6.13-stable review patch. If anyone has any objections, please let me know.
------------------
From: Karol Przybylski <karprzy7@xxxxxxxxx>
commit 67a615c5cb6dc33ed35492dc0d67e496cbe8de68 upstream.
This patch fixes a potential integer overflow in the zynqmp_dp_rate_get()
The issue comes up when the expression
drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000 is evaluated using 32-bit
Now the constant is a compatible 64-bit type.
Resolves coverity issues: CID 1636340 and CID 1635811
Cc: stable@xxxxxxxxxxxxxxx
Fixes: 28edaacb821c ("drm: zynqmp_dp: Add debugfs interface for compliance testing")
Signed-off-by: Karol Przybylski <karprzy7@xxxxxxxxx>
Reviewed-by: Laurent Pinchart <laurent.pinchart@xxxxxxxxxxxxxxxx>
Link: https://lore.kernel.org/stable/20241212095057.1015146-1-karprzy7%40gmail.com
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@xxxxxxxxxxxxxxxx>
Link: https://patchwork.freedesktop.org/patch/msgid/20241215125355.938953-1-karprzy7@xxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/gpu/drm/xlnx/zynqmp_dp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/xlnx/zynqmp_dp.c b/drivers/gpu/drm/xlnx/zynqmp_dp.c
index 25c5dc61ee88..56a261a40ea3 100644
--- a/drivers/gpu/drm/xlnx/zynqmp_dp.c
+++ b/drivers/gpu/drm/xlnx/zynqmp_dp.c
@@ -2190,7 +2190,7 @@ static int zynqmp_dp_rate_get(void *data, u64 *val)
struct zynqmp_dp *dp = data;
mutex_lock(&dp->lock);
- *val = drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000;
+ *val = drm_dp_bw_code_to_link_rate(dp->test.bw_code) * 10000ULL;
mutex_unlock(&dp->lock);
return 0;
}
--
2.48.1
