Patch "drm/radeon: fix possible segfault when parsing pm tables" has been added to the 3.8-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    drm/radeon: fix possible segfault when parsing pm tables

to the 3.8-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     drm-radeon-fix-possible-segfault-when-parsing-pm-tables.patch
and it can be found in the queue-3.8 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From f8e6bfc2ce162855fa4f9822a45659f4b542c960 Mon Sep 17 00:00:00 2001
From: Alex Deucher <alexander.deucher@xxxxxxx>
Date: Thu, 25 Apr 2013 09:29:17 -0400
Subject: drm/radeon: fix possible segfault when parsing pm tables

From: Alex Deucher <alexander.deucher@xxxxxxx>

commit f8e6bfc2ce162855fa4f9822a45659f4b542c960 upstream.

If we have a empty power table, bail early and allocate
the default power state.

Should fix:
https://bugs.freedesktop.org/show_bug.cgi?id=63865

Signed-off-by: Alex Deucher <alexander.deucher@xxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 drivers/gpu/drm/radeon/radeon_atombios.c |   10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

--- a/drivers/gpu/drm/radeon/radeon_atombios.c
+++ b/drivers/gpu/drm/radeon/radeon_atombios.c
@@ -2028,6 +2028,8 @@ static int radeon_atombios_parse_power_t
 	num_modes = power_info->info.ucNumOfPowerModeEntries;
 	if (num_modes > ATOM_MAX_NUMBEROF_POWER_BLOCK)
 		num_modes = ATOM_MAX_NUMBEROF_POWER_BLOCK;
+	if (num_modes == 0)
+		return state_index;
 	rdev->pm.power_state = kzalloc(sizeof(struct radeon_power_state) * num_modes, GFP_KERNEL);
 	if (!rdev->pm.power_state)
 		return state_index;
@@ -2432,6 +2434,8 @@ static int radeon_atombios_parse_power_t
 	power_info = (union power_info *)(mode_info->atom_context->bios + data_offset);
 
 	radeon_atombios_add_pplib_thermal_controller(rdev, &power_info->pplib.sThermalController);
+	if (power_info->pplib.ucNumStates == 0)
+		return state_index;
 	rdev->pm.power_state = kzalloc(sizeof(struct radeon_power_state) *
 				       power_info->pplib.ucNumStates, GFP_KERNEL);
 	if (!rdev->pm.power_state)
@@ -2530,6 +2534,8 @@ static int radeon_atombios_parse_power_t
 	non_clock_info_array = (struct _NonClockInfoArray *)
 		(mode_info->atom_context->bios + data_offset +
 		 le16_to_cpu(power_info->pplib.usNonClockInfoArrayOffset));
+	if (state_array->ucNumEntries == 0)
+		return state_index;
 	rdev->pm.power_state = kzalloc(sizeof(struct radeon_power_state) *
 				       state_array->ucNumEntries, GFP_KERNEL);
 	if (!rdev->pm.power_state)
@@ -2620,7 +2626,9 @@ void radeon_atombios_get_power_modes(str
 		default:
 			break;
 		}
-	} else {
+	}
+
+	if (state_index == 0) {
 		rdev->pm.power_state = kzalloc(sizeof(struct radeon_power_state), GFP_KERNEL);
 		if (rdev->pm.power_state) {
 			rdev->pm.power_state[0].clock_info =


Patches currently in stable-queue which might be from alexander.deucher@xxxxxxx are

queue-3.8/drm-radeon-fix-typo-in-rv515_mc_resume.patch
queue-3.8/drm-radeon-fix-possible-segfault-when-parsing-pm-tables.patch
queue-3.8/drm-radeon-disable-the-crtcs-in-mc_stop-r5xx-r7xx-v2.patch
queue-3.8/drm-radeon-fix-handling-of-v6-power-tables.patch
queue-3.8/drm-radeon-update-wait_for_vblank-for-evergreen.patch
queue-3.8/drm-radeon-fix-endian-bugs-in-atom_allocate_fb_scratch.patch
queue-3.8/drm-radeon-add-some-new-si-pci-ids.patch
queue-3.8/drm-radeon-dce6-add-missing-display-reg-for-tiling-setup.patch
queue-3.8/drm-radeon-fix-hdmi-mode-enable-on-rs600-rs690-rs740.patch
queue-3.8/drm-radeon-always-flush-the-vm.patch
queue-3.8/drm-radeon-don-t-use-get_engine_clock-on-apus.patch
queue-3.8/drm-radeon-add-new-richland-pci-ids.patch
queue-3.8/drm-radeon-update-wait_for_vblank-for-r5xx-r7xx.patch
queue-3.8/drm-radeon-properly-lock-disp-in-mc_stop-resume-for-r5xx-r7xx.patch
queue-3.8/drm-radeon-update-wait_for_vblank-for-r1xx-r4xx.patch
queue-3.8/drm-radeon-disable-the-crtcs-in-mc_stop-evergreen-v2.patch
queue-3.8/drm-radeon-use-frac-fb-div-on-rs780-rs880.patch
queue-3.8/drm-radeon-cleanup-properly-if-mmio-mapping-fails.patch
queue-3.8/drm-radeon-evergreen-don-t-enable-hpd-interrupts-on-edp-lvds.patch
queue-3.8/drm-radeon-fix-typo-in-si_select_se_sh.patch
queue-3.8/drm-radeon-properly-lock-disp-in-mc_stop-resume-for-evergreen.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]