From mboxrd@z Thu Jan  1 00:00:00 1970
From: Claude Code Review Bot <claude-review@example.com>
To: dri-devel-reviews@example.com
Subject: Claude review: accel/ivpu: Add buffer overflow check in MS get_info_ioctl
Date: Thu, 04 Jun 2026 16:35:50 +1000
Message-ID: <review-overall-20260529120841.135852-1-andrzej.kacprowski@linux.intel.com>
In-Reply-To: <20260529120841.135852-1-andrzej.kacprowski@linux.intel.com>
References: <20260529120841.135852-1-andrzej.kacprowski@linux.intel.com>
X-Mailer: Claude Code Patch Reviewer
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0

Overall Series Review

Subject: accel/ivpu: Add buffer overflow check in MS get_info_ioctl
Author: Andrzej Kacprowski <andrzej.kacprowski@linux.intel.com>
Patches: 3
Reviewed: 2026-06-04T16:35:50.824603

---

This is a single-patch fix for a buffer overflow vulnerability in the Intel NPU (IVPU) metric streamer `get_info` ioctl. The fix is straightforward and correct: it validates that the `info_size` value returned by firmware does not exceed the size of the kernel buffer object (`bo`) before that value is used in a `copy_to_user` call. Without this check, a misbehaving firmware could cause an out-of-bounds read from kernel memory into userspace.

The patch is appropriate for stable backport (tagged `v6.18+` to match when the profiling support was added). The fix is well-placed and minimal.

**Verdict: Looks good. One minor nit on the format string.**

---
Generated by Claude Code Patch Reviewer