[PATCH] drm/amdkfd: Fix a __user pointer dereference in create_signal_event
Lang Yu
lang.yu at amd.com
Wed Oct 13 07:33:34 UTC 2021
We should not dereference __user pointers directly.
https://yarchive.net/comp/linux/user_pointers.html
Fixes: 482f07775cf5
("drm/amdkfd: Simplify event ID and signal slot management")
Signed-off-by: Lang Yu <lang.yu at amd.com>
---
drivers/gpu/drm/amd/amdkfd/kfd_events.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_events.c b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
index 3eea4edee355..74d3bdcfe341 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_events.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_events.c
@@ -201,7 +201,7 @@ static int create_signal_event(struct file *devkfd,
p->signal_event_count++;
- ev->user_signal_address = &p->signal_page->user_address[ev->event_id];
+ ev->user_signal_address = p->signal_page->user_address + ev->event_id;
pr_debug("Signal event number %zu created with id %d, address %p\n",
p->signal_event_count, ev->event_id,
ev->user_signal_address);
--
2.25.1
More information about the amd-gfx
mailing list