[PATCH] drm/virtio: Fix NULL dereference error in virtio_gpu_poll

Christian Zigotzky chzigotzky at xenosoft.de
Fri Nov 5 18:05:22 UTC 2021


On 04 November 2021 at 10:42 pm, Vivek Kasireddy wrote:

 > When virgl is not enabled, vfpriv pointer would not be allocated.
 > Therefore, check for a valid value before dereferencing.
 >
 > Reported-by: Christian Zigotzky <chzigotzky at xenosoft.de>
 > Cc: Gurchetan Singh <gurchetansingh at chromium.org>
 > Cc: Gerd Hoffmann <kraxel at redhat.com>
 > Signed-off-by: Vivek Kasireddy <vivek.kasireddy at intel.com>
 > ---
 >  drivers/gpu/drm/virtio/virtgpu_drv.c | 3 ++-
 >  1 file changed, 2 insertions(+), 1 deletion(-)
 >
 > diff --git a/drivers/gpu/drm/virtio/virtgpu_drv.c 
b/drivers/gpu/drm/virtio/virtgpu_drv.c
 > index 749db18dcfa2..d86e1ad4a972 100644
 > --- a/drivers/gpu/drm/virtio/virtgpu_drv.c
 > +++ b/drivers/gpu/drm/virtio/virtgpu_drv.c
 > @@ -163,10 +163,11 @@ static __poll_t virtio_gpu_poll(struct file *filp,
 >      struct drm_file *drm_file = filp->private_data;
 >      struct virtio_gpu_fpriv *vfpriv = drm_file->driver_priv;
 >      struct drm_device *dev = drm_file->minor->dev;
 > +    struct virtio_gpu_device *vgdev = dev->dev_private;
 >      struct drm_pending_event *e = NULL;
 >      __poll_t mask = 0;
 >
 > -    if (!vfpriv->ring_idx_mask)
 > +    if (!vgdev->has_virgl_3d || !vfpriv || !vfpriv->ring_idx_mask)
 >          return drm_poll(filp, wait);
 >
 >      poll_wait(filp, &drm_file->event_wait, wait);

Tested-by: Christian Zigotzky <chzigotzky at xenosoft.de> [1]

[1] https://i.ibb.co/N1vL5Kd/Kernel-5-16-alpha3-Power-PC.png


More information about the dri-devel mailing list