| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <abcb4ae1-399c-d3c4-1e80-ade08b391329@collabora.com>
Date: Mon, 6 Mar 2023 18:55:17 +0300
From: Dmitry Osipenko <dmitry.osipenko@...labora.com>
To: Emil Velikov <emil.velikov@...labora.com>
Cc: Gerd Hoffmann <kraxel@...hat.com>, Rob Clark <robdclark@...il.com>,
Gurchetan Singh <gurchetansingh@...omium.org>,
Chia-I Wu <olvaffe@...il.com>,
Ryan Neph <ryanneph@...omium.org>,
dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org,
Javier Martinez Canillas <javierm@...hat.com>,
David Airlie <airlied@...hat.com>, kernel@...labora.com,
virtualization@...ts.linux-foundation.org
Subject: Re: [PATCH v2] drm/virtio: Fix handling CONFIG_DRM_VIRTIO_GPU_KMS
option
On 3/6/23 18:02, Emil Velikov wrote:
> On 2023/03/06, Dmitry Osipenko wrote:
>> VirtIO-GPU got a new config option for disabling KMS. There were two
>> problems left unnoticed during review when the new option was added:
>>
>> 1. The IS_ENABLED(CONFIG_DRM_VIRTIO_GPU_KMS) check in the code was
>> inverted, hence KMS was disabled when it should be enabled and vice versa.
>>
>> 2. The disabled KMS crashed kernel with a NULL dereference in
>> drm_kms_helper_hotplug_event(), which shall not be invoked with a
>> disabled KMS.
>>
>> Fix the inverted config option check in the code and skip handling the
>> VIRTIO_GPU_EVENT_DISPLAY sent by host when KMS is disabled in guest to fix
>> the crash.
>>
>> Fixes: 72122c69d717 ("drm/virtio: Add option to disable KMS support")
>> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@...labora.com>
>> ---
>>
>> Changelog:
>>
>> v2: - Moved the "has_edid" under the "num_scanouts" condition, like was
>> suggested by Gerd Hoffmann.
>>
>
> Hi Dmitry, I think there's more than one piece like that in the driver.
>
>> drivers/gpu/drm/virtio/virtgpu_kms.c | 14 ++++++++------
>> 1 file changed, 8 insertions(+), 6 deletions(-)
>>
>> diff --git a/drivers/gpu/drm/virtio/virtgpu_kms.c b/drivers/gpu/drm/virtio/virtgpu_kms.c
>> index 874ad6c2621a..15f2519988e7 100644
>> --- a/drivers/gpu/drm/virtio/virtgpu_kms.c
>> +++ b/drivers/gpu/drm/virtio/virtgpu_kms.c
>> @@ -43,11 +43,13 @@ static void virtio_gpu_config_changed_work_func(struct work_struct *work)
>> virtio_cread_le(vgdev->vdev, struct virtio_gpu_config,
>> events_read, &events_read);
>> if (events_read & VIRTIO_GPU_EVENT_DISPLAY) {
>> - if (vgdev->has_edid)
>> - virtio_gpu_cmd_get_edids(vgdev);
>> - virtio_gpu_cmd_get_display_info(vgdev);
>> - virtio_gpu_notify(vgdev);
>> - drm_helper_hpd_irq_event(vgdev->ddev);
>> + if (vgdev->num_scanouts) {
>> + if (vgdev->has_edid)
>> + virtio_gpu_cmd_get_edids(vgdev);
>
> Worth doing the same thing in virtio_gpu_init()? Aka move the has_edid
> && get_edids within the num_scanouts if block.
Good catch, that could be done for consistency.
--
Best regards,
Dmitry
Powered by blists - more mailing lists