Received: by 2002:a05:6358:111d:b0:dc:6189:e246 with SMTP id f29csp3754402rwi; Wed, 2 Nov 2022 02:43:35 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4JmbhRcAA04W0BKd++2GCKXXB8bD1tBSGkGsuigXZX9C+CcnCmM005T1KeD/zxSsy3BLP5 X-Received: by 2002:a05:6a00:1a4d:b0:563:a7c4:f521 with SMTP id h13-20020a056a001a4d00b00563a7c4f521mr24523743pfv.61.1667382215398; Wed, 02 Nov 2022 02:43:35 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1667382215; cv=pass; d=google.com; s=arc-20160816; b=cOvd4gyYYsBjbj2j+jx5gbUXPWamU8WPyGtJ3d41lqas7o1LT1hzNlsL4162WTlXsS ivhoCPFGBtjMaVYGsS7Gcyl89h2eoKJ0KVxbEL4U7i4bN0WbOhnkNwBDs0BxjF5d2ThZ 2EhvzM96jxLhhpRN/4HRB/g8+9dDY94XmTlZc8mYjZknh1o9fthmz7VsbhAiD02m8vGI JnvT1dngb3CXmHLS5Rh4YZu7lhznV25bjAhdMsbDcUBUm1gRdKEpwN5JITqo/cn+ejJq SobubK+51jSHKXsOERRjlELBnuORaXlVEOcX+jWnNNajQCBEIPaq8nz2Wp5xUWWaMQeD +UGQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :in-reply-to:from:references:cc:to:content-language:subject :user-agent:date:message-id:dkim-signature; bh=RBFvPXmURwrYxJkpC0LsejKrJQGCaBlUu4mF/f4nN1M=; b=pAwQe1fWZXMLAiK30eeGkkN9yisTyl+SNB1c6bzsXksYKcejWhpAphIhDz1JVWuREm zRjfEau/K5620pIf7cIg8DcwQHJcvZu11AENLb0R+ZQZW4jDgnyLOltX3ANJniTCPgKU 0L9hijOnkm7zs4jJL5APTKbBNvpL3ahF9SHqua+IUlaykDm0eYf4EQ7S4oaILAcCRgtN NGo5BdByDYZoyVEBZE6rWZYHmQuavadQh2aqY3sCYkk6ojRxWxirN9NzJXX5sYlA0+CJ K0X7GUjnPV10LqtRBPKFBmwuM6w6TTQeBmRKoK/74++ro4k89tnZJ5qhIdTD1AWk4CH5 yaAQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ZKHjIY46; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o11-20020a63f14b000000b0046ea4ef43ffsi15346721pgk.375.2022.11.02.02.43.23; Wed, 02 Nov 2022 02:43:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amd.com header.s=selector1 header.b=ZKHjIY46; arc=pass (i=1 spf=pass spfdomain=amd.com dkim=pass dkdomain=amd.com dmarc=pass fromdomain=amd.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amd.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231424AbiKBJTU (ORCPT + 97 others); Wed, 2 Nov 2022 05:19:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53124 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231414AbiKBJTC (ORCPT ); Wed, 2 Nov 2022 05:19:02 -0400 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on20613.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe59::613]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 75CFB28E28 for ; Wed, 2 Nov 2022 02:16:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UkyfLc3S/VzaljH7nVAtSQuZvCQh2y/hfYH8lCb3scGP2MEoiqyGTzzAXpFxxD3kkNvjPN75ZGZI9gzC3jE5dn40J/d8FzPGqBDO5XnT3eMf6W34h8QmkpyMJdKHrYHcnIT6DPQbsDok5U8PwiF7eL+MfgsLq4RR9gbLhmiWXWbaEkvmDts3vrgoFkNPJSUWdDGiMM05gXQu6vJqem5WwvjF0xI2i1JusyXkTe1lTJk3pwe8ubxFba1zS0UxvSUEE1PB3VhECd83cEpFT41PRsBcXQH2VhvXfczP/At2oZLRUu0va/UKBNPzPEYhx/IqhfIHQXJxERSN45pusuOX1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RBFvPXmURwrYxJkpC0LsejKrJQGCaBlUu4mF/f4nN1M=; b=QbcDWbKjS5KZziC7zGtgFqHhKoYYsbPWKYN8scV1H4xLonV6UZZhnlII5he8fkXqo++76XiCY7pZO1SxcXgItFoYkr3Tnx9W2MCvdAyssXiSrGwTnGO6LNxbhpHXDXuYu0H++gGx0R9ekpi+q5gKm80vaskp+sWEkNXZ3qf9O9v+onZY7tq3vcLpUbhd+rQfga+zrT7iUdtCjgyjjiF7CTadyegI+K6LO/oggArQoXBeBuFyUl10wb+/TO/NZ7w0eWD+U2mYfdbg//m7znE+mArrg0jkKdywP/JJN/2q48EKcQ9lE7OgA7DRIeYoxy/nbhp4/3HlDgHX6LpVH7XMSg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=RBFvPXmURwrYxJkpC0LsejKrJQGCaBlUu4mF/f4nN1M=; b=ZKHjIY46tyO6Ly2ZhlIAANnAP6M5uUJu0nimQ2rdDsJe/74IGO7O6ctJCIyX9yg+6KX8kawRokJ7EBNiPN1Z91bNwCp8hwJ6jLpmXFBhbHzBAWz2r4wZmwvNhrKBU6YfvsxDbB5yuDUKOMn5/sjrO0/xtIMt1xhbrb+RXZ01tO4= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; Received: from BN8PR12MB3587.namprd12.prod.outlook.com (2603:10b6:408:43::13) by DS0PR12MB7777.namprd12.prod.outlook.com (2603:10b6:8:153::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5769.21; Wed, 2 Nov 2022 09:16:03 +0000 Received: from BN8PR12MB3587.namprd12.prod.outlook.com ([fe80::7d43:3f30:4caf:7421]) by BN8PR12MB3587.namprd12.prod.outlook.com ([fe80::7d43:3f30:4caf:7421%7]) with mapi id 15.20.5791.020; Wed, 2 Nov 2022 09:16:02 +0000 Message-ID: <68dd2e87-c4d6-99de-22bf-5059d03c22bb@amd.com> Date: Wed, 2 Nov 2022 10:15:56 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Subject: Re: [PATCH v2 2/2] drm/client: Prevent NULL dereference in drm_client_buffer_delete() Content-Language: en-US To: Dmitry Osipenko , Maarten Lankhorst , Maxime Ripard , Sumit Semwal , Thomas Zimmermann , David Airlie , Daniel Vetter , noralf@tronnes.org, Dan Carpenter Cc: dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org References: <20221030154412.8320-1-dmitry.osipenko@collabora.com> <20221030154412.8320-3-dmitry.osipenko@collabora.com> From: =?UTF-8?Q?Christian_K=c3=b6nig?= In-Reply-To: <20221030154412.8320-3-dmitry.osipenko@collabora.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-ClientProxiedBy: AS9PR06CA0351.eurprd06.prod.outlook.com (2603:10a6:20b:466::17) To BN8PR12MB3587.namprd12.prod.outlook.com (2603:10b6:408:43::13) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN8PR12MB3587:EE_|DS0PR12MB7777:EE_ X-MS-Office365-Filtering-Correlation-Id: 6178a1fa-0a82-44d3-ce54-08dabcb2dd08 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: x4H6vTV1cY3a4lyL4OCfUp7HEauQw+yi7JnzIo0K+YKrLAHJE3HO6xeXa6G0c9V2jnKXYwtTbenjlKx6oteze6T2/zp98fbsceUQmuaU4gioligLvpfA4laHSqRGS3XC2G2UguXZCP0ETvxs+4Fmt9pa8mVxQ58Wd7LV3iZEV1rB/oOBKVpHs6DNLTgOLE74K09YaSeqhzowxxYtK9vo8uuhCXnCbMPIj8JldQLv+9RWpUYJeLP+PY1QoxTnbwyYwyXBY026LpacDTrbNqYWD5cxK+8EAyOKRoSsnCaSlvs1y2tNwEnQGL3NQGN6FWNxW1q0lx3vqmiNyeySkAA56+oI7jfbcJ7QeSlMv2fG3rM3oOGfDi9t9XSMo0EhQijut3+4NpJDwKYEDORk5A+mv1Ys7/AtFc242cVQ8UVeBiQZ8n0v/oD248AD13qdp/GlCWWy+dlHpH7KXjditw+Qld1c8EYX1BYwL4dZVQ3fKrvh8uvSZ9m8TkjBhIl2s6MM24KsKmJZeQ4uQUBy6q6gC/4Dwo5qv9s8S9Glw0zErd7bioPf5aLYlHAZIMT6e4Cm/p7IxaJfDjfbXE82CAE4wTuOHLy26ic+LhveNunPkXxd7Qe2Hrget8HGV4l4vZRzsiitt+5v8J9STD5dsg1LUzRXBeG5ZWfy9m1t25aGaDNbl15DmIzfNNl6EoIggdCoxa1M77fS5RsixibRDgbFR3aggVDGLvrid0xZTjbTb/JiFGdC/EKa3OcJOCdSnen++zg0HKYRgjx6hnrCjumzFpnPrrOxtealeSAnTCUIEhY7f+KkiTAMHtj0upJacis5A6tIQV4lsM3Q8PijxaSTIw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN8PR12MB3587.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(346002)(136003)(396003)(366004)(39860400002)(376002)(451199015)(478600001)(8676002)(66556008)(4326008)(66946007)(7416002)(2906002)(5660300002)(66476007)(316002)(8936002)(41300700001)(83380400001)(110136005)(31696002)(6666004)(6506007)(86362001)(66574015)(6512007)(186003)(2616005)(31686004)(38100700002)(6486002)(966005)(36756003)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?N2NGNUROUXdSSzhGc2xlRGZCMXhNN1Fudi83eHpTeHJuVTlhWkxnL2krQVEy?= =?utf-8?B?aldEdEtPeTJ3UzVTekNUOEFKbDBPclBGUjhVRi9JYlZjREdRR0ZQYWhPWm92?= =?utf-8?B?Y1plaUtNY05ZWnppZ0ZseUJIYmRIL1ZreDR2bGJWQVBEaGJUQXJmWi8xV24y?= =?utf-8?B?YmpJbFZTNjlJZTVicnlHNjRGN1RlQjZkaVdKVXQ2ZWl3WHVwWjkrZVpobG1T?= =?utf-8?B?bDlnREZib0JlMEZSeDdiTEFHWFk5ZmF2dkhMOEozRDNKV1NBZlV4dll0Y1M4?= =?utf-8?B?NGowMnRuVS9xSnBMRHhZOHpQb2g1M2RCUFdySVBzbWUzbGVPWkRVbnNjQ2dE?= =?utf-8?B?VDZydy9tbGRlbG42MkdCYWFFclBHNFBIdVR1SFJFZnJsR2s0VzQ1Y2s1RzQ2?= =?utf-8?B?SDlCRFg3RUpaZnBleEFHTTJrQTkyaEQxVDJOR2ZyV0J5L0NmbG02bjByNlFJ?= =?utf-8?B?elNKRWo1VDRTa2xXdlRnZUVqRmFzR1lyUzIwZ3VqWUtCUWhDbHFzTEFXa3F3?= =?utf-8?B?Q2Z1d2hCRjZScXVRTFdpZVlVWnhKcXNac0hzNVJWYjNNaWdTamttMHVWSGxp?= =?utf-8?B?d3MzTTRvZEdLTEVJRVNHWGovMnF5TTRYOU41eCtaTGJZQkNEeHhCS1dMU2NN?= =?utf-8?B?Q281WWlRNHBpdWl4d2JkcXBwMis1MlNaaWVURldvVCtibTNDQ3FySFBsQUcv?= =?utf-8?B?WEROWFBMRnBpK1hGaVJvUW92cFdQd0dJdHJ4UWVTUStCcTViekRYbThlMFE5?= =?utf-8?B?U1FmemY3NUlwZy9MbXV4SXcvVS9taUZickRrRVBxR0N3K3hVMm5vNlNNM2hU?= =?utf-8?B?UnpOaTdib0hjbzBmZzBSaFdleS9PQjZ5cTdzR3libWtkZFFhRXpZTEtDMHBT?= =?utf-8?B?eXBoaDdYcndsS3oxek0yQ0VsMCtQaUIvVC9DVzl3LzFhc2M2TThCRDcxQ2lZ?= =?utf-8?B?OHpiSzJSWVpaM3pzR3NMYSs5TFJtdEtpY1ZEeFVHSnVvT0xnaWFRN2N2THpI?= =?utf-8?B?UkVXM092cVY1ZXZmWWxDNjRKbEQ1MEhDRXNlcWRJdlBSVnRwUWR0NU5pa3B3?= =?utf-8?B?OU10R3VMNU1QQmFvRzhIcEdkTWowUzlOYWhLd0Q5UVdNWnVuOFRGU3hUUHlk?= =?utf-8?B?cjVabEFkK00rQ1piSEl3RENBbHJESE8vVks0czFmQllDOVJ2VGtBR2pERzBX?= =?utf-8?B?OFFVK3ZuU05YZU1UYlZxUW1GcWxPcFA4UGhEakQ4Tkpwa0kwQlAvN3BCNitX?= =?utf-8?B?TkV2SnFmZ3FkOEtLTnVpZU14MG50K09QYWVRQXYwMDFDNjJWbThWSUs2dDA5?= =?utf-8?B?Wm5XR3ovWWJiRk9obTBrMmN1bkVQaW9QdWFySDhVTWhYOEhnVGU3WVFOVVk2?= =?utf-8?B?Z3kzdEVxMWhQaEl2VTJ0MlBzQU0xZzVLc0xTWkZMVENHdTJlK3FOY25TdWh4?= =?utf-8?B?QkdWWXUvNjNOMXlsQmc3dUkzc1dNU2lwa2NJd2QrVlpxTE43Uy9YOVpZa25m?= =?utf-8?B?Z0JGVkZCemVuMVdjelVSNE1ndUdRVU8wUXBHZDJWeStEejMwMWJQbEh4elRB?= =?utf-8?B?VTJjcTlVRllzTFNabEo2TERqOVR2R3FZdGljRjBCa3ZVZ2QxbHZpQkJRdk51?= =?utf-8?B?a3RFVmh3MUo2MmpsbE5FejBHcytwSzlJQWh1Zy8rajU4NEhyMm1sa1o3Tkp6?= =?utf-8?B?d1hpYmgxY0xiM1NqK1pxT0dzUUw3ZE5FOWowNU9COU5WOHpGOWV0ZVRTUzZR?= =?utf-8?B?cXRlOURCZGI5bFUybGZ1VEk0Ykd6M1k3K094eEZud2ZLa1R3TDlZeWd4a0l0?= =?utf-8?B?R0E4cXpyVFNtRTBmeEVDVjRmY3pWZWFob2ZhdyszcGNyZUZxZ0R6cWZzNlha?= =?utf-8?B?MHJoZHk1U3ZWdkJyeXl4RVlwUVNDajFiRkdTR0tocms2Rm5IVEpFQkRuYTVu?= =?utf-8?B?N1JwQlFYYkw2bUNuS2g5dFpoTmRFd2sybDd3c2JNUy9lK3Z6a0VQOHoyajF1?= =?utf-8?B?b2VlSTB5UkVxWENRRlJYM3c1SlUrWVJSL1pyaEdsZE1vVi9RMVFwUG9ZclRL?= =?utf-8?B?QzFaRWhxMXg0TUl2dG9aVTFHbFJNck9vSTl1dFF5U3dkcktDRjZyZjk5Nnl6?= =?utf-8?B?VGRsL0JLWDRKRmpHcU11Zmt1U3pFdDlBU0xPSjlNM2xMTXBKUDYwUXl3eEs3?= =?utf-8?Q?5To/cfwzDJ3ePmpR/AzR3zpCfkmROlaL0MQy5/Skqvdx?= X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6178a1fa-0a82-44d3-ce54-08dabcb2dd08 X-MS-Exchange-CrossTenant-AuthSource: BN8PR12MB3587.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Nov 2022 09:16:02.7544 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: kj+QM3Bs/zLEaQ94ZCFnH/Q4lRVc2QaAmAcuP9yWHa1RVkB0GQR9qsZJpkP81wkS X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7777 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am 30.10.22 um 16:44 schrieb Dmitry Osipenko: > The drm_gem_vunmap() will crash with a NULL dereference if the passed > object pointer is NULL. It wasn't a problem before we added the locking > support to drm_gem_vunmap function because the mapping argument was always > NULL together with the object. Make drm_client_buffer_delete() to check > whether GEM is NULL before trying to unmap the GEM, it will happen on > framebuffer creation error. > > Reported-by: Dan Carpenter > Link: https://lore.kernel.org/dri-devel/Y1kFEGxT8MVlf32V@kili/ > Fixes: 79e2cf2e7a19 ("drm/gem: Take reservation lock for vmap/vunmap operations") > Signed-off-by: Dmitry Osipenko Reviewed-by: Christian König > --- > drivers/gpu/drm/drm_client.c | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > diff --git a/drivers/gpu/drm/drm_client.c b/drivers/gpu/drm/drm_client.c > index 38e1be991caa..fd67efe37c63 100644 > --- a/drivers/gpu/drm/drm_client.c > +++ b/drivers/gpu/drm/drm_client.c > @@ -235,10 +235,10 @@ static void drm_client_buffer_delete(struct drm_client_buffer *buffer) > { > struct drm_device *dev = buffer->client->dev; > > - drm_gem_vunmap_unlocked(buffer->gem, &buffer->map); > - > - if (buffer->gem) > + if (buffer->gem) { > + drm_gem_vunmap_unlocked(buffer->gem, &buffer->map); > drm_gem_object_put(buffer->gem); > + } > > if (buffer->handle) > drm_mode_destroy_dumb(dev, buffer->handle, buffer->client->file);