Patch "drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table" has been added to the 5.10-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sun, 2 Feb 2025 09:27:02 -0500

This is a note to let you know that I've just added the patch titled

    drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table

to the 5.10-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     drm-amdgpu-fix-potential-null-pointer-dereference-in.patch
and it can be found in the queue-5.10 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 0552f8ac30103417ffa89c88e1bda02f87ce405d
Author: Ivan Stepchenko <sid@xxxxxxxxxx>
Date:   Mon Dec 2 11:00:43 2024 +0300

    drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table
    
    [ Upstream commit 357445e28ff004d7f10967aa93ddb4bffa5c3688 ]
    
    The function atomctrl_get_smc_sclk_range_table() does not check the return
    value of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to
    retrieve SMU_Info table, it returns NULL which is later dereferenced.
    
    Found by Linux Verification Center (linuxtesting.org) with SVACE.
    
    In practice this should never happen as this code only gets called
    on polaris chips and the vbios data table will always be present on
    those chips.
    
    Fixes: a23eefa2f461 ("drm/amd/powerplay: enable dpm for baffin.")
    Signed-off-by: Ivan Stepchenko <sid@xxxxxxxxxx>
    Signed-off-by: Alex Deucher <alexander.deucher@xxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c b/drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c
index 165af862d0542..04dbd9f89a45d 100644
--- a/drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c
+++ b/drivers/gpu/drm/amd/pm/powerplay/hwmgr/ppatomctrl.c
@@ -1370,6 +1370,8 @@ int atomctrl_get_smc_sclk_range_table(struct pp_hwmgr *hwmgr, struct pp_atom_ctr
 			GetIndexIntoMasterTable(DATA, SMU_Info),
 			&size, &frev, &crev);
 
+	if (!psmu_info)
+		return -EINVAL;
 
 	for (i = 0; i < psmu_info->ucSclkEntryNum; i++) {
 		table->entry[i].ucVco_setting = psmu_info->asSclkFcwRangeEntry[i].ucVco_setting;







