[PATCH] drm: use atomic helper function to get crtc_state of crtc

Michel Dänzer michel at daenzer.net
Tue Jun 19 14:58:01 UTC 2018


Hi Mikita,


thanks for sending this out. I have to defer review of the actual change
to others more familiar with this code, but I have some feedback for the
commit log.


On 2018-06-19 04:45 PM, mikita.lipski at amd.com wrote:
> From: Mikita Lipski <mikita.lipski at amd.com>
> 
> Use drm_atomic_get_crtc_state to get the crtc state in case
> it has been previously freed, that might prevent use-after-free issue.
> 
> This patch fixes the bugzilla bug:
> Bug 199425 - BUG: KASAN: use-after-free in drm_atomic_helper_wait_for_flip_done+0x247/0x260

Bug reports are referenced like this:

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199425


Also, as the issue exists since at least 4.17, this should have

Cc: stable at vger.kernel.org

in order for the fix to be backported to stable branches.


-- 
Earthling Michel Dänzer               |               http://www.amd.com
Libre software enthusiast             |             Mesa and X developer


More information about the dri-devel mailing list