Re: [PATCH] drm/msm: Fix NULL deref in adreno_load_gpu

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 12/15/2017 09:03 PM, Jordan Crouse wrote:
On Thu, Dec 14, 2017 at 11:11:50AM +0530, Archit Taneja wrote:
The msm/kms driver should work even if there is no GPU device specified
in DT. Currently, we get a NULL dereference crash in adreno_load_gpu
since the driver assumes that priv->gpu_pdev is non-NULL.

Perform an additional check on priv->gpu_pdev before trying to retrieve
the msm_gpu pointer from it.

Fixes: eec874ce5ff1 (drm/msm/adreno: load gpu at probe/bind time)

Signed-off-by: Archit Taneja <architt@xxxxxxxxxxxxxx>
---
  drivers/gpu/drm/msm/adreno/adreno_device.c | 11 +++++++++--
  1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/drivers/gpu/drm/msm/adreno/adreno_device.c b/drivers/gpu/drm/msm/adreno/adreno_device.c
index 05022ea2a007..ac60cf3c794e 100644
--- a/drivers/gpu/drm/msm/adreno/adreno_device.c
+++ b/drivers/gpu/drm/msm/adreno/adreno_device.c
@@ -124,10 +124,17 @@ const struct adreno_info *adreno_info(struct adreno_rev rev)
  struct msm_gpu *adreno_load_gpu(struct drm_device *dev)
  {
  	struct msm_drm_private *priv = dev->dev_private;
-	struct platform_device *pdev = priv->gpu_pdev;
-	struct msm_gpu *gpu = platform_get_drvdata(priv->gpu_pdev);
+	struct platform_device *pdev;
+	struct msm_gpu *gpu;
  	int ret;
+ pdev = priv->gpu_pdev;
+	if (!pdev) {
+		dev_dbg(dev->dev, "no adreno platform device found\n");
+		return NULL;
+	}
+
+	gpu = platform_get_drvdata(pdev);
  	if (!gpu) {
  		dev_err(dev->dev, "no adreno device\n");
  		return NULL;

Obviously correct fix but I can't help but think that we should share the same
error message, so something like:

struct msm_gpu *gpu = NULL;

..

if (priv->gpu_pdev)
    gpu = platform_get_drvdata(priv->gpu_pdev);

if (!gpu) {
	dev_err(dev->dev, "No GPU device was was found\n");
  	return NULL;
}

(also, I can't help but think maybe that dev_err should be a ONCE so you don't
get a nasty message every time you open the file descriptor).

This approach looks better. I'll re-spin.

Thanks,
Archit


Jordan


--
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project
--
To unsubscribe from this list: send the line "unsubscribe linux-arm-msm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [Linux for Sparc]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux