Ben Skeggs
2025-Jul-14 02:59 UTC
[PATCH] drm/nouveau/nvif: fix null ptr deref on pre-fermi boards
Check that gpfifo.post() exists before trying to call it.
Fixes: 862450a85b85 ("drm/nouveau/gf100-: track chan progress with non-WFI
semaphore release")
Reported-by: Jamie Heilman <jamie at audible.transient.net>
Reported-by: Rui Salvaterra <rsalvaterra at gmail.com>
Tested-by: Rui Salvaterra <rsalvaterra at gmail.com>
Signed-off-by: Ben Skeggs <bskeggs at nvidia.com>
---
drivers/gpu/drm/nouveau/nvif/chan.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/gpu/drm/nouveau/nvif/chan.c
b/drivers/gpu/drm/nouveau/nvif/chan.c
index baa10227d51a..80c01017d642 100644
--- a/drivers/gpu/drm/nouveau/nvif/chan.c
+++ b/drivers/gpu/drm/nouveau/nvif/chan.c
@@ -39,6 +39,9 @@ nvif_chan_gpfifo_post(struct nvif_chan *chan)
const u32 pbptr = (chan->push.cur - map) +
chan->func->gpfifo.post_size;
const u32 gpptr = (chan->gpfifo.cur + 1) & chan->gpfifo.max;
+ if (!chan->func->gpfifo.post)
+ return 0;
+
return chan->func->gpfifo.post(chan, gpptr, pbptr);
}
--
2.49.0
Danilo Krummrich
2025-Jul-21 09:37 UTC
[PATCH] drm/nouveau/nvif: fix null ptr deref on pre-fermi boards
On Mon Jul 14, 2025 at 4:59 AM CEST, Ben Skeggs wrote:> Check that gpfifo.post() exists before trying to call it. > > Fixes: 862450a85b85 ("drm/nouveau/gf100-: track chan progress with non-WFI semaphore release") > Reported-by: Jamie Heilman <jamie at audible.transient.net> > Reported-by: Rui Salvaterra <rsalvaterra at gmail.com> > Tested-by: Rui Salvaterra <rsalvaterra at gmail.com> > Signed-off-by: Ben Skeggs <bskeggs at nvidia.com>Please remember to add a Closes tag for Reported-by (I added them when I applied the patch). Applied to drm-misc-fixes, thanks!