drm/vmwgfx: Limit the user-space command buffer size

author Thomas Hellstrom <thellstrom@vmware.com>

Mon, 10 Oct 2016 17:51:24 +0000 (10:51 -0700)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Mon, 31 Oct 2016 10:13:58 +0000 (04:13 -0600)
author Thomas Hellstrom <thellstrom@vmware.com>
Mon, 10 Oct 2016 17:51:24 +0000 (10:51 -0700)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 31 Oct 2016 10:13:58 +0000 (04:13 -0600)
diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c b/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c

index 4948c15298369cf4dc907b9aa07b2496441656dc..ecf15cf0c3fd49e0dbb83a16411901dd0e586281 100644 (file)
--- a/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c
+++ b/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c
@@ -3830,14 +3830,14 @@ static void *vmw_execbuf_cmdbuf(struct vmw_private *dev_priv,
         int ret;
  
         *header = NULL;
-       if (!dev_priv->cman || kernel_commands)
-               return kernel_commands;
-
         if (command_size > SVGA_CB_MAX_SIZE) {
                 DRM_ERROR("Command buffer is too large.\n");
                 return ERR_PTR(-EINVAL);
         }
  
+       if (!dev_priv->cman || kernel_commands)
+               return kernel_commands;
+
         /* If possible, add a little space for fencing. */
         cmdbuf_size = command_size + 512;
         cmdbuf_size = min_t(size_t, cmdbuf_size, SVGA_CB_MAX_SIZE);
author	Thomas Hellstrom <thellstrom@vmware.com>
	Mon, 10 Oct 2016 17:51:24 +0000 (10:51 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 31 Oct 2016 10:13:58 +0000 (04:13 -0600)