Frédéric Pierret
2020-Jan-29 16:22 UTC
[Nouveau] nv50_disp_chan_mthd: ensure mthd is not NULL
Dear Ben Skeggs, Please find attached a patch solving a blocking issue I encountered: https://bugzilla.kernel.org/show_bug.cgi?id=206299 Basically, running at least a RTX2080TI on Xen makes a bad mmio error which causes having 'mthd' pointer to be NULL in 'channv50.c'. From the code, it's assumed to be not NULL by accessing directly 'mthd->data[0]' which is the reason of the kernel panic. I simply check if the pointer is not NULL before continuing. Best regards, Fr?d?ric Pierret -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-nv50_disp_chan_mthd-ensure-mthd-is-not-NULL.patch Type: text/x-patch Size: 1182 bytes Desc: not available URL: <https://lists.freedesktop.org/archives/nouveau/attachments/20200129/15d9c5e5/attachment.bin> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: <https://lists.freedesktop.org/archives/nouveau/attachments/20200129/15d9c5e5/attachment.sig>
On Wed, Jan 29, 2020 at 05:22:13PM +0100, Fr?d?ric Pierret wrote:> Dear Ben Skeggs, > > Please find attached a patch solving a blocking issue I encountered: > https://bugzilla.kernel.org/show_bug.cgi?id=206299 > > Basically, running at least a RTX2080TI on Xen makes a bad mmio error > which causes having 'mthd' pointer to be NULL in 'channv50.c'. From the > code, it's assumed to be not NULL by accessing directly 'mthd->data[0]' > which is the reason of the kernel panic. I simply check if the pointer > is not NULL before continuing. > > Best regards, > > Fr?d?ric Pierret >> From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?> <frederic.pierret at qubes-os.org> > Date: Sun, 26 Jan 2020 23:24:33 +0100 > Subject: [PATCH] nv50_disp_chan_mthd: ensure mthd is not NULL > MIME-Version: 1.0 > Content-Type: text/plain; charset=UTF-8 > Content-Transfer-Encoding: 8bit > > Pointer to structure array is assumed not NULL by default. It has > the consequence to raise a kernel panic when it's not the case. > > BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=206299 > Signed-off-by: Fr?d?ric Pierret (fepitre) <frederic.pierret at qubes-os.org> > --- > drivers/gpu/drm/nouveau/nvkm/engine/disp/channv50.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/drivers/gpu/drm/nouveau/nvkm/engine/disp/channv50.c b/drivers/gpu/drm/nouveau/nvkm/engine/disp/channv50.c > index bcf32d92ee5a..50e3539f33d2 100644 > --- a/drivers/gpu/drm/nouveau/nvkm/engine/disp/channv50.c > +++ b/drivers/gpu/drm/nouveau/nvkm/engine/disp/channv50.c > @@ -74,6 +74,8 @@ nv50_disp_chan_mthd(struct nv50_disp_chan *chan, int debug) > > if (debug > subdev->debug) > return; > + if (!mthd) > + return; > > for (i = 0; (list = mthd->data[i].mthd) != NULL; i++) { > u32 base = chan->head * mthd->addr; > -- > 2.21.0 ><formletter> This is not the correct way to submit patches for inclusion in the stable kernel tree. Please read: https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html for how to do this properly. </formletter>
Apparently Analagous Threads
- [PATCH] nv50_disp_chan_mthd: ensure mthd is not NULL
- [PATCH] nv50_disp_chan_mthd: ensure mthd is not NULL
- nv50_disp_chan_mthd: ensure mthd is not NULL
- [PATCH] nv50_disp_chan_mthd: ensure mthd is not NULL
- [PATCH][next] drm/nouveau/disp: avoid potential overflow on shift of int value