Received: by 10.213.65.68 with SMTP id h4csp51537imn; Wed, 21 Mar 2018 12:08:31 -0700 (PDT) X-Google-Smtp-Source: AG47ELsa7mRJE7m1jjVHHIMewc+UDHy//8aHRtgUytDbV8wzSkDEGQz9pZS1w+D2flmp3k5i0QN3 X-Received: by 2002:a17:902:4003:: with SMTP id b3-v6mr17103672pld.15.1521659311739; Wed, 21 Mar 2018 12:08:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521659311; cv=none; d=google.com; s=arc-20160816; b=JhUT1JzBd9mhT3eDkDg7WbJHxEvCqHn1YmSUtqceU5NPNFCK8Ao1ytX5UN1KwKI/Pp ykpGjrPkk32AmzwNNVRUthe+/e6VYErMCSaytIqCImj9D9ZUwy6W/7dFfu0oY/oo0Glo d1zjHrUCLrmlB4KxRM+HVJognScYsUwrAnoXqVSqMKH5VbR172SduaILn0E6zvD/fWPj kdU7sYtzgGvWZ1ytmtPzHBK2UvYEtxjFZKE4CFN1gUb31KR5Tj3dbYJ9zFHFoKhmHjpY Qzk1XifznVIEYVl5UaBnUAvXMpcESCoDudRVPmvxh+51p8DqJ7qaLLvtt3p5jwniD+Ib GDlw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:arc-authentication-results; bh=w4eyXfZAHNCYZ6CaFMdVDnQDvdste5u9t1NsSmfc02E=; b=Jn2kQ6SH/hO5JrIwhwUezg4sNedyEml64efNJqR26kHPeEOUQSs9gpGcyXBlRFZ95s R1IwOLk2daz1cgUnNvJRdMZs3bfCZ5YkneIxkD/Vgwt/xVdP5D3qWxI8qAPYMg6IY/3s XXAVpS/zNtkAocoFzHnRgM6XChdks30qXKeMYiwnCUwqSJ2x89D2UYYoCN9Yt7iLxiYj xLgB6KY8ro5HyoD7OHqI/F9xy4celThb1zjSoYOGfvZxsO/in8zyMYELXLntLP0IowWt PKjv1PHSu3W1JqE/ND2ynrTWnVyBp641ynMpL+8U6jrOF9v2A6qXojilt2jF5Pzpnksh LqhA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j9si3457782pfh.200.2018.03.21.12.08.15; Wed, 21 Mar 2018 12:08:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752835AbeCUTHC (ORCPT + 99 others); Wed, 21 Mar 2018 15:07:02 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:54549 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752637AbeCUTHA (ORCPT ); Wed, 21 Mar 2018 15:07:00 -0400 Received: from 1.general.cking.uk.vpn ([10.172.193.212] helo=localhost) by youngberry.canonical.com with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1eyj4X-0001j8-Qh; Wed, 21 Mar 2018 19:06:53 +0000 From: Colin King To: Zhenyu Wang , Zhi Wang , Jani Nikula , Joonas Lahtinen , Rodrigo Vivi , David Airlie , intel-gvt-dev@lists.freedesktop.org, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org Cc: kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] drm/i915/gvt: don't dereference 'workload' before null checking it Date: Wed, 21 Mar 2018 19:06:53 +0000 Message-Id: <20180321190653.3829-1-colin.king@canonical.com> X-Mailer: git-send-email 2.15.1 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Colin Ian King The pointer workload is dereferenced before it is null checked, hence there is a potential for a null pointer dereference on workload. Fix this by only dereferencing workload after it is null checked. Detected by CoverityScan, CID#1466017 ("Dereference before null check") Fixes: fa3dd623e559 ("drm/i915/gvt: keep oa config in shadow ctx") Signed-off-by: Colin Ian King --- drivers/gpu/drm/i915/gvt/scheduler.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/i915/gvt/scheduler.c b/drivers/gpu/drm/i915/gvt/scheduler.c index 068126404151..f3010e365a48 100644 --- a/drivers/gpu/drm/i915/gvt/scheduler.c +++ b/drivers/gpu/drm/i915/gvt/scheduler.c @@ -60,9 +60,9 @@ static void set_context_pdp_root_pointer( static void sr_oa_regs(struct intel_vgpu_workload *workload, u32 *reg_state, bool save) { - struct drm_i915_private *dev_priv = workload->vgpu->gvt->dev_priv; - u32 ctx_oactxctrl = dev_priv->perf.oa.ctx_oactxctrl_offset; - u32 ctx_flexeu0 = dev_priv->perf.oa.ctx_flexeu0_offset; + struct drm_i915_private *dev_priv; + u32 ctx_oactxctrl; + u32 ctx_flexeu0; int i = 0; u32 flex_mmio[] = { i915_mmio_reg_offset(EU_PERF_CNTL0), @@ -77,6 +77,10 @@ static void sr_oa_regs(struct intel_vgpu_workload *workload, if (!workload || !reg_state || workload->ring_id != RCS) return; + dev_priv = workload->vgpu->gvt->dev_priv; + ctx_oactxctrl = dev_priv->perf.oa.ctx_oactxctrl_offset; + ctx_flexeu0 = dev_priv->perf.oa.ctx_flexeu0_offset; + if (save) { workload->oactxctrl = reg_state[ctx_oactxctrl + 1]; -- 2.15.1