Re: [PATCH 3/4] drm/panthor: Reset the FW VM to NULL on unplug
On Fri, May 03, 2024 at 10:22:13AM +0100, Steven Price wrote: > On 02/05/2024 19:38, Boris Brezillon wrote: > > This way get NULL derefs instead of use-after-free if the FW VM is > > referenced after the device has been unplugged. > > > > Signed-off-by: Boris Brezillon > > Reviewed-by: Steven Price Acked-by: Liviu Dudau > > > --- > > drivers/gpu/drm/panthor/panthor_fw.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/drivers/gpu/drm/panthor/panthor_fw.c > > b/drivers/gpu/drm/panthor/panthor_fw.c > > index b41685304a83..93165961a6b5 100644 > > --- a/drivers/gpu/drm/panthor/panthor_fw.c > > +++ b/drivers/gpu/drm/panthor/panthor_fw.c > > @@ -1141,6 +1141,7 @@ void panthor_fw_unplug(struct panthor_device *ptdev) > > * state to keep the active_refcnt balanced. > > */ > > panthor_vm_put(ptdev->fw->vm); > > + ptdev->fw->vm = NULL; > > > > panthor_gpu_power_off(ptdev, L2, ptdev->gpu_info.l2_present, 2); > > } > -- | I would like to | | fix the world, | | but they're not | | giving me the | \ source code! / --- ¯\_(ツ)_/¯
Re: [PATCH 3/4] drm/panthor: Reset the FW VM to NULL on unplug
On 02/05/2024 19:38, Boris Brezillon wrote: > This way get NULL derefs instead of use-after-free if the FW VM is > referenced after the device has been unplugged. > > Signed-off-by: Boris Brezillon Reviewed-by: Steven Price > --- > drivers/gpu/drm/panthor/panthor_fw.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/gpu/drm/panthor/panthor_fw.c > b/drivers/gpu/drm/panthor/panthor_fw.c > index b41685304a83..93165961a6b5 100644 > --- a/drivers/gpu/drm/panthor/panthor_fw.c > +++ b/drivers/gpu/drm/panthor/panthor_fw.c > @@ -1141,6 +1141,7 @@ void panthor_fw_unplug(struct panthor_device *ptdev) >* state to keep the active_refcnt balanced. >*/ > panthor_vm_put(ptdev->fw->vm); > + ptdev->fw->vm = NULL; > > panthor_gpu_power_off(ptdev, L2, ptdev->gpu_info.l2_present, 2); > }
[PATCH 3/4] drm/panthor: Reset the FW VM to NULL on unplug
This way get NULL derefs instead of use-after-free if the FW VM is referenced after the device has been unplugged. Signed-off-by: Boris Brezillon --- drivers/gpu/drm/panthor/panthor_fw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/panthor/panthor_fw.c b/drivers/gpu/drm/panthor/panthor_fw.c index b41685304a83..93165961a6b5 100644 --- a/drivers/gpu/drm/panthor/panthor_fw.c +++ b/drivers/gpu/drm/panthor/panthor_fw.c @@ -1141,6 +1141,7 @@ void panthor_fw_unplug(struct panthor_device *ptdev) * state to keep the active_refcnt balanced. */ panthor_vm_put(ptdev->fw->vm); + ptdev->fw->vm = NULL; panthor_gpu_power_off(ptdev, L2, ptdev->gpu_info.l2_present, 2); } -- 2.44.0
