Re: [PATCH 5.10 16/19] drm/virtio: Correct drm_gem_shmem_get_sg_table() error handling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 3/2/23 19:52, Harshit Mogalapalli wrote:
> Hi,
> 
> On 01/03/23 11:38 pm, Greg Kroah-Hartman wrote:
>> From: Dmitry Osipenko <dmitry.osipenko@xxxxxxxxxxxxx>
>>
>> commit 64b88afbd92fbf434759d1896a7cf705e1c00e79 upstream.
>>
>> Previous commit fixed checking of the ERR_PTR value returned by
>> drm_gem_shmem_get_sg_table(), but it missed to zero out the shmem->pages,
>> which will crash virtio_gpu_cleanup_object(). Add the missing zeroing of
>> the shmem->pages.
>>
>> Fixes: c24968734abf ("drm/virtio: Fix NULL vs IS_ERR checking in
>> virtio_gpu_object_shmem_init")
>> Reviewed-by: Emil Velikov <emil.l.velikov@xxxxxxxxx>
>> Signed-off-by: Dmitry Osipenko <dmitry.osipenko@xxxxxxxxxxxxx>
>> Link:
>> https://urldefense.com/v3/__http://patchwork.freedesktop.org/patch/msgid/20220630200726.1884320-2-dmitry.osipenko@collabora.com__;!!ACWV5N9M2RV99hQ!KAxF_UJ7x6SleCxrpYd8Huyt4Zj4e08fd9IUL6fl1Wneipk6_LKBnYuqQ2LK0bnvWHC6dxungVXptuvz5-4QQ2zjcq_JT1ub$
>> Signed-off-by: Gerd Hoffmann <kraxel@xxxxxxxxxx>
>> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>> Signed-off-by: Ovidiu Panait <ovidiu.panait@xxxxxxxxxxxxx>
>> ---
>>   drivers/gpu/drm/virtio/virtgpu_object.c |    1 +
>>   1 file changed, 1 insertion(+)
>>
>> --- a/drivers/gpu/drm/virtio/virtgpu_object.c
>> +++ b/drivers/gpu/drm/virtio/virtgpu_object.c
>> @@ -159,6 +159,7 @@ static int virtio_gpu_object_shmem_init(
>>       shmem->pages = drm_gem_shmem_get_sg_table(&bo->base.base);
>>       if (IS_ERR(shmem->pages)) {
>>           drm_gem_shmem_unpin(&bo->base.base);
>> +        shmem->pages = NULL;
>>           return PTR_ERR(shmem->pages);
>>       }
> 
> While doing static analysis with smatch on LTS-rc series I found this bug.
> 
> PTR_ERR(NULL) is 1/success, so we are returning success in this case,
> which looks wrong.
> 
> Only 5.10.y and 5.15.y are effected. Upstream commit b5c9ed70d1a9
> ("drm/virtio: Improve DMA API usage for shmem BOs")
> deleted this code, is present in linux-6.1.y and
> linux-6.2.y, so this problem is not in 6.1.y and 6.2.y stable releases.
> 
> I have prepared a patch for fixing this, will send it out.

Thanks, that's a good catch!

-- 
Best regards,
Dmitry
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux