| Message ID | 20211016210446.171616-1-marex@denx.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | drm: mxsfb: Fix NULL pointer dereference crash on unload | expand |
Hi Marek, On Sat, Oct 16, 2021 at 11:04:46PM +0200, Marek Vasut wrote: > The mxsfb->crtc.funcs may already be NULL when unloading the driver, > in which case calling mxsfb_irq_disable() via drm_irq_uninstall() from > mxsfb_unload() leads to NULL pointer dereference. > > Since all we care about is masking the IRQ and mxsfb->base is still > valid, just use that to clear and mask the IRQ. > > Fixes: ae1ed00932819 ("drm: mxsfb: Stop using DRM simple display pipeline helper") > Signed-off-by: Marek Vasut <marex@denx.de> > Cc: Daniel Abrecht <public@danielabrecht.ch> > Cc: Emil Velikov <emil.l.velikov@gmail.com> > Cc: Laurent Pinchart <laurent.pinchart@ideasonboard.com> > Cc: Sam Ravnborg <sam@ravnborg.org> > Cc: Stefan Agner <stefan@agner.ch> Applied to drm-misc-fixes. Sam
diff --git a/drivers/gpu/drm/mxsfb/mxsfb_drv.c b/drivers/gpu/drm/mxsfb/mxsfb_drv.c index ec0432fe1bdf..86d78634a979 100644 --- a/drivers/gpu/drm/mxsfb/mxsfb_drv.c +++ b/drivers/gpu/drm/mxsfb/mxsfb_drv.c @@ -173,7 +173,11 @@ static void mxsfb_irq_disable(struct drm_device *drm) struct mxsfb_drm_private *mxsfb = drm->dev_private; mxsfb_enable_axi_clk(mxsfb); - mxsfb->crtc.funcs->disable_vblank(&mxsfb->crtc); + + /* Disable and clear VBLANK IRQ */ + writel(CTRL1_CUR_FRAME_DONE_IRQ_EN, mxsfb->base + LCDC_CTRL1 + REG_CLR); + writel(CTRL1_CUR_FRAME_DONE_IRQ, mxsfb->base + LCDC_CTRL1 + REG_CLR); + mxsfb_disable_axi_clk(mxsfb); }
The mxsfb->crtc.funcs may already be NULL when unloading the driver, in which case calling mxsfb_irq_disable() via drm_irq_uninstall() from mxsfb_unload() leads to NULL pointer dereference. Since all we care about is masking the IRQ and mxsfb->base is still valid, just use that to clear and mask the IRQ. Fixes: ae1ed00932819 ("drm: mxsfb: Stop using DRM simple display pipeline helper") Signed-off-by: Marek Vasut <marex@denx.de> Cc: Daniel Abrecht <public@danielabrecht.ch> Cc: Emil Velikov <emil.l.velikov@gmail.com> Cc: Laurent Pinchart <laurent.pinchart@ideasonboard.com> Cc: Sam Ravnborg <sam@ravnborg.org> Cc: Stefan Agner <stefan@agner.ch> --- drivers/gpu/drm/mxsfb/mxsfb_drv.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)