Re: [PATCH v6.6] drm/amd/display: Wake DMCUB before executing GPINT commands

From: Alex Deucher
Date: Thu Apr 18 2024 - 10:18:09 EST


On Wed, Apr 17, 2024 at 11:14 PM wangzhu <wangzhu9@xxxxxxxxxx> wrote:
>
> The CVE-2023-52624 is fixed in linux-6.7 stable, while it is not fixed in 6.6, this commit is presented to fix it in linux-6.6 stable.

Why is there a CVE in the first place? Is this actually an issue you
have seen? It seems like you just picked a random patch and opened a
CVE.

Alex


>
> -----邮件原件-----
> 发件人: Alex Deucher [mailto:alexdeucher@xxxxxxxxx]
> 发送时间: 2024年4月18日 9:58
> 收件人: wangzhu <wangzhu9@xxxxxxxxxx>
> 抄送: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>; harry.wentland@xxxxxxx; sunpeng.li@xxxxxxx; Rodrigo.Siqueira@xxxxxxx; alexander.deucher@xxxxxxx; christian.koenig@xxxxxxx; airlied@xxxxxxxx; daniel@xxxxxxxx; qingqing.zhuo@xxxxxxx; stylon.wang@xxxxxxx; Josip.Pavic@xxxxxxx; trix@xxxxxxxxxx; cruise.hung@xxxxxxx; Eric.Yang2@xxxxxxx; mario.limonciello@xxxxxxx; alvin.lee2@xxxxxxx; jun.lei@xxxxxxx; austin.zheng@xxxxxxx; sunglee@xxxxxxx; paul.hsieh@xxxxxxx; hanghong.ma@xxxxxxx; JinZe.Xu@xxxxxxx; lewis.huang@xxxxxxx; Zhengzengkai <zhengzengkai@xxxxxxxxxx>; alex.hung@xxxxxxx; syed.hassan@xxxxxxx; wayne.lin@xxxxxxx; nicholas.kazlauskas@xxxxxxx; chiahsuan.chung@xxxxxxx; aurabindo.pillai@xxxxxxx; aric.cyr@xxxxxxx; amd-gfx@xxxxxxxxxxxxxxxxxxxxx; dri-devel@xxxxxxxxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> 主题: Re: [PATCH v6.6] drm/amd/display: Wake DMCUB before executing GPINT commands
>
> On Wed, Apr 17, 2024 at 9:51 PM wangzhu <wangzhu9@xxxxxxxxxx> wrote:
> >
> > Hi Greg, thanks for your reply. Since there is no patch to fix CVE-2023-52624 in linux-5.10, there is a patch in the linux-6.7 branch, its commit is 2ef98c6d753a744e333b7e34b9cf687040fba57d ("drm/amd/display: Wake DMCUB before executing GPINT commands"). When we apply this patch to linux-5.10, there are lots of conflicts, and we found there are lots of dependent patches, and lots of patches are not proposed to fix the cve, they are presented to add new functions of the kernel.
> >
>
> Why is there a CVE? Have you uncovered some specific issue?
>
> Alex
>
> > My commit comes from nearly 20 patches. For each patch, not all of its content is meant to fix the cve, so I just get the part which is helpful to fix. It is why I don't present the patches one by one instead of merging them into one big patch.
> >
> >
> > -----邮件原件-----
> > 发件人: Greg KH [mailto:gregkh@xxxxxxxxxxxxxxxxxxx]
> > 发送时间: 2024年4月16日 12:54
> > 收件人: wangzhu <wangzhu9@xxxxxxxxxx>
> > 抄送: harry.wentland@xxxxxxx; sunpeng.li@xxxxxxx;
> > Rodrigo.Siqueira@xxxxxxx; alexander.deucher@xxxxxxx;
> > christian.koenig@xxxxxxx; airlied@xxxxxxxx; daniel@xxxxxxxx;
> > qingqing.zhuo@xxxxxxx; stylon.wang@xxxxxxx; Josip.Pavic@xxxxxxx;
> > trix@xxxxxxxxxx; cruise.hung@xxxxxxx; Eric.Yang2@xxxxxxx;
> > mario.limonciello@xxxxxxx; alvin.lee2@xxxxxxx; jun.lei@xxxxxxx;
> > austin.zheng@xxxxxxx; sunglee@xxxxxxx; paul.hsieh@xxxxxxx;
> > hanghong.ma@xxxxxxx; JinZe.Xu@xxxxxxx; lewis.huang@xxxxxxx;
> > Zhengzengkai <zhengzengkai@xxxxxxxxxx>; alex.hung@xxxxxxx;
> > syed.hassan@xxxxxxx; wayne.lin@xxxxxxx; nicholas.kazlauskas@xxxxxxx;
> > chiahsuan.chung@xxxxxxx; aurabindo.pillai@xxxxxxx; aric.cyr@xxxxxxx;
> > amd-gfx@xxxxxxxxxxxxxxxxxxxxx; dri-devel@xxxxxxxxxxxxxxxxxxxxx;
> > linux-kernel@xxxxxxxxxxxxxxx
> > 主题: Re: [PATCH v6.6] drm/amd/display: Wake DMCUB before executing
> > GPINT commands
> >
> > On Tue, Apr 16, 2024 at 03:52:40AM +0000, Zhu Wang wrote:
> > > From: Nicholas Kazlauskas <nicholas.kazlauskas@xxxxxxx>
> > >
> > > stable inclusion
> > > from stable-v6.7.3
> > > commit 2ef98c6d753a744e333b7e34b9cf687040fba57d
> > > category: bugfix
> > > bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9BV4C
> > > CVE: CVE-2023-52624
> > >
> > > Reference:
> > > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/c
> > > om mit/?id=2ef98c6d753a744e333b7e34b9cf687040fba57d
> > >
> > > --------------------------------
> > >
> > > [ Upstream commit e5ffd1263dd5b44929c676171802e7b6af483f21 ]
> > >
> > > [Why]
> > > DMCUB can be in idle when we attempt to interface with the HW
> > > through the GPINT mailbox resulting in a system hang.
> > >
> > > [How]
> > > Add dc_wake_and_execute_gpint() to wrap the wake, execute, sleep
> > > sequence.
> > >
> > > If the GPINT executes successfully then DMCUB will be put back into
> > > sleep after the optional response is returned.
> > >
> > > It functions similar to the inbox command interface.
> > >
> > > Cc: Mario Limonciello <mario.limonciello@xxxxxxx>
> > > Cc: Alex Deucher <alexander.deucher@xxxxxxx>
> > > Cc: stable@xxxxxxxxxxxxxxx
> > > Reviewed-by: Hansen Dsouza <hansen.dsouza@xxxxxxx>
> > > Acked-by: Wayne Lin <wayne.lin@xxxxxxx>
> > > Signed-off-by: Nicholas Kazlauskas <nicholas.kazlauskas@xxxxxxx>
> > > Tested-by: Daniel Wheeler <daniel.wheeler@xxxxxxx>
> > > Signed-off-by: Alex Deucher <alexander.deucher@xxxxxxx>
> > >
> > > This commit comes from following commits:
> > >
> > > 8774029f76b9 ("drm/amd/display: Add DCN35 CLK_MGR") 65138eb72e1f
> > > ("drm/amd/display: Add DCN35 DMUB") dc01c4b79bfe ("drm/amd/display:
> > > Update driver and IPS interop")
> > > 820c3870c491 ("drm/amd/display: Refactor DMCUB enter/exit idle
> > > interface") 2ef98c6d753a ("drm/amd/display: Wake DMCUB before
> > > executing GPINT commands")
> >
> > Why are you putting multiple commits together and not just submitting the individual ones? And what is this for?
> >
> > confused,
> >
> > greg k-h