Re: [PATCH] Revert "drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()"
From: Lyude Paul
Date: Fri Jan 28 2022 - 14:59:48 EST
on further reconsideration: Self-NAKing this. I don't see any issues with
those patches.
On Fri, 2022-01-28 at 14:29 -0500, Lyude Paul wrote:
> This reverts commit 2343bcdb4747d4f418a4daf2e898b94f86c24a59.
>
> Unfortunately, as Greg pointed out I totally missed the fact that this
> patch came from a umn.edu patch. umn.edu is still banned from contributing
> to the Linux kernel, so let's revert this for the time being. I'll
> re-evaluate this fix myself later and send another fix if this ends up
> being valid.
>
> Signed-off-by: Lyude Paul <lyude@xxxxxxxxxx>
> Cc: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
> Cc: Ben Skeggs <bskeggs@xxxxxxxxxx>
> Cc: Karol Herbst <kherbst@xxxxxxxxxx>
> ---
> drivers/gpu/drm/nouveau/nvkm/subdev/acr/hsfw.c | 9 ++++-----
> 1 file changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/gpu/drm/nouveau/nvkm/subdev/acr/hsfw.c
> b/drivers/gpu/drm/nouveau/nvkm/subdev/acr/hsfw.c
> index a6ea89a5d51a..667fa016496e 100644
> --- a/drivers/gpu/drm/nouveau/nvkm/subdev/acr/hsfw.c
> +++ b/drivers/gpu/drm/nouveau/nvkm/subdev/acr/hsfw.c
> @@ -142,12 +142,11 @@ nvkm_acr_hsfw_load_bl(struct nvkm_acr *acr, const char
> *name, int ver,
>
> hsfw->imem_size = desc->code_size;
> hsfw->imem_tag = desc->start_tag;
> - hsfw->imem = kmemdup(data + desc->code_off, desc->code_size,
> GFP_KERNEL);
> + hsfw->imem = kmalloc(desc->code_size, GFP_KERNEL);
> + memcpy(hsfw->imem, data + desc->code_off, desc->code_size);
> +
> nvkm_firmware_put(fw);
> - if (!hsfw->imem)
> - return -ENOMEM;
> - else
> - return 0;
> + return 0;
> }
>
> int
--
Cheers,
Lyude Paul (she/her)
Software Engineer at Red Hat