search for: drm_ioctl_nouveau_channel_alloc

Displaying 4 results from an estimated 4 matches for "drm_ioctl_nouveau_channel_alloc".

[PATCH] drm/nouveau: bail out of nouveau_channel_new if channel init fails
2020 Aug 28
4
[PATCH] drm/nouveau: bail out of nouveau_channel_new if channel init fails
Unprivileged user can crash kernel by using DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC ioctl. This was reported by trinity[1] fuzzer. [ 71.073906] nouveau 0000:01:00.0: crashme[1329]: channel failed to initialise, -17 [ 71.081730] BUG: kernel NULL pointer dereference, address: 00000000000000a0 [ 71.088928] #PF: supervisor read access in kernel mode [ 71.094059] #PF: error_co...
[PATCH] drm/nouveau: bail out of nouveau_channel_new if channel init fails
2020 Nov 15
1
[PATCH] drm/nouveau: bail out of nouveau_channel_new if channel init fails
On Sun, Nov 15, 2020 at 6:43 PM Salvatore Bonaccorso <carnil at debian.org> wrote: > > Hi, > > On Fri, Aug 28, 2020 at 11:28:46AM +0200, Frantisek Hrbata wrote: > > Unprivileged user can crash kernel by using DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC > > ioctl. This was reported by trinity[1] fuzzer. > > > > [ 71.073906] nouveau 0000:01:00.0: crashme[1329]: channel failed to initialise, -17 > > [ 71.081730] BUG: kernel NULL pointer dereference, address: 00000000000000a0 > > [ 71.088928] #PF: supervisor read a...
[PATCH] drm/nouveau: fixup the uapi header file.
2023 Jul 31
3
[PATCH] drm/nouveau: fixup the uapi header file.
...uint64_t param; uint64_t value; }; -#define DRM_IOCTL_NOUVEAU_GETPARAM DRM_IOWR(DRM_COMMAND_BASE + DRM_NOUVEAU_GETPARAM, struct drm_nouveau_getparam) #define DRM_IOCTL_NOUVEAU_SETPARAM DRM_IOWR(DRM_COMMAND_BASE + DRM_NOUVEAU_SETPARAM, struct drm_nouveau_setparam) -#define DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC DRM_IOWR(DRM_COMMAND_BASE + DRM_NOUVEAU_CHANNEL_ALLOC, struct drm_nouveau_channel_alloc) -#define DRM_IOCTL_NOUVEAU_CHANNEL_FREE DRM_IOW (DRM_COMMAND_BASE + DRM_NOUVEAU_CHANNEL_FREE, struct drm_nouveau_channel_free) #define DRM_IOCTL_NOUVEAU_GROBJ_ALLOC DRM_IOW (DRM_COMMAND_BASE...
[PATCH] drm/nouveau: bail out of nouveau_channel_new if channel init fails
2020 Nov 15
0
[PATCH] drm/nouveau: bail out of nouveau_channel_new if channel init fails
Hi, On Fri, Aug 28, 2020 at 11:28:46AM +0200, Frantisek Hrbata wrote: > Unprivileged user can crash kernel by using DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC > ioctl. This was reported by trinity[1] fuzzer. > > [ 71.073906] nouveau 0000:01:00.0: crashme[1329]: channel failed to initialise, -17 > [ 71.081730] BUG: kernel NULL pointer dereference, address: 00000000000000a0 > [ 71.088928] #PF: supervisor read access in kernel mode &gt...