| Message ID | 20241112105030.93337-1-angelogioacchino.delregno@collabora.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | drm/mediatek: Initialize pointer in mtk_drm_of_ddp_path_build_one() | expand |
Hi, Angelo: On Tue, 2024-11-12 at 11:50 +0100, AngeloGioacchino Del Regno wrote: > External email : Please do not click links or open attachments until you have verified the sender or the content. > > > The struct device_node *next pointer is not initialized, and it is > used in an error path in which it may have never been modified by > function mtk_drm_of_get_ddp_ep_cid(). > > Since the error path is relying on that pointer being NULL for the > OVL Adaptor and/or invalid component check and since said pointer > is being used in prints for %pOF, in the case that it points to a > bogus address, the print may cause a KP. > > To resolve that, initialize the *next pointer to NULL before usage. Reviewed-by: CK Hu <ck.hu@mediatek.com> > > Fixes: 4c932840db1d ("drm/mediatek: Implement OF graphs support for display paths") > Reported-by: Dan Carpenter <dan.carpenter@linaro.org> > Signed-off-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com> > --- > drivers/gpu/drm/mediatek/mtk_drm_drv.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c > index 9a8ef8558da9..bc06c664e80f 100644 > --- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c > +++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c > @@ -900,7 +900,7 @@ static int mtk_drm_of_ddp_path_build_one(struct device *dev, enum mtk_crtc_path > const unsigned int **out_path, > unsigned int *out_path_len) > { > - struct device_node *next, *prev, *vdo = dev->parent->of_node; > + struct device_node *next = NULL, *prev, *vdo = dev->parent->of_node; > unsigned int temp_path[DDP_COMPONENT_DRM_ID_MAX] = { 0 }; > unsigned int *final_ddp_path; > unsigned short int idx = 0; > -- > 2.47.0 >
On Tue, Nov 12, 2024 at 11:50 AM AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com> wrote: > > The struct device_node *next pointer is not initialized, and it is > used in an error path in which it may have never been modified by > function mtk_drm_of_get_ddp_ep_cid(). > > Since the error path is relying on that pointer being NULL for the > OVL Adaptor and/or invalid component check and since said pointer > is being used in prints for %pOF, in the case that it points to a > bogus address, the print may cause a KP. > > To resolve that, initialize the *next pointer to NULL before usage. > Reviewed-by: Alexandre Mergnat <amergnat@baylibre.com>
diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c index 9a8ef8558da9..bc06c664e80f 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c @@ -900,7 +900,7 @@ static int mtk_drm_of_ddp_path_build_one(struct device *dev, enum mtk_crtc_path const unsigned int **out_path, unsigned int *out_path_len) { - struct device_node *next, *prev, *vdo = dev->parent->of_node; + struct device_node *next = NULL, *prev, *vdo = dev->parent->of_node; unsigned int temp_path[DDP_COMPONENT_DRM_ID_MAX] = { 0 }; unsigned int *final_ddp_path; unsigned short int idx = 0;
The struct device_node *next pointer is not initialized, and it is used in an error path in which it may have never been modified by function mtk_drm_of_get_ddp_ep_cid(). Since the error path is relying on that pointer being NULL for the OVL Adaptor and/or invalid component check and since said pointer is being used in prints for %pOF, in the case that it points to a bogus address, the print may cause a KP. To resolve that, initialize the *next pointer to NULL before usage. Fixes: 4c932840db1d ("drm/mediatek: Implement OF graphs support for display paths") Reported-by: Dan Carpenter <dan.carpenter@linaro.org> Signed-off-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com> --- drivers/gpu/drm/mediatek/mtk_drm_drv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)