[PATCH] drm/i915/gt: Delete sysfs entries for engines on driver unload
Krzysztof Niemiec
krzysztof.niemiec at intel.com
Thu Aug 1 15:40:48 UTC 2024
While the sysfs entries for engines are added in intel_engines_init()
during driver load, the corresponding function intel_engines_release()
does not correctly get rid of them. This can lead to a UAF if, after
failed initialization (for example when gt is set wedged on init), we
try to access the engines.
Empty the engines llist in intel_engines_release().
Suggested-by: Chris Wilson <chris.p.wilson at linux.intel.com>
Signed-off-by: Krzysztof Niemiec <krzysztof.niemiec at intel.com>
---
drivers/gpu/drm/i915/gt/intel_engine_cs.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/gpu/drm/i915/gt/intel_engine_cs.c b/drivers/gpu/drm/i915/gt/intel_engine_cs.c
index 3b740ca25000..4d30a86016f2 100644
--- a/drivers/gpu/drm/i915/gt/intel_engine_cs.c
+++ b/drivers/gpu/drm/i915/gt/intel_engine_cs.c
@@ -693,6 +693,8 @@ void intel_engines_release(struct intel_gt *gt)
memset(&engine->reset, 0, sizeof(engine->reset));
}
+
+ llist_del_all(>->i915->uabi_engines_llist);
}
void intel_engine_free_request_pool(struct intel_engine_cs *engine)
--
2.45.2
More information about the Intel-gfx
mailing list