[PATCH RESEND] drm: fix crash in drm_minor_alloc_release
Stanislaw Gruszka
stanislaw.gruszka at linux.intel.com
Mon Nov 7 15:40:41 UTC 2022
On Mon, Nov 07, 2022 at 05:10:48PM +0200, Ville Syrjälä wrote:
> On Mon, Nov 07, 2022 at 03:45:00PM +0100, Stanislaw Gruszka wrote:
> > index 8214a0b1ab7f..e3a1243dd2ae 100644
> > --- a/drivers/gpu/drm/drm_drv.c
> > +++ b/drivers/gpu/drm/drm_drv.c
> > @@ -102,7 +102,8 @@ static void drm_minor_alloc_release(struct drm_device *dev, void *data)
> >
> > WARN_ON(dev != minor->dev);
> >
> > - put_device(minor->kdev);
> > + if (!IS_ERR(minor->kdev))
> > + put_device(minor->kdev);
>
> Assigning error pointers into things is a terrible idea.
> IMO the correct fix would be to not return some
> half-constructed garbage from drm_minor_alloc().
> So basically should at least partically revert
> commit f96306f9892b ("drm: manage drm_minor cleanup with drmm_")
I would prefer to not change any ordering or remove drmm_* stuff, since
as pointed to above commit message, things are tricky there.
I think assigning NULL to minor->kdev should be fine:
if (IS_ERR(minor->kdev)) {
r = PTR_ERR(minor->kdev);
minor->kdev = NULL;
return r;
}
put_device() in drm_minor_alloc_release() will cope nicely with it.
Regards
Stanislaw
More information about the dri-devel
mailing list