| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <f7562b7e-0a1c-46ea-aa72-236ada533558@oracle.com>
Date: Fri, 27 Oct 2023 22:48:45 +0530
From: Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
To: Tvrtko Ursulin <tvrtko.ursulin@...ux.intel.com>,
Andrzej Hajda <andrzej.hajda@...el.com>,
Jani Nikula <jani.nikula@...ux.intel.com>,
Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>,
Rodrigo Vivi <rodrigo.vivi@...el.com>,
David Airlie <airlied@...il.com>,
Daniel Vetter <daniel@...ll.ch>,
Umesh Nerlige Ramappa <umesh.nerlige.ramappa@...el.com>,
Lionel Landwerlin <lionel.g.landwerlin@...el.com>,
Matt Roper <matthew.d.roper@...el.com>,
intel-gfx@...ts.freedesktop.org, dri-devel@...ts.freedesktop.org,
linux-kernel@...r.kernel.org
Cc: dan.carpenter@...aro.org, kernel-janitors@...r.kernel.org,
error27@...il.com
Subject: Re: [PATCH] i915/perf: Fix NULL deref bugs with drm_dbg() calls
Hi Tvrtko,
On 27/10/23 8:17 pm, Tvrtko Ursulin wrote:
>
> On 27/10/2023 15:11, Andrzej Hajda wrote:
>> On 27.10.2023 16:07, Harshit Mogalapalli wrote:
>>> When i915 perf interface is not available dereferencing it will lead to
>>> NULL dereferences.
>>>
>>> Fix this by using DRM_DEBUG() which the scenario before the commit in
>>> the Fixes tag.
>>>
>>> Fixes: 2fec539112e8 ("i915/perf: Replace DRM_DEBUG with driver
>>> specific drm_dbg call")
>>> Signed-off-by: Harshit Mogalapalli <harshit.m.mogalapalli@...cle.com>
>>
>>
>> Reviewed-by: Andrzej Hajda <andrzej.hajda@...el.com>
>
> Please hold off merging.
>
>>> ---
>>> This is found using smatch(static analysis tool), only compile tested.
>>> ---
>>> drivers/gpu/drm/i915/i915_perf.c | 9 +++------
>>> 1 file changed, 3 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/drivers/gpu/drm/i915/i915_perf.c
>>> b/drivers/gpu/drm/i915/i915_perf.c
>>> index 2f3ecd7d4804..bb48c96b7950 100644
>>> --- a/drivers/gpu/drm/i915/i915_perf.c
>>> +++ b/drivers/gpu/drm/i915/i915_perf.c
>>> @@ -4228,8 +4228,7 @@ int i915_perf_open_ioctl(struct drm_device
>>> *dev, void *data,
>>> int ret;
>>> if (!perf->i915) {
>>> - drm_dbg(&perf->i915->drm,
>>> - "i915 perf interface not available for this system\n");
>>> + DRM_DEBUG("i915 perf interface not available for this
>>> system\n");
>
> What's that struct drm_device *dev function argument a few lines up? :)
>
> Although TBH all these these could just be removed since I doubt they
> are adding any value and ENOTSUPP is pretty clear.
>
Thanks for checking. I will remove the dbg() calls and send a V2.
Regards,
Harshit
> Regards,
>
> Tvrtko
>
>>> return -ENOTSUPP;
>>> }
>>> @@ -4608,8 +4607,7 @@ int i915_perf_add_config_ioctl(struct
>>> drm_device *dev, void *data,
>>> int err, id;
>>> if (!perf->i915) {
>>> - drm_dbg(&perf->i915->drm,
>>> - "i915 perf interface not available for this system\n");
>>> + DRM_DEBUG("i915 perf interface not available for this
>>> system\n");
>>> return -ENOTSUPP;
>>> }
>>> @@ -4774,8 +4772,7 @@ int i915_perf_remove_config_ioctl(struct
>>> drm_device *dev, void *data,
>>> int ret;
>>> if (!perf->i915) {
>>> - drm_dbg(&perf->i915->drm,
>>> - "i915 perf interface not available for this system\n");
>>> + DRM_DEBUG("i915 perf interface not available for this
>>> system\n");
>>> return -ENOTSUPP;
>>> }
>>
Powered by blists - more mailing lists