[PATCH 4/4] drm/admgpu: fix dereferencing null pointer context

Zhang, Jesse(Jie) Jesse.Zhang at amd.com
Tue May 21 06:27:46 UTC 2024


[AMD Official Use Only - AMD Internal Distribution Only]

Hi Tim,

-----Original Message-----
From: Huang, Tim <Tim.Huang at amd.com>
Sent: Tuesday, May 21, 2024 2:12 PM
To: Zhang, Jesse(Jie) <Jesse.Zhang at amd.com>; amd-gfx at lists.freedesktop.org
Cc: Deucher, Alexander <Alexander.Deucher at amd.com>; Koenig, Christian <Christian.Koenig at amd.com>; Zhang, Jesse(Jie) <Jesse.Zhang at amd.com>; Zhang, Jesse(Jie) <Jesse.Zhang at amd.com>
Subject: RE: [PATCH 4/4] drm/admgpu: fix dereferencing null pointer context

[AMD Official Use Only - AMD Internal Distribution Only]

Hi Jesse,

> -----Original Message-----
> From: amd-gfx <amd-gfx-bounces at lists.freedesktop.org> On Behalf Of
> Jesse Zhang
> Sent: Tuesday, May 21, 2024 11:26 AM
> To: amd-gfx at lists.freedesktop.org
> Cc: Deucher, Alexander <Alexander.Deucher at amd.com>; Koenig, Christian
> <Christian.Koenig at amd.com>; Huang, Tim <Tim.Huang at amd.com>; Zhang,
> Jesse(Jie) <Jesse.Zhang at amd.com>; Zhang, Jesse(Jie)
> <Jesse.Zhang at amd.com>
> Subject: [PATCH 4/4] drm/admgpu: fix dereferencing null pointer
> context
>
> When user space sets an invalid ta type, the pointer context will be empty.
> So it need to check the pointer context before using it
>
> Signed-off-by: Jesse Zhang <Jesse.Zhang at amd.com>
> ---
>  drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> b/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> index ca5c86e5f7cd..ac1f423dd28f 100644
> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> @@ -334,7 +334,7 @@ static ssize_t ta_if_invoke_debugfs_write(struct
> file *fp, const char *buf, size
>
>       set_ta_context_funcs(psp, ta_type, &context);
>
> -     if (!context->initialized) {
> +     if (context && !context->initialized) {
This can help to avoid using the empty pointer context but still needs to handle the context == NULL case and return an error.
[Zhang, Jesse(Jie)] Yes, Thanks, I will update the patch.
Thanks
Jesse

Tim
>               dev_err(adev->dev, "TA is not initialized\n");
>               ret = -EINVAL;
>               goto err_free_shared_buf;
> --
> 2.25.1




More information about the amd-gfx mailing list