[PATCH 2/3] drm/tegra: Correct idr_alloc() minimum id
Mikko Perttunen
cyndis at kapsi.fi
Sun May 14 11:53:46 UTC 2017
On 05/12/2017 10:00 PM, Dmitry Osipenko wrote:
> The start = 0 is invalid and causes weird CDMA channel timeouts, presumably
> some memory misuse/corruption is going on.
What makes you think start = 0 is invalid? I can't see anything pointing
to that in the idr code and there are many users in the kernel passing 0
as start.
>
> Fixes: bdd2f9cd10eb ("drm/tegra: Don't leak kernel pointer to userspace")
> Signed-off-by: Dmitry Osipenko <digetx at gmail.com>
> ---
> drivers/gpu/drm/tegra/drm.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/tegra/drm.c b/drivers/gpu/drm/tegra/drm.c
> index 768750226452..732c8d98044f 100644
> --- a/drivers/gpu/drm/tegra/drm.c
> +++ b/drivers/gpu/drm/tegra/drm.c
> @@ -518,7 +518,7 @@ static int tegra_client_open(struct tegra_drm_file *fpriv,
> if (err < 0)
> return err;
>
> - err = idr_alloc(&fpriv->contexts, context, 0, 0, GFP_KERNEL);
> + err = idr_alloc(&fpriv->contexts, context, 1, 0, GFP_KERNEL);
> if (err < 0) {
> client->ops->close_channel(context);
> return err;
>
More information about the dri-devel
mailing list