On Fri, 15 Jan 2021, Christian König wrote: > Am 15.01.21 um 19:46 schrieb Huang Rui: > > The buffer is allocated with the size of pointer and copy with the size of > > data structure. Then trigger the system memory page fault. Use the > > orignal data structure to get the object size. > > > > Fixes: a8e30005b drm/amd/display/dc/core/dc_link: Move some local data > > from the stack to the heap > > > > Signed-off-by: Huang Rui <ray.huang@xxxxxxx> > > Cc: Lee Jones <lee.jones@xxxxxxxxxx> > > --- > > drivers/gpu/drm/amd/display/dc/core/dc_link.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_link.c b/drivers/gpu/drm/amd/display/dc/core/dc_link.c > > index 69573d67056d..73178978ae74 100644 > > --- a/drivers/gpu/drm/amd/display/dc/core/dc_link.c > > +++ b/drivers/gpu/drm/amd/display/dc/core/dc_link.c > > @@ -1380,7 +1380,7 @@ static bool dc_link_construct(struct dc_link *link, > > DC_LOGGER_INIT(dc_ctx->logger); > > - info = kzalloc(sizeof(info), GFP_KERNEL); > > + info = kzalloc(sizeof(struct integrated_info), GFP_KERNEL); > > That should probably be sizeof(*info) instead, we usually try to avoid > sizeof(struct ...) in the kernel. > > There are some automated scripts in place which will send you a patch to > change it otherwise. > > > if (!info) > > goto create_fail; > > @@ -1545,7 +1545,7 @@ static bool dc_link_construct(struct dc_link *link, > > } > > if (bios->integrated_info) > > - memcpy(info, bios->integrated_info, sizeof(*info)); > > + memcpy(info, bios->integrated_info, sizeof(struct integrated_info)); > > This can then also stay as it is. > > Apart from that good catch. Yes, agreed. Sorry for the fuss. -- Lee Jones [李琼斯] Senior Technical Lead - Developer Services Linaro.org │ Open source software for Arm SoCs Follow Linaro: Facebook | Twitter | Blog _______________________________________________ amd-gfx mailing list amd-gfx@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/amd-gfx
