drm/i915/gem: Disallow creating contexts with too many engines

There's no sense in allowing userspace to create more engines than it
can possibly access via execbuf.

Signed-off-by: Jason Ekstrand <jason@jlekstrand.net>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: https://patchwork.freedesktop.org/patch/msgid/20210708154835.528166-13-jason@jlekstrand.net

diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.c b/drivers/gpu/drm/i915/gem/i915_gem_context.c
index 5eca91d..0ba8506 100644 (file)
--- a/drivers/gpu/drm/i915/gem/i915_gem_context.c
+++ b/drivers/gpu/drm/i915/gem/i915_gem_context.c
@@ -1639,11 +1639,11 @@ set_engines(struct i915_gem_context *ctx,
                return -EINVAL;
        }
 
-       /*
-        * Note that I915_EXEC_RING_MASK limits execbuf to only using the
-        * first 64 engines defined here.
-        */
        num_engines = (args->size - sizeof(*user)) / sizeof(*user->engines);
+       /* RING_MASK has no shift so we can use it directly here */
+       if (num_engines > I915_EXEC_RING_MASK + 1)
+               return -EINVAL;
+
        set.engines = alloc_engines(num_engines);
        if (!set.engines)
                return -ENOMEM;