August 2024 - Kernel - mailweb.openeuler.org

[PATCH openEuler-22.03-LTS-SP1] PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init()
by liwei 20 Aug '24

20 Aug '24

From: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> mainline inclusion from mainline-v6.11-rc1 commit 5a5095a8bd1bd349cce1c879e5e44407a34dda8a category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAKQ5P CVE: CVE-2024-43824 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- Instead of getting the epc_features from pci_epc_get_features() API, use the cached pci_epf_test::epc_features value to avoid the NULL check. Since the NULL check is already performed in pci_epf_test_bind(), having one more check in pci_epf_test_core_init() is redundant and it is not possible to hit the NULL pointer dereference. Also with commit a01e7214bef9 ("PCI: endpoint: Remove "core_init_notifier" flag"), 'epc_features' got dereferenced without the NULL check, leading to the following false positive Smatch warning: drivers/pci/endpoint/functions/pci-epf-test.c:784 pci_epf_test_core_init() error: we previously assumed 'epc_features' could be null (see line 747) Thus, remove the redundant NULL check and also use the epc_features:: {msix_capable/msi_capable} flags directly to avoid local variables. [kwilczynski: commit log] Fixes: 5e50ee27d4a5 ("PCI: pci-epf-test: Add support to defer core initialization") Closes: https://lore.kernel.org/linux-pci/024b5826-7180-4076-ae08-57d2584cca3f@moro… Link: https://lore.kernel.org/linux-pci/20240418-pci-epf-test-fix-v2-1-eacd548314… Reported-by: Dan Carpenter <dan.carpenter(a)linaro.org> Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam(a)linaro.org> Signed-off-by: Krzysztof Wilczyński <kwilczynski(a)kernel.org> Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> Reviewed-by: Frank Li <Frank.Li(a)nxp.com> Reviewed-by: Niklas Cassel <cassel(a)kernel.org> Conflicts: drivers/pci/endpoint/functions/pci-epf-test.c [context conflicts] Signed-off-by: liwei <liwei728(a)huawei.com> --- drivers/pci/endpoint/functions/pci-epf-test.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/drivers/pci/endpoint/functions/pci-epf-test.c b/drivers/pci/endpoint/functions/pci-epf-test.c index ddfeca9016a0..ff3e26cc407d 100644 --- a/drivers/pci/endpoint/functions/pci-epf-test.c +++ b/drivers/pci/endpoint/functions/pci-epf-test.c @@ -674,19 +674,11 @@ static int pci_epf_test_core_init(struct pci_epf *epf) { struct pci_epf_test *epf_test = epf_get_drvdata(epf); struct pci_epf_header *header = epf->header; - const struct pci_epc_features *epc_features; + const struct pci_epc_features *epc_features = epf_test->epc_features; struct pci_epc *epc = epf->epc; struct device *dev = &epf->dev; - bool msix_capable = false; - bool msi_capable = true; int ret; - epc_features = pci_epc_get_features(epc, epf->func_no); - if (epc_features) { - msix_capable = epc_features->msix_capable; - msi_capable = epc_features->msi_capable; - } - ret = pci_epc_write_header(epc, epf->func_no, header); if (ret) { dev_err(dev, "Configuration header write failed\n"); @@ -697,7 +689,7 @@ static int pci_epf_test_core_init(struct pci_epf *epf) if (ret) return ret; - if (msi_capable) { + if (epc_features->msi_capable) { ret = pci_epc_set_msi(epc, epf->func_no, epf->msi_interrupts); if (ret) { dev_err(dev, "MSI configuration failed\n"); @@ -705,7 +697,7 @@ static int pci_epf_test_core_init(struct pci_epf *epf) } } - if (msix_capable) { + if (epc_features->msix_capable) { ret = pci_epc_set_msix(epc, epf->func_no, epf->msix_interrupts, epf_test->test_reg_bar, epf_test->msix_table_offset); -- 2.25.1

2 1

[PATCH openEuler-22.03-LTS-SP1 0/1] CVE-2024-42290
by Yuntao Liu 20 Aug '24

20 Aug '24

CVE-2024-42290 Shenwei Wang (1): irqchip/imx-irqsteer: Handle runtime power management correctly drivers/irqchip/irq-imx-irqsteer.c | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) -- 2.34.1

2 2

[PATCH OLK-5.10 0/1] CVE-2024-42290
by Yuntao Liu 20 Aug '24

20 Aug '24

CVE-2024-42290 Shenwei Wang (1): irqchip/imx-irqsteer: Handle runtime power management correctly drivers/irqchip/irq-imx-irqsteer.c | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) -- 2.34.1

2 2

[PATCH OLK-6.6] ASoC: amd: Adjust error handling in case of absent codec device
by Zhang Changzhong 20 Aug '24

20 Aug '24

From: Aleksandr Mishin <amishin(a)t-argos.ru> stable inclusion from stable-v6.6.44 commit 99b642dac24f6d09ba3ebf1d690be8aefff86164 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAKQ4U CVE: CVE-2024-43818 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit 5080808c3339de2220c602ab7c7fa23dc6c1a5a3 ] acpi_get_first_physical_node() can return NULL in several cases (no such device, ACPI table error, reference count drop to 0, etc). Existing check just emit error message, but doesn't perform return. Then this NULL pointer is passed to devm_acpi_dev_add_driver_gpios() where it is dereferenced. Adjust this error handling by adding error code return. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 02527c3f2300 ("ASoC: amd: add Machine driver for Jadeite platform") Signed-off-by: Aleksandr Mishin <amishin(a)t-argos.ru> Link: https://patch.msgid.link/20240703191007.8524-1-amishin@t-argos.ru Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: Zhang Changzhong <zhangchangzhong(a)huawei.com> --- sound/soc/amd/acp-es8336.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sound/soc/amd/acp-es8336.c b/sound/soc/amd/acp-es8336.c index 5e56d3a..49bffc5 100644 --- a/sound/soc/amd/acp-es8336.c +++ b/sound/soc/amd/acp-es8336.c @@ -203,8 +203,10 @@ static int st_es8336_late_probe(struct snd_soc_card *card) codec_dev = acpi_get_first_physical_node(adev); acpi_dev_put(adev); - if (!codec_dev) + if (!codec_dev) { dev_err(card->dev, "can not find codec dev\n"); + return -ENODEV; + } ret = devm_acpi_dev_add_driver_gpios(codec_dev, acpi_es8336_gpios); if (ret) -- 2.9.5

2 1

[PATCH openEuler-22.03-LTS-SP1] ipvs: properly dereference pe in ip_vs_add_service
by Zhengchao Shao 20 Aug '24

20 Aug '24

From: Chen Hanxiao <chenhx.fnst(a)fujitsu.com> mainline inclusion from mainline-v6.11-rc1 commit cbd070a4ae62f119058973f6d2c984e325bce6e7 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAKQ7N CVE: CVE-2024-42322 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… ------------------------------------------- Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression Fixes: 39b972231536 ("ipvs: handle connections started by real-servers") Signed-off-by: Chen Hanxiao <chenhx.fnst(a)fujitsu.com> Acked-by: Julian Anastasov <ja(a)ssi.bg> Acked-by: Simon Horman <horms(a)kernel.org> Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> Conflicts: net/netfilter/ipvs/ip_vs_ctl.c [The conflict occurs because the commit 705dd3444081("ipvs: use kthreads for stats estimation") is not merged] Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index 29ec3ef63edc..0b37ffe0449a 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -1384,18 +1384,18 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct ip_vs_service_user_kern *u, sched = NULL; } - /* Bind the ct retriever */ - RCU_INIT_POINTER(svc->pe, pe); - pe = NULL; - /* Update the virtual service counters */ if (svc->port == FTPPORT) atomic_inc(&ipvs->ftpsvc_counter); else if (svc->port == 0) atomic_inc(&ipvs->nullsvc_counter); - if (svc->pe && svc->pe->conn_out) + if (pe && pe->conn_out) atomic_inc(&ipvs->conn_out_counter); + /* Bind the ct retriever */ + RCU_INIT_POINTER(svc->pe, pe); + pe = NULL; + ip_vs_start_estimator(ipvs, &svc->stats); /* Count only IPv4 services for old get/setsockopt interface */ -- 2.34.1

2 1

[PATCH OLK-5.10] ipvs: properly dereference pe in ip_vs_add_service
by Zhengchao Shao 20 Aug '24

20 Aug '24

From: Chen Hanxiao <chenhx.fnst(a)fujitsu.com> mainline inclusion from mainline-v6.11-rc1 commit cbd070a4ae62f119058973f6d2c984e325bce6e7 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAKQ7N CVE: CVE-2024-42322 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… ------------------------------------------- Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1471:27: warning: dereference of noderef expression Fixes: 39b972231536 ("ipvs: handle connections started by real-servers") Signed-off-by: Chen Hanxiao <chenhx.fnst(a)fujitsu.com> Acked-by: Julian Anastasov <ja(a)ssi.bg> Acked-by: Simon Horman <horms(a)kernel.org> Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> Conflicts: net/netfilter/ipvs/ip_vs_ctl.c [The conflict occurs because the commit 705dd3444081("ipvs: use kthreads for stats estimation") is not merged] Signed-off-by: Zhengchao Shao <shaozhengchao(a)huawei.com> --- net/netfilter/ipvs/ip_vs_ctl.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index d0b64c36471d..9dab1e286dff 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -1384,18 +1384,18 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct ip_vs_service_user_kern *u, sched = NULL; } - /* Bind the ct retriever */ - RCU_INIT_POINTER(svc->pe, pe); - pe = NULL; - /* Update the virtual service counters */ if (svc->port == FTPPORT) atomic_inc(&ipvs->ftpsvc_counter); else if (svc->port == 0) atomic_inc(&ipvs->nullsvc_counter); - if (svc->pe && svc->pe->conn_out) + if (pe && pe->conn_out) atomic_inc(&ipvs->conn_out_counter); + /* Bind the ct retriever */ + RCU_INIT_POINTER(svc->pe, pe); + pe = NULL; + ip_vs_start_estimator(ipvs, &svc->stats); /* Count only IPv4 services for old get/setsockopt interface */ -- 2.34.1

2 1

[PATCH openEuler-1.0-LTS] media: venus: fix use after free in vdec_close
by Xia Fukun 20 Aug '24

20 Aug '24

From: Dikshita Agarwal <quic_dikshita(a)quicinc.com> stable inclusion from stable-v4.19.320 commit ad8cf035baf29467158e0550c7a42b7bb43d1db6 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAKQ1L CVE: CVE-2024-42313 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=… -------------------------------- commit a0157b5aa34eb43ec4c5510f9c260bbb03be937e upstream. There appears to be a possible use after free with vdec_close(). The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly closing the decoder device from userspace during normal decoding can incur a read after free for inst. Fix it by cancelling the work in vdec_close. Cc: stable(a)vger.kernel.org Fixes: af2c3834c8ca ("[media] media: venus: adding core part and helper functions") Signed-off-by: Dikshita Agarwal <quic_dikshita(a)quicinc.com> Acked-by: Vikash Garodia <quic_vgarodia(a)quicinc.com> Signed-off-by: Stanimir Varbanov <stanimir.k.varbanov(a)gmail.com> Signed-off-by: Hans Verkuil <hverkuil-cisco(a)xs4all.nl> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Xia Fukun <xiafukun(a)huawei.com> --- drivers/media/platform/qcom/venus/vdec.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/media/platform/qcom/venus/vdec.c b/drivers/media/platform/qcom/venus/vdec.c index e3972dbf4c9a3..297a0e84b8dfd 100644 --- a/drivers/media/platform/qcom/venus/vdec.c +++ b/drivers/media/platform/qcom/venus/vdec.c @@ -1094,6 +1094,7 @@ static int vdec_close(struct file *file) { struct venus_inst *inst = to_inst(file); + cancel_work_sync(&inst->delayed_process_work); v4l2_m2m_ctx_release(inst->m2m_ctx); v4l2_m2m_release(inst->m2m_dev); vdec_ctrl_deinit(inst); -- 2.34.1

2 1

[PATCH OLK-5.10] s390/sclp: Fix sclp_init() cleanup on failure
by Guo Mengqi 20 Aug '24

20 Aug '24

From: Heiko Carstens <hca(a)linux.ibm.com> stable inclusion from stable-v5.10.223 commit 2e51db7ab71b89dc5a17068f5e201c69f13a4c9a category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAGEM8 CVE: CVE-2024-41068 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id… -------------------------------- [ Upstream commit 6434b33faaa063df500af355ee6c3942e0f8d982 ] If sclp_init() fails it only partially cleans up: if there are multiple failing calls to sclp_init() sclp_state_change_event will be added several times to sclp_reg_list, which results in the following warning: ------------[ cut here ]------------ list_add double add: new=000003ffe1598c10, prev=000003ffe1598bf0, next=000003ffe1598c10. WARNING: CPU: 0 PID: 1 at lib/list_debug.c:35 __list_add_valid_or_report+0xde/0xf8 CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.10.0-rc3 Krnl PSW : 0404c00180000000 000003ffe0d6076a (__list_add_valid_or_report+0xe2/0xf8) R:0 T:1 IO:0 EX:0 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3 ... Call Trace: [<000003ffe0d6076a>] __list_add_valid_or_report+0xe2/0xf8 ([<000003ffe0d60766>] __list_add_valid_or_report+0xde/0xf8) [<000003ffe0a8d37e>] sclp_init+0x40e/0x450 [<000003ffe00009f2>] do_one_initcall+0x42/0x1e0 [<000003ffe15b77a6>] do_initcalls+0x126/0x150 [<000003ffe15b7a0a>] kernel_init_freeable+0x1ba/0x1f8 [<000003ffe0d6650e>] kernel_init+0x2e/0x180 [<000003ffe000301c>] __ret_from_fork+0x3c/0x60 [<000003ffe0d759ca>] ret_from_fork+0xa/0x30 Fix this by removing sclp_state_change_event from sclp_reg_list when sclp_init() fails. Reviewed-by: Peter Oberparleiter <oberpar(a)linux.ibm.com> Signed-off-by: Heiko Carstens <hca(a)linux.ibm.com> Signed-off-by: Alexander Gordeev <agordeev(a)linux.ibm.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> Signed-off-by: dinglongwei <dinglongwei1(a)huawei.com> --- drivers/s390/char/sclp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/s390/char/sclp.c b/drivers/s390/char/sclp.c index d2ab3f07c008..8296e6bc229e 100644 --- a/drivers/s390/char/sclp.c +++ b/drivers/s390/char/sclp.c @@ -1208,6 +1208,7 @@ sclp_init(void) fail_unregister_reboot_notifier: unregister_reboot_notifier(&sclp_reboot_notifier); fail_init_state_uninitialized: + list_del(&sclp_state_change_event.list); sclp_init_state = sclp_init_state_uninitialized; free_page((unsigned long) sclp_read_sccb); free_page((unsigned long) sclp_init_sccb); -- 2.17.1

2 1

[PATCH OLK-5.10] drm/amd/display: Add NULL pointer check for kzalloc
by Guo Mengqi 20 Aug '24

20 Aug '24

From: Hersen Wu <hersenxs.wu(a)amd.com> mainline inclusion from mainline-v6.10-rc1 commit 8e65a1b7118acf6af96449e1e66b7adbc9396912 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAGWWS CVE: CVE-2024-42122 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- [Why & How] Check return pointer of kzalloc before using it. Reviewed-by: Alex Hung <alex.hung(a)amd.com> Acked-by: Wayne Lin <wayne.lin(a)amd.com> Signed-off-by: Hersen Wu <hersenxs.wu(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Conflicts: drivers/gpu/drm/amd/display/dc/clk_mgr/dcn32/dcn32_clk_mgr.c drivers/gpu/drm/amd/display/dc/resource/dcn30/dcn30_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn31/dcn31_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn314/dcn314_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn315/dcn315_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn316/dcn316_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn321/dcn321_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn35/dcn35_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn351/dcn351_resource.c drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c [adjust context conflicts] Signed-off-by: Chen Jun <chenjun102(a)huawei.com> --- .../gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c | 8 ++++++++ drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c | 3 +++ 2 files changed, 11 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c index cab47bb21172..77c51e052118 100644 --- a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c +++ b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c @@ -549,11 +549,19 @@ void dcn3_clk_mgr_construct( dce_clock_read_ss_info(clk_mgr); clk_mgr->base.bw_params = kzalloc(sizeof(*clk_mgr->base.bw_params), GFP_KERNEL); + if (!clk_mgr->base.bw_params) { + BREAK_TO_DEBUGGER(); + return; + } /* need physical address of table to give to PMFW */ clk_mgr->wm_range_table = dm_helpers_allocate_gpu_mem(clk_mgr->base.ctx, DC_MEM_ALLOC_TYPE_GART, sizeof(WatermarksExternal_t), &clk_mgr->wm_range_table_addr); + if (!clk_mgr->wm_range_table) { + BREAK_TO_DEBUGGER(); + return; + } } void dcn3_clk_mgr_destroy(struct clk_mgr_internal *clk_mgr) diff --git a/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c b/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c index 32993ce24a58..7f6a3c679a2e 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c +++ b/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c @@ -2373,6 +2373,9 @@ bool dcn30_validate_bandwidth(struct dc *dc, BW_VAL_TRACE_COUNT(); + if (!pipes) + goto validate_fail; + out = dcn30_internal_validate_bw(dc, context, pipes, &pipe_cnt, &vlevel, fast_validate); if (pipe_cnt == 0) -- 2.17.1

2 1

[PATCH openEuler-22.03-LTS-SP1] drm/amd/display: Add NULL pointer check for kzalloc
by Guo Mengqi 20 Aug '24

20 Aug '24

From: Hersen Wu <hersenxs.wu(a)amd.com> mainline inclusion from mainline-v6.10-rc1 commit 8e65a1b7118acf6af96449e1e66b7adbc9396912 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAGWWS CVE: CVE-2024-42122 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… -------------------------------- [Why & How] Check return pointer of kzalloc before using it. Reviewed-by: Alex Hung <alex.hung(a)amd.com> Acked-by: Wayne Lin <wayne.lin(a)amd.com> Signed-off-by: Hersen Wu <hersenxs.wu(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Conflicts: drivers/gpu/drm/amd/display/dc/clk_mgr/dcn32/dcn32_clk_mgr.c drivers/gpu/drm/amd/display/dc/resource/dcn30/dcn30_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn31/dcn31_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn314/dcn314_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn315/dcn315_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn316/dcn316_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn32/dcn32_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn321/dcn321_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn35/dcn35_resource.c drivers/gpu/drm/amd/display/dc/resource/dcn351/dcn351_resource.c drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c [adjust context conflicts] Signed-off-by: Chen Jun <chenjun102(a)huawei.com> --- .../gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c | 8 ++++++++ drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c | 3 +++ 2 files changed, 11 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c index cab47bb21172..77c51e052118 100644 --- a/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c +++ b/drivers/gpu/drm/amd/display/dc/clk_mgr/dcn30/dcn30_clk_mgr.c @@ -549,11 +549,19 @@ void dcn3_clk_mgr_construct( dce_clock_read_ss_info(clk_mgr); clk_mgr->base.bw_params = kzalloc(sizeof(*clk_mgr->base.bw_params), GFP_KERNEL); + if (!clk_mgr->base.bw_params) { + BREAK_TO_DEBUGGER(); + return; + } /* need physical address of table to give to PMFW */ clk_mgr->wm_range_table = dm_helpers_allocate_gpu_mem(clk_mgr->base.ctx, DC_MEM_ALLOC_TYPE_GART, sizeof(WatermarksExternal_t), &clk_mgr->wm_range_table_addr); + if (!clk_mgr->wm_range_table) { + BREAK_TO_DEBUGGER(); + return; + } } void dcn3_clk_mgr_destroy(struct clk_mgr_internal *clk_mgr) diff --git a/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c b/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c index 32993ce24a58..7f6a3c679a2e 100644 --- a/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c +++ b/drivers/gpu/drm/amd/display/dc/dcn30/dcn30_resource.c @@ -2373,6 +2373,9 @@ bool dcn30_validate_bandwidth(struct dc *dc, BW_VAL_TRACE_COUNT(); + if (!pipes) + goto validate_fail; + out = dcn30_internal_validate_bw(dc, context, pipes, &pipe_cnt, &vlevel, fast_validate); if (pipe_cnt == 0) -- 2.17.1

2 1

2024

2023

2022

2021

2020

2019

Kernel August 2024