Module Name: xsrc
Committed By: rin
Date: Tue Jul 23 12:01:53 UTC 2019
Modified Files:
xsrc/external/mit/xf86-video-wsfb/dist/src: wsfb_driver.c
Log Message:
Correctly support the case of fbi->fbi_fboffset != 0, which means base
address of framebuffer is not page-aligned:
- When mmap framebuffer, fbi->fbi_fboffset is added to the length of
framebuffer. Otherwise, the last page of framebuffer is not mapped
properly if (size of framebuffer) <= (page boundary) < (size of
framebuffer + fbi->fbi_fboffset), since length of mapped area is
counted from page-truncated address. This results in memory
corruption in the upper adjacent page, or SEGV.
- Use fPtr->fbstart (real base address of framebuffer) instead of
fPtr->fbmem (return value of mmap, i.e., page-aligned base address)
where appropriate.
Tested on genfb(4) on Cubietruck, where fbi->fbi_fboffset = 4096.
No functional changes for majority of framebuffer drivers, whose base
address is page-aligned.
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 \
xsrc/external/mit/xf86-video-wsfb/dist/src/wsfb_driver.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: xsrc/external/mit/xf86-video-wsfb/dist/src/wsfb_driver.c
diff -u xsrc/external/mit/xf86-video-wsfb/dist/src/wsfb_driver.c:1.34 xsrc/external/mit/xf86-video-wsfb/dist/src/wsfb_driver.c:1.35
--- xsrc/external/mit/xf86-video-wsfb/dist/src/wsfb_driver.c:1.34 Tue Jul 23 11:40:29 2019
+++ xsrc/external/mit/xf86-video-wsfb/dist/src/wsfb_driver.c Tue Jul 23 12:01:53 2019
@@ -505,10 +505,21 @@ WsfbPreInit(ScrnInfoPtr pScrn, int flags
}
fbi->fbi_flags = 0;
fbi->fbi_fbsize = lb * info.height;
- fbi->fbi_fboffset = 0;
-
+#ifdef WSDISPLAY_TYPE_LUNA
+ if (wstype == WSDISPLAY_TYPE_LUNA) {
+ /*
+ * XXX
+ * LUNA's FB seems to have 64 dot (8 byte) offset.
+ * This might be able to be changed in kernel
+ * lunafb driver, but current setting was pulled
+ * from 4.4BSD-Lite2/luna68k.
+ */
+ fbi->fbi_fboffset = 8;
+ } else
+#endif
+ fbi->fbi_fboffset = 0;
}
- xf86Msg(X_INFO, "fboffset %x\n", fPtr->fbi.fbi_fboffset);
+ xf86Msg(X_INFO, "fboffset %x\n", (int)fPtr->fbi.fbi_fboffset);
/*
* Allocate room for saving the colormap.
*/
@@ -927,7 +938,7 @@ WsfbScreenInit(SCREEN_INIT_ARGS_DECL)
return FALSE;
}
len = max(len, fPtr->fbi.fbi_fbsize);
- fPtr->fbmem = wsfb_mmap(len, 0, fPtr->fd);
+ fPtr->fbmem = wsfb_mmap(len + fPtr->fbi.fbi_fboffset, 0, fPtr->fd);
if (fPtr->fbmem == NULL) {
xf86DrvMsg(pScrn->scrnIndex, X_ERROR,
@@ -966,17 +977,6 @@ WsfbScreenInit(SCREEN_INIT_ARGS_DECL)
}
fPtr->fbstart = fPtr->fbmem + fPtr->fbi.fbi_fboffset;
-#ifdef WSDISPLAY_TYPE_LUNA
- if (wstype == WSDISPLAY_TYPE_LUNA) {
- /*
- * XXX
- * LUNA's FB seems to have 64 dot (8 byte) offset.
- * This might be able to be changed in kernel lunafb driver,
- * but current setting was pulled from 4.4BSD-Lite2/luna68k.
- */
- fPtr->fbstart += 8;
- }
-#endif
if (fPtr->shadowFB) {
fPtr->shadow = calloc(1, fPtr->fbi.fbi_stride * pScrn->virtualY);
@@ -1163,7 +1163,7 @@ WsfbCloseScreen(CLOSE_SCREEN_ARGS_DECL)
if (pScrn->vtSema) {
WsfbRestore(pScrn);
- if (munmap(fPtr->fbmem, fPtr->fbmem_len) == -1) {
+ if (munmap(fPtr->fbmem, fPtr->fbmem_len + fPtr->fbi.fbi_fboffset) == -1) {
xf86DrvMsg(pScrn->scrnIndex, X_ERROR,
"munmap: %s\n", strerror(errno));
}
@@ -1203,7 +1203,7 @@ WsfbWindowLinear(ScreenPtr pScreen, CARD
return NULL;
fPtr->fbi.fbi_stride = *size;
}
- return ((CARD8 *)fPtr->fbmem + row * fPtr->fbi.fbi_stride + offset);
+ return ((CARD8 *)fPtr->fbstart + row * fPtr->fbi.fbi_stride + offset);
}
static void
@@ -1448,7 +1448,7 @@ WsfbRestore(ScrnInfoPtr pScrn)
}
/* Clear the screen. */
- memset(fPtr->fbmem, 0, fPtr->fbmem_len);
+ memset(fPtr->fbstart, 0, fPtr->fbmem_len);
/* Restore the text mode. */
mode = WSDISPLAYIO_MODE_EMUL;
