• Chris Wilson's avatar
    drm: Pad drm_mode_get_connector to 64-bit boundary · 465282b3
    Chris Wilson authored
    commit bc5bd37c upstream.
    
    Pavel Roskin reported that DRM_IOCTL_MODE_GETCONNECTOR was overwritting
    the 4 bytes beyond the end of its structure with a 32-bit userspace
    running on a 64-bit kernel. This is due to the padding gcc inserts as
    the drm_mode_get_connector struct includes a u64 and its size is not a
    natural multiple of u64s.
    
    64-bit kernel:
    
    sizeof(drm_mode_get_connector)=80, alignof=8
    sizeof(drm_mode_get_encoder)=20, alignof=4
    sizeof(drm_mode_modeinfo)=68, alignof=4
    
    32-bit userspace:
    
    sizeof(drm_mode_get_connector)=76, alignof=4
    sizeof(drm_mode_get_encoder)=20, alignof=4
    sizeof(drm_mode_modeinfo)=68, alignof=4
    
    Fortuituously we can insert explicit padding to the tail of our
    structures without breaking ABI.
    Reported-by: default avatarPavel Roskin <proski@gnu.org>
    Signed-off-by: default avatarChris Wilson <chris@chris-wilson.co.uk>
    Cc: Dave Airlie <airlied@redhat.com>
    Cc: dri-devel@lists.freedesktop.org
    Signed-off-by: default avatarDave Airlie <airlied@redhat.com>
    [bwh: Backported to 3.2: adjust filename]
    Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
    Cc: Weng Meiling <wengmeiling.weng@huawei.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    465282b3
drm_mode.h 11.8 KB