lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <abcb4ae1-399c-d3c4-1e80-ade08b391329@collabora.com>
Date:   Mon, 6 Mar 2023 18:55:17 +0300
From:   Dmitry Osipenko <dmitry.osipenko@...labora.com>
To:     Emil Velikov <emil.velikov@...labora.com>
Cc:     Gerd Hoffmann <kraxel@...hat.com>, Rob Clark <robdclark@...il.com>,
        Gurchetan Singh <gurchetansingh@...omium.org>,
        Chia-I Wu <olvaffe@...il.com>,
        Ryan Neph <ryanneph@...omium.org>,
        dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
        Javier Martinez Canillas <javierm@...hat.com>,
        David Airlie <airlied@...hat.com>, kernel@...labora.com,
        virtualization@...ts.linux-foundation.org
Subject: Re: [PATCH v2] drm/virtio: Fix handling CONFIG_DRM_VIRTIO_GPU_KMS
 option

On 3/6/23 18:02, Emil Velikov wrote:
> On 2023/03/06, Dmitry Osipenko wrote:
>> VirtIO-GPU got a new config option for disabling KMS. There were two
>> problems left unnoticed during review when the new option was added:
>>
>> 1. The IS_ENABLED(CONFIG_DRM_VIRTIO_GPU_KMS) check in the code was
>> inverted, hence KMS was disabled when it should be enabled and vice versa.
>>
>> 2. The disabled KMS crashed kernel with a NULL dereference in
>> drm_kms_helper_hotplug_event(), which shall not be invoked with a
>> disabled KMS.
>>
>> Fix the inverted config option check in the code and skip handling the
>> VIRTIO_GPU_EVENT_DISPLAY sent by host when KMS is disabled in guest to fix
>> the crash.
>>
>> Fixes: 72122c69d717 ("drm/virtio: Add option to disable KMS support")
>> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@...labora.com>
>> ---
>>
>> Changelog:
>>
>> v2: - Moved the "has_edid" under the "num_scanouts" condition, like was
>>       suggested by Gerd Hoffmann.
>>
> 
> Hi Dmitry, I think there's more than one piece like that in the driver.
> 
>>  drivers/gpu/drm/virtio/virtgpu_kms.c | 14 ++++++++------
>>  1 file changed, 8 insertions(+), 6 deletions(-)
>>
>> diff --git a/drivers/gpu/drm/virtio/virtgpu_kms.c b/drivers/gpu/drm/virtio/virtgpu_kms.c
>> index 874ad6c2621a..15f2519988e7 100644
>> --- a/drivers/gpu/drm/virtio/virtgpu_kms.c
>> +++ b/drivers/gpu/drm/virtio/virtgpu_kms.c
>> @@ -43,11 +43,13 @@ static void virtio_gpu_config_changed_work_func(struct work_struct *work)
>>  	virtio_cread_le(vgdev->vdev, struct virtio_gpu_config,
>>  			events_read, &events_read);
>>  	if (events_read & VIRTIO_GPU_EVENT_DISPLAY) {
>> -		if (vgdev->has_edid)
>> -			virtio_gpu_cmd_get_edids(vgdev);
>> -		virtio_gpu_cmd_get_display_info(vgdev);
>> -		virtio_gpu_notify(vgdev);
>> -		drm_helper_hpd_irq_event(vgdev->ddev);
>> +		if (vgdev->num_scanouts) {
>> +			if (vgdev->has_edid)
>> +				virtio_gpu_cmd_get_edids(vgdev);
> 
> Worth doing the same thing in virtio_gpu_init()? Aka move the has_edid
> && get_edids within the num_scanouts if block.

Good catch, that could be done for consistency.

-- 
Best regards,
Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ