof(void *), return > > EINVAL if not > > Hmm, mind elaborating where this PAGE_SIZE/sizeof comes from?
We can usually allocate up to a PAGE_SIZE without too much trouble. Beyond that it gets more likely to fail. > > > + hw_queue->viommu = viommu; > > > + refcount_inc(&viommu->obj.users); > > > + hw_queue->length = cmd->length; > > > + hw_queue->base_addr = cmd->nesting_parent_iova; > > > > When the driver is running, which can be a source of bugs. > > Hmm, I don't quite follow the "bugs" here. Any example? Like if the driver thinks that hw_queue->length should be valid during init, it turns out it isn't. Jason
