This is a note to let you know that I've just added the patch titled
drm/nouveau: fix handling empty channel list in ioctl's
to the 3.8-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
drm-nouveau-fix-handling-empty-channel-list-in-ioctl-s.patch
and it can be found in the queue-3.8 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From b43decd2c513ae44a5462a1a4c2622f0fa77c9e0 Mon Sep 17 00:00:00 2001
From: Maarten Lankhorst <maarten.lankhorst@xxxxxxxxxxxxx>
Date: Sun, 24 Mar 2013 15:36:38 +0100
Subject: drm/nouveau: fix handling empty channel list in ioctl's
From: Maarten Lankhorst <maarten.lankhorst@xxxxxxxxxxxxx>
commit b43decd2c513ae44a5462a1a4c2622f0fa77c9e0 upstream.
If there are no channels, chan would never end up being NULL,
and so the null pointer check would fail.
Solve this by initializing chan to NULL, and iterating over temp instead.
Fixes oops when running intel-gpu-tools/tests/kms_flip, which attempts to
do some intel ioctl's on a nouveau device.
Signed-off-by: Maarten Lankhorst <maarten.lankhorst@xxxxxxxxxxxxx>
Signed-off-by: Ben Skeggs <bskeggs@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/gpu/drm/nouveau/nouveau_abi16.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
--- a/drivers/gpu/drm/nouveau/nouveau_abi16.c
+++ b/drivers/gpu/drm/nouveau/nouveau_abi16.c
@@ -386,7 +386,7 @@ nouveau_abi16_ioctl_notifierobj_alloc(AB
struct nouveau_drm *drm = nouveau_drm(dev);
struct nouveau_device *device = nv_device(drm->device);
struct nouveau_abi16 *abi16 = nouveau_abi16_get(file_priv, dev);
- struct nouveau_abi16_chan *chan, *temp;
+ struct nouveau_abi16_chan *chan = NULL, *temp;
struct nouveau_abi16_ntfy *ntfy;
struct nouveau_object *object;
struct nv_dma_class args = {};
@@ -399,10 +399,11 @@ nouveau_abi16_ioctl_notifierobj_alloc(AB
if (unlikely(nv_device(abi16->device)->card_type >= NV_C0))
return nouveau_abi16_put(abi16, -EINVAL);
- list_for_each_entry_safe(chan, temp, &abi16->channels, head) {
- if (chan->chan->handle == (NVDRM_CHAN | info->channel))
+ list_for_each_entry(temp, &abi16->channels, head) {
+ if (temp->chan->handle == (NVDRM_CHAN | info->channel)) {
+ chan = temp;
break;
- chan = NULL;
+ }
}
if (!chan)
@@ -454,17 +455,18 @@ nouveau_abi16_ioctl_gpuobj_free(ABI16_IO
{
struct drm_nouveau_gpuobj_free *fini = data;
struct nouveau_abi16 *abi16 = nouveau_abi16_get(file_priv, dev);
- struct nouveau_abi16_chan *chan, *temp;
+ struct nouveau_abi16_chan *chan = NULL, *temp;
struct nouveau_abi16_ntfy *ntfy;
int ret;
if (unlikely(!abi16))
return -ENOMEM;
- list_for_each_entry_safe(chan, temp, &abi16->channels, head) {
- if (chan->chan->handle == (NVDRM_CHAN | fini->channel))
+ list_for_each_entry(temp, &abi16->channels, head) {
+ if (temp->chan->handle == (NVDRM_CHAN | fini->channel)) {
+ chan = temp;
break;
- chan = NULL;
+ }
}
if (!chan)
Patches currently in stable-queue which might be from maarten.lankhorst@xxxxxxxxxxxxx are
queue-3.8/drm-nouveau-fix-handling-empty-channel-list-in-ioctl-s.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html