[PATCH] drm/amdkfd: Fix NULL Pointer Dereference in KFD queue
Andrew Martin
Andrew.Martin at amd.com
Fri Feb 28 16:39:49 UTC 2025
Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence
when calling kfd_queue_acquire_buffers.
Signed-off-by: Andrew Martin <Andrew.Martin at amd.com>
---
drivers/gpu/drm/amd/amdkfd/kfd_queue.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_queue.c b/drivers/gpu/drm/amd/amdkfd/kfd_queue.c
index 62c635e9d1aa..dc2cdc48e28d 100644
--- a/drivers/gpu/drm/amd/amdkfd/kfd_queue.c
+++ b/drivers/gpu/drm/amd/amdkfd/kfd_queue.c
@@ -277,7 +277,7 @@ int kfd_queue_acquire_buffers(struct kfd_process_device *pdd, struct queue_prope
if (properties->eop_ring_buffer_address) {
if (properties->eop_ring_buffer_size != topo_dev->node_props.eop_buffer_size) {
pr_debug("queue eop bo size 0x%lx not equal to node eop buf size 0x%x\n",
- properties->eop_buf_bo->tbo.base.size,
+ properties->eop_ring_buffer_size,
topo_dev->node_props.eop_buffer_size);
err = -EINVAL;
goto out_err_unreserve;
--
2.43.0
More information about the amd-gfx
mailing list