lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250827081231.1878248-1-honglei1.huang@amd.com>
Date: Wed, 27 Aug 2025 16:12:31 +0800
From: Honglei Huang <honglei1.huang@....com>
To: David Airlie <airlied@...hat.com>, Gerd Hoffmann <kraxel@...hat.com>,
	Dmitry Osipenko <dmitry.osipenko@...labora.com>, Maarten Lankhorst
	<maarten.lankhorst@...ux.intel.com>, Maxime Ripard <mripard@...nel.org>,
	Thomas Zimmermann <tzimmermann@...e.de>, Simona Vetter <simona@...ll.ch>
CC: Gurchetan Singh <gurchetansingh@...omium.org>, Chia-I Wu
	<olvaffe@...il.com>, <dri-devel@...ts.freedesktop.org>,
	<virtualization@...ts.linux.dev>, <linux-kernel@...r.kernel.org>, "Honglei
 Huang" <Honglei1.Huang@....com>
Subject: [PATCH] drm/virtio: fix host visible memory detection in virtio-gpu

From: Honglei Huang <Honglei1.Huang@....com>

Commit 206cc44588f7 ("virtio: reject shm region if length is zero")
enhanced the validation in virtio_get_shm_region() by adding a check
for a zero-length shared memory region.

It is performed before the underlying transport's .get_shm_region()
implementation is called. This creates an issue in the virtio-gpu
driver, where the `region` struct is part of a larger structure
that is zero-initialized by drmm_kzalloc().

Consequently, the `len` field is 0 at the time of the check, causing
virtio_get_shm_region() to return false prematurely. This prevents the
host visible memory feature from being enabled, even when the device
supports it.

To resolve this, this patch bypasses the inline helper and calls the
underlying vdev->config->get_shm_region() function pointer directly.
This ensures that the region's parameters are checked only after they
have been populated by the transport, aligning with the intended logic.

Signed-off-by: Honglei Huang <Honglei1.Huang@....com>
---
 drivers/gpu/drm/virtio/virtgpu_kms.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/drivers/gpu/drm/virtio/virtgpu_kms.c b/drivers/gpu/drm/virtio/virtgpu_kms.c
index 7dfb2006c561..ed5981248302 100644
--- a/drivers/gpu/drm/virtio/virtgpu_kms.c
+++ b/drivers/gpu/drm/virtio/virtgpu_kms.c
@@ -174,8 +174,10 @@ int virtio_gpu_init(struct virtio_device *vdev, struct drm_device *dev)
 	if (virtio_has_feature(vgdev->vdev, VIRTIO_GPU_F_RESOURCE_BLOB)) {
 		vgdev->has_resource_blob = true;
 	}
-	if (virtio_get_shm_region(vgdev->vdev, &vgdev->host_visible_region,
-				  VIRTIO_GPU_SHM_ID_HOST_VISIBLE)) {
+	if (vgdev->vdev->config->get_shm_region &&
+	    vgdev->vdev->config->get_shm_region(
+		    vgdev->vdev, &vgdev->host_visible_region,
+		    VIRTIO_GPU_SHM_ID_HOST_VISIBLE)) {
 		if (!devm_request_mem_region(&vgdev->vdev->dev,
 					     vgdev->host_visible_region.addr,
 					     vgdev->host_visible_region.len,
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ