Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp582923rwb; Thu, 12 Jan 2023 09:35:37 -0800 (PST) X-Google-Smtp-Source: AMrXdXvBZwlVstBK7mZmdCf8Anhee3iRpPSGI0svZ8nC6782NDxfskKkHZ8J8zrxViFkd4VMcK55 X-Received: by 2002:aa7:d60e:0:b0:488:f6a3:2dd6 with SMTP id c14-20020aa7d60e000000b00488f6a32dd6mr49101171edr.41.1673544937766; Thu, 12 Jan 2023 09:35:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673544937; cv=none; d=google.com; s=arc-20160816; b=f/AswMEYKPRZab8oEBj40QWLbRkRHnT161mspV0c7jOljT+CqpDvnl+/kLAArupVCK H+roFXngixmBJF16oIiNfFsNc7JnANtvg1+tWL8skEKv9ukV9U9erv+VGXiRQfMUrXc9 GDu4y8sUC4AkR6bsxRODek+sI7vyceHifko/NX7mlXckjz805siqDyhg/CZlCNZl0pAl VPGHMdTyAyheeslVE+BH0Fj2YwLHif5oU5LPgjXfXUm9ck3xxm/SLLWtGAhjNwxAIFZy Zh9z4kfsid5eS8+t+/lUm+yD5XdB3LaG3nwQMj3dOhKnH0JmCJSdfP95pW7gmO+w34T/ P6zA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=e3/5mdkWWoUbe0ds36E3f0p7Rj8KSuCS6/PJcoRdNPc=; b=vXVonKN2WUaaTdS8IpLh6MAvpq5QiXFQOsTzSXS89X0m9tDwgdGr5/4oUBamFo6HZw AA+saIFtDmzkg8+k3eNT/sycZzfEODq/SC/ip8FmqU9Rp8gKAH3AYv5xoD8zXtY5buyq RyqcMsB7gdzGR67Bf4ruwBbn/0OGxsrsJp8sICacApXBY14s/dollcF5i6GQvFow3V4S v2uxY+DVUwYBOIawojTxh33kkrUkXzaDZVbxd0/ZpfwbuAUYZlsffRwhL8HpW1anPd3v OdWDrlkw9/09NpmuAMauMtHZTaRWoUlb4JsJbe5ayUZQ/G9bvdWeXUCLuf7F/jVo0yhe 5hLQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=qGKOr22K; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m8-20020a056402510800b00488c151c0a2si21837550edd.498.2023.01.12.09.35.24; Thu, 12 Jan 2023 09:35:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=qGKOr22K; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231879AbjALRWZ (ORCPT + 52 others); Thu, 12 Jan 2023 12:22:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49580 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231491AbjALRVg (ORCPT ); Thu, 12 Jan 2023 12:21:36 -0500 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D5EA014D28; Thu, 12 Jan 2023 08:51:18 -0800 (PST) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id CC05FB81EE4; Thu, 12 Jan 2023 16:45:46 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id E55DAC433EF; Thu, 12 Jan 2023 16:45:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1673541945; bh=oLyzs7BrkGWrZjSzv965hq1U/ogrEev6fsNywyDh/lU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=qGKOr22K15obpuPJ2CduJ03kjMfQsEsBg+IopFp8651muUYVjOz3wPA0Adark/TSt P7H+ZB/lKXM6Qb4ztgkLjiHRHMMO6EfuGuusauu4hLJvKNWOPeTAoE/GIxkAUVFhCw SxQCaub5ZANAeRoCXsiGnWAOihOOVdrqBPp0t91k= Date: Thu, 12 Jan 2023 17:45:42 +0100 From: Greg KH To: Daniel Vetter Cc: Dragos-Marian Panait , stable@vger.kernel.org, Jiasheng Jiang , Felix Kuehling , Alex Deucher , Oded Gabbay , Christian =?iso-8859-1?Q?K=F6nig?= , Kent Russell , Harish Kasiviswanathan , dri-devel@lists.freedesktop.org, amd-gfx@lists.freedesktop.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 5.10 1/1] drm/amdkfd: Check for null pointer after calling kmemdup Message-ID: References: <20230104175633.1420151-1-dragos.panait@windriver.com> <20230104175633.1420151-2-dragos.panait@windriver.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 12, 2023 at 04:26:45PM +0100, Daniel Vetter wrote: > On Thu, 12 Jan 2023 at 13:47, Greg KH wrote: > > On Wed, Jan 04, 2023 at 07:56:33PM +0200, Dragos-Marian Panait wrote: > > > From: Jiasheng Jiang > > > > > > [ Upstream commit abfaf0eee97925905e742aa3b0b72e04a918fa9e ] > > > > > > As the possible failure of the allocation, kmemdup() may return NULL > > > pointer. > > > Therefore, it should be better to check the 'props2' in order to prevent > > > the dereference of NULL pointer. > > > > > > Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs") > > > Signed-off-by: Jiasheng Jiang > > > Reviewed-by: Felix Kuehling > > > Signed-off-by: Felix Kuehling > > > Signed-off-by: Alex Deucher > > > Signed-off-by: Dragos-Marian Panait > > > --- > > > drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++ > > > 1 file changed, 3 insertions(+) > > > > > > diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c > > > index 86b4dadf772e..02e3c650ed1c 100644 > > > --- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c > > > +++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c > > > @@ -408,6 +408,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink, > > > return -ENODEV; > > > /* same everything but the other direction */ > > > props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL); > > > + if (!props2) > > > + return -ENOMEM; > > > > Not going to queue this up as this is a bogus CVE. > > Are we at the point where CVE presence actually contraindicates > backporting? Some would say that that point passed a long time ago :) > At least I'm getting a bit the feeling there's a surge of > automated (security) fixes that just don't hold up to any scrutiny. That has been happening a lot more in the past 6-8 months than in years past with the introduction of more automated tools being present. > Last week I had to toss out an fbdev locking patch due to static > checker that has no clue at all how refcounting works, and so > complained that things need more locking ... (that was -fixes, but > would probably have gone to stable too if I didn't catch it). > > Simple bugfixes from random people was nice when it was checkpatch > stuff and I was fairly happy to take these aggressively in drm. But my > gut feeling says things seem to be shifting towards more advanced > tooling, but without more advanced understanding by submitters. Does > that holder in other areas too? Again, yes, I have seen that a lot recently, especially with regards to patches that purport to fix bugs yet obviously were never tested. That being said, there are a few developers who are doing great things with fault-injection testing and providing good patches for that. So we can't just say that everyone using these tools has no clue. thanks, greg k-h