[AMD Official Use Only - AMD Internal Distribution Only]
Hi Tim,
-----Original Message-----
From: Huang, Tim <Tim.Huang@xxxxxxx>
Sent: Tuesday, May 21, 2024 2:12 PM
To: Zhang, Jesse(Jie) <Jesse.Zhang@xxxxxxx>; amd-gfx@xxxxxxxxxxxxxxxxxxxxx
Cc: Deucher, Alexander <Alexander.Deucher@xxxxxxx>; Koenig, Christian <Christian.Koenig@xxxxxxx>; Zhang, Jesse(Jie) <Jesse.Zhang@xxxxxxx>; Zhang, Jesse(Jie) <Jesse.Zhang@xxxxxxx>
Subject: RE: [PATCH 4/4] drm/admgpu: fix dereferencing null pointer context
[AMD Official Use Only - AMD Internal Distribution Only]
Hi Jesse,
> -----Original Message-----
> From: amd-gfx <amd-gfx-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of
> Jesse Zhang
> Sent: Tuesday, May 21, 2024 11:26 AM
> To: amd-gfx@xxxxxxxxxxxxxxxxxxxxx
> Cc: Deucher, Alexander <Alexander.Deucher@xxxxxxx>; Koenig, Christian
> <Christian.Koenig@xxxxxxx>; Huang, Tim <Tim.Huang@xxxxxxx>; Zhang,
> Jesse(Jie) <Jesse.Zhang@xxxxxxx>; Zhang, Jesse(Jie)
> <Jesse.Zhang@xxxxxxx>
> Subject: [PATCH 4/4] drm/admgpu: fix dereferencing null pointer
> context
>
> When user space sets an invalid ta type, the pointer context will be empty.
> So it need to check the pointer context before using it
>
> Signed-off-by: Jesse Zhang <Jesse.Zhang@xxxxxxx>
> ---
> drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> b/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> index ca5c86e5f7cd..ac1f423dd28f 100644
> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_psp_ta.c
> @@ -334,7 +334,7 @@ static ssize_t ta_if_invoke_debugfs_write(struct
> file *fp, const char *buf, size
>
> set_ta_context_funcs(psp, ta_type, &context);
>
> - if (!context->initialized) {
> + if (context && !context->initialized) {
This can help to avoid using the empty pointer context but still needs to handle the context == NULL case and return an error.
[Zhang, Jesse(Jie)] Yes, Thanks, I will update the patch.
Thanks
Jesse
Tim
> dev_err(adev->dev, "TA is not initialized\n");
> ret = -EINVAL;
> goto err_free_shared_buf;
> --
> 2.25.1
