[PATCH v3 0/2] drm/tests: Fix for UAF and a test for drm_exec lock alloc tracking warning
Thomas Hellström
thomas.hellstrom at linux.intel.com
Thu Sep 7 14:47:52 UTC 2023
Hi,
On 9/7/23 16:37, Christian König wrote:
> Am 07.09.23 um 15:53 schrieb Thomas Hellström:
>> While trying to replicate a weird drm_exec lock alloc tracking warning
>> using the drm_exec kunit test, the warning was shadowed by a UAF warning
>> from KASAN due to a bug in the drm kunit helpers.
>>
>> Patch 1 fixes that drm kunit UAF.
>> Patch 2 introduces a drm_exec kunit subtest that fails if the conditions
>> for the weird warning are met.
>>
>> The series previously also had a patch with a drm_exec workaround for
>> the
>> warning but that patch has already been commited to drm_misc_next_fixes.
>
> Thinking more about this what happens when somebody calls
> drm_exec_unlock_obj() on the first locked object?
>
Essentially the same thing. I've been thinking of the best way to handle
that, but not sure what's the best one.
/Thomas
> Christian.
>
>>
>> v2:
>> - Rewording of commit messages
>> - Add some commit message tags
>> v3:
>> - Remove an already committed patch
>> - Rework the test to not require dmesg inspection (Maxime Ripard)
>> - Condition the test on CONFIG_LOCK_ALLOC
>> - Update code comments and commit messages (Maxime Ripard)
>>
>> Cc: Maxime Ripard <mripard at kernel.org>
>> Cc: Christian König <christian.koenig at amd.com>
>>
>> Thomas Hellström (2):
>> drm/tests: helpers: Avoid a driver uaf
>> drm/tests/drm_exec: Add a test for object freeing within
>> drm_exec_fini()
>>
>> drivers/gpu/drm/tests/drm_exec_test.c | 82 +++++++++++++++++++++++++++
>> include/drm/drm_kunit_helpers.h | 4 +-
>> 2 files changed, 85 insertions(+), 1 deletion(-)
>>
>
More information about the dri-devel
mailing list