lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 24 Sep 2021 15:55:28 +0200
From:   Maxime Ripard <maxime@...no.tech>
To:     Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
        Thomas Zimmermann <tzimmermann@...e.de>,
        Maxime Ripard <maxime@...no.tech>
Cc:     Daniel Vetter <daniel.vetter@...el.com>,
        David Airlie <airlied@...ux.ie>,
        dri-devel@...ts.freedesktop.org,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        linux-kernel@...r.kernel.org,
        Sudip Mukherjee <sudipm.mukherjee@...il.com>
Subject: [PATCH 0/2] drm/vc4: hdmi: Get rid of encoder->crtc, take 2

Hi,

Following the report from Sudip Mukherjee, the previous version of that patch
got reverted until a fix was found.

While it's not clear yet why we end up in that situation, the culprit is that
the original patch in its ASoC prepare hook was calling the vc4_hdmi_set_n_cts
function that in turned relied on the connector->state->crtc pointer being
non-NULL.

However, no particular caution was being done to make sure that was the case,
eventually leading to a NULL pointer dereference under the "right"
circumstances.

We did however had some checks for the pointers sanity in the original patch,
but they were only enforced when the device was opened, and we were only
checking for the connector->state pointer.

The fix is then two-fold: First, we check that we can actually perform audio
operations in both startup and prepare, since the situation could have changed
between the time the device was opened and the time when we actually start
streaming. Then, the encoder->crtc conversion patch has been changed to check
on connector->state->crtc as well in that sanity check to avoid dereferencing
it if it's NULL.

Let me know what you think,
Maxime

Maxime Ripard (2):
  drm/vc4: hdmi: Check the device state in prepare()
  drm/vc4: hdmi: Remove drm_encoder->crtc usage

 drivers/gpu/drm/vc4/vc4_hdmi.c | 75 ++++++++++++++++++++++++++--------
 1 file changed, 57 insertions(+), 18 deletions(-)

-- 
2.31.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ