| Message ID | 20220617172623.1.I62db228170b1559ada60b8d3e1637e1688424926@changeid (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | drm/rockchip: vop: Don't crash for invalid duplicate_state() | expand |
On Fri, Jun 17, 2022 at 05:26:52PM -0700, Brian Norris wrote: > It's possible for users to try to duplicate the CRTC state even when the > state doesn't exist. drm_atomic_helper_crtc_duplicate_state() (and other > users of __drm_atomic_helper_crtc_duplicate_state()) already guard this > with a WARN_ON() instead of crashing, so let's do that here too. > > Signed-off-by: Brian Norris <briannorris@chromium.org> Thanks for this patch! Reviewed-by: Sean Paul <seanpaul@chromium.org> > --- > > drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c > index 74562d40f639..daf192881353 100644 > --- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c > +++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c > @@ -1570,6 +1570,9 @@ static struct drm_crtc_state *vop_crtc_duplicate_state(struct drm_crtc *crtc) > { > struct rockchip_crtc_state *rockchip_state; > > + if (WARN_ON(!crtc->state)) > + return NULL; > + > rockchip_state = kzalloc(sizeof(*rockchip_state), GFP_KERNEL); > if (!rockchip_state) > return NULL; > -- > 2.36.1.476.g0c4daa206d-goog >
Hi, On Fri, Jun 17, 2022 at 5:27 PM Brian Norris <briannorris@chromium.org> wrote: > > It's possible for users to try to duplicate the CRTC state even when the > state doesn't exist. drm_atomic_helper_crtc_duplicate_state() (and other > users of __drm_atomic_helper_crtc_duplicate_state()) already guard this > with a WARN_ON() instead of crashing, so let's do that here too. > > Signed-off-by: Brian Norris <briannorris@chromium.org> > --- > > drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 3 +++ > 1 file changed, 3 insertions(+) I'm not an expert in this area, but it makes sense to me to match drm_atomic_helper_crtc_duplicate_state() in this way. Thus: Reviewed-by: Douglas Anderson <dianders@chromium.org> I would tend to assume that this would be landed in drm-misc by Heiko if he's good with it. After several weeks of silence, however, I'll commit it myself. -Doug
Am Freitag, 24. Juni 2022, 01:44:52 CEST schrieb Doug Anderson: > Hi, > > On Fri, Jun 17, 2022 at 5:27 PM Brian Norris <briannorris@chromium.org> wrote: > > > > It's possible for users to try to duplicate the CRTC state even when the > > state doesn't exist. drm_atomic_helper_crtc_duplicate_state() (and other > > users of __drm_atomic_helper_crtc_duplicate_state()) already guard this > > with a WARN_ON() instead of crashing, so let's do that here too. > > > > Signed-off-by: Brian Norris <briannorris@chromium.org> > > --- > > > > drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 3 +++ > > 1 file changed, 3 insertions(+) > > I'm not an expert in this area, but it makes sense to me to match > drm_atomic_helper_crtc_duplicate_state() in this way. Thus: > > Reviewed-by: Douglas Anderson <dianders@chromium.org> > > I would tend to assume that this would be landed in drm-misc by Heiko > if he's good with it. After several weeks of silence, however, I'll > commit it myself. I do tend to batch up drm-misc patches, as that is always a different workflow but I'll pick that up :-) The interesting question would be, do we want some fixes tag for it? Heiko
On Fri, Jun 24, 2022 at 12:23 AM Heiko Stuebner <heiko@sntech.de> wrote:
> The interesting question would be, do we want some fixes tag for it?
I'm not aware of any currently-upstream code that will hit this [1].
I've hit it in out-of-tree code (or, code that I submitted to
dri-devel, but wasn't accepted as-is), and this is the "belt and
braces" part -- the primary fix is that we should avoid calling things
like drm_atomic_get_crtc_state() at inappropriate times.
So, is the "extra safety" check really something that should go to
-stable? (Because let's be honest, everything with a Fixes tag goes
there.) Maybe?
Anyway, if you want to "blame" anything, this commit actually dropped
the safety check:
4e257d9eee23 drm/rockchip: get rid of rockchip_drm_crtc_mode_config
Brian
[1] But I'm not omniscient. So maybe it's good to have anyway.
Am Freitag, 24. Juni 2022, 19:57:53 CEST schrieb Brian Norris: > On Fri, Jun 24, 2022 at 12:23 AM Heiko Stuebner <heiko@sntech.de> wrote: > > The interesting question would be, do we want some fixes tag for it? > > I'm not aware of any currently-upstream code that will hit this [1]. > I've hit it in out-of-tree code (or, code that I submitted to > dri-devel, but wasn't accepted as-is), and this is the "belt and > braces" part -- the primary fix is that we should avoid calling things > like drm_atomic_get_crtc_state() at inappropriate times. > > So, is the "extra safety" check really something that should go to > -stable? (Because let's be honest, everything with a Fixes tag goes > there.) Maybe? > > Anyway, if you want to "blame" anything, this commit actually dropped > the safety check: > > 4e257d9eee23 drm/rockchip: get rid of rockchip_drm_crtc_mode_config I tend to think, if we know that connection we should also include it :-) . I wouldn't include a cc-stable for the reason you mentioned, but to me it makes sense if someone reading the git history in the future can easily know that information - so it doesn't hurt :-) . So I'll add that when applying. Thanks for supplying the origin commit Heiko > > Brian > > [1] But I'm not omniscient. So maybe it's good to have anyway. >
On Fri, 17 Jun 2022 17:26:52 -0700, Brian Norris wrote: > It's possible for users to try to duplicate the CRTC state even when the > state doesn't exist. drm_atomic_helper_crtc_duplicate_state() (and other > users of __drm_atomic_helper_crtc_duplicate_state()) already guard this > with a WARN_ON() instead of crashing, so let's do that here too. Applied, thanks! [1/1] drm/rockchip: vop: Don't crash for invalid duplicate_state() commit: 1449110b0dade8b638d2c17ab7c5b0ff696bfccb Best regards,
diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c index 74562d40f639..daf192881353 100644 --- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c +++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c @@ -1570,6 +1570,9 @@ static struct drm_crtc_state *vop_crtc_duplicate_state(struct drm_crtc *crtc) { struct rockchip_crtc_state *rockchip_state; + if (WARN_ON(!crtc->state)) + return NULL; + rockchip_state = kzalloc(sizeof(*rockchip_state), GFP_KERNEL); if (!rockchip_state) return NULL;
It's possible for users to try to duplicate the CRTC state even when the state doesn't exist. drm_atomic_helper_crtc_duplicate_state() (and other users of __drm_atomic_helper_crtc_duplicate_state()) already guard this with a WARN_ON() instead of crashing, so let's do that here too. Signed-off-by: Brian Norris <briannorris@chromium.org> --- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 3 +++ 1 file changed, 3 insertions(+)