Am 15.01.21 um 19:46 schrieb Huang Rui:
The buffer is allocated with the size of pointer and copy with the size of
data structure. Then trigger the system memory page fault. Use the
orignal data structure to get the object size.
Fixes: a8e30005b drm/amd/display/dc/core/dc_link: Move some local data
from the stack to the heap
Signed-off-by: Huang Rui <ray.huang@xxxxxxx>
Cc: Lee Jones <lee.jones@xxxxxxxxxx>
---
drivers/gpu/drm/amd/display/dc/core/dc_link.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_link.c b/drivers/gpu/drm/amd/display/dc/core/dc_link.c
index 69573d67056d..73178978ae74 100644
--- a/drivers/gpu/drm/amd/display/dc/core/dc_link.c
+++ b/drivers/gpu/drm/amd/display/dc/core/dc_link.c
@@ -1380,7 +1380,7 @@ static bool dc_link_construct(struct dc_link *link,
DC_LOGGER_INIT(dc_ctx->logger);
- info = kzalloc(sizeof(info), GFP_KERNEL);
+ info = kzalloc(sizeof(struct integrated_info), GFP_KERNEL);
That should probably be sizeof(*info) instead, we usually try to avoid
sizeof(struct ...) in the kernel.
There are some automated scripts in place which will send you a patch to
change it otherwise.
if (!info)
goto create_fail;
@@ -1545,7 +1545,7 @@ static bool dc_link_construct(struct dc_link *link,
}
if (bios->integrated_info)
- memcpy(info, bios->integrated_info, sizeof(*info));
+ memcpy(info, bios->integrated_info, sizeof(struct integrated_info));
This can then also stay as it is.
Apart from that good catch.
Regards,
Christian.
/* Look for channel mapping corresponding to connector and device tag */
for (i = 0; i < MAX_NUMBER_OF_EXT_DISPLAY_PATH; i++) {
_______________________________________________
amd-gfx mailing list
amd-gfx@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/amd-gfx
