On Tue, Oct 08, 2024 at 02:59:41PM +0300, Yonatan Maman wrote: > From: Yonatan Maman <Ymaman@xxxxxxxxxx> > > This patch series addresses two critical issues in the Nouveau driver > related to device channels, error handling, and sensitive data leaks. > > - Vulnerability in migrate_to_ram: The migrate_to_ram function might > return a dirty HIGH_USER page when a copy push command (FW channel) > fails, potentially exposing sensitive data and posing a security > risk. To mitigate this, the patch ensures the allocation of a non-dirty > (zero) page for the destination, preventing the return of a dirty page > and enhancing driver security in case of failure. > > - Privileged Error in Copy Engine Channel: An error was observed when > the nouveau_dmem_copy_one function is executed, leading to a Host Copy > Engine Privileged error on channel 1. The patch resolves this by > adjusting the Copy Engine channel configuration to permit privileged > push commands, resolving the error. > > Changes since V3: > - Fixed version according to Danilo Krummrich's comments. > > Yonatan Maman (2): > nouveau/dmem: Fix privileged error in copy engine channel > nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error Applied to drm-misc-fixes, thanks!
