[PATCH v2 0/5] gpu: nova-core: use checked arithmetic for firmware parsing robustness
Alexandre Courbot
acourbot at nvidia.com
Tue Jan 27 23:59:44 PST 2026
On Tue Jan 27, 2026 at 5:23 AM JST, Joel Fernandes wrote:
> Changes from v1 to v2:
> - Added Reviewed-by tags from Zhi
> - Fixed comment formatting nits raised by Dirk/Zhi
>
> This series adds checked arithmetic throughout nova-core's firmware parsing
> code to guard rust code against integer overflow from corrupt firmware.
>
> Without checked arithmetic, firmware could cause integer overflow when
> computing offsets. The danger is not just wrapping to a huge value (which may
> fail validation in other paths), but potentially wrapping to a small plausible
> offset that accesses entirely wrong data, causing silent corruption or security
> issues.
>
> This series has been rebased on drm-rust-next. If possible, I would like us to
> consider merging for the upcoming merge window to avoid future conflicts.
> Tested probing with GPU name printed in dmesg on my GA102 (Ampere).
>
> The git tree with all patches can be found at:
> git://git.kernel.org/pub/scm/linux/kernel/git/jfern/linux.git (tag: nova-checked-arith-v2-20260126)
>
> Link to v1: https://lore.kernel.org/all/20260124231830.3088323-1-joelagnelf@nvidia.com/
>
> Joel Fernandes (5):
> gpu: nova-core: use checked arithmetic in FWSEC firmware parsing
> gpu: nova-core: use checked arithmetic in Booter signature parsing
> gpu: nova-core: use checked arithmetic in frombytes_at helper
> gpu: nova-core: use checked arithmetic in BinFirmware::data
> gpu: nova-core: use checked arithmetic in RISC-V firmware parsing
Looking good, thanks! I'm staging these into a local branch and will
push as soon as `drm-rust-next` reopens.
More information about the linux-riscv
mailing list