From: Greg KH <gregkh@linuxfoundation.org>
To: Daniel Vetter <daniel@ffwll.ch>
Cc: "Oded Gabbay" <oded.gabbay@gmail.com>,
amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org,
"Dragos-Marian Panait" <dragos.panait@windriver.com>,
"Felix Kuehling" <Felix.Kuehling@amd.com>,
"Jiasheng Jiang" <jiasheng@iscas.ac.cn>,
"Harish Kasiviswanathan" <Harish.Kasiviswanathan@amd.com>,
linux-kernel@vger.kernel.org, stable@vger.kernel.org,
"Kent Russell" <kent.russell@amd.com>,
"Alex Deucher" <alexander.deucher@amd.com>,
"Christian König" <christian.koenig@amd.com>
Subject: Re: [PATCH 5.10 1/1] drm/amdkfd: Check for null pointer after calling kmemdup
Date: Thu, 12 Jan 2023 17:45:42 +0100 [thread overview]
Message-ID: <Y8A5NgtGLDJv4sON@kroah.com> (raw)
In-Reply-To: <CAKMK7uEgzJU8ukgR3sQtSUB5+wrD9VyMwCHOA-SReFWd0tKzzw@mail.gmail.com>
On Thu, Jan 12, 2023 at 04:26:45PM +0100, Daniel Vetter wrote:
> On Thu, 12 Jan 2023 at 13:47, Greg KH <gregkh@linuxfoundation.org> wrote:
> > On Wed, Jan 04, 2023 at 07:56:33PM +0200, Dragos-Marian Panait wrote:
> > > From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
> > >
> > > [ Upstream commit abfaf0eee97925905e742aa3b0b72e04a918fa9e ]
> > >
> > > As the possible failure of the allocation, kmemdup() may return NULL
> > > pointer.
> > > Therefore, it should be better to check the 'props2' in order to prevent
> > > the dereference of NULL pointer.
> > >
> > > Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs")
> > > Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
> > > Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
> > > Signed-off-by: Felix Kuehling <Felix.Kuehling@amd.com>
> > > Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
> > > Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
> > > ---
> > > drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++
> > > 1 file changed, 3 insertions(+)
> > >
> > > diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > index 86b4dadf772e..02e3c650ed1c 100644
> > > --- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > +++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > @@ -408,6 +408,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink,
> > > return -ENODEV;
> > > /* same everything but the other direction */
> > > props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL);
> > > + if (!props2)
> > > + return -ENOMEM;
> >
> > Not going to queue this up as this is a bogus CVE.
>
> Are we at the point where CVE presence actually contraindicates
> backporting?
Some would say that that point passed a long time ago :)
> At least I'm getting a bit the feeling there's a surge of
> automated (security) fixes that just don't hold up to any scrutiny.
That has been happening a lot more in the past 6-8 months than in years
past with the introduction of more automated tools being present.
> Last week I had to toss out an fbdev locking patch due to static
> checker that has no clue at all how refcounting works, and so
> complained that things need more locking ... (that was -fixes, but
> would probably have gone to stable too if I didn't catch it).
>
> Simple bugfixes from random people was nice when it was checkpatch
> stuff and I was fairly happy to take these aggressively in drm. But my
> gut feeling says things seem to be shifting towards more advanced
> tooling, but without more advanced understanding by submitters. Does
> that holder in other areas too?
Again, yes, I have seen that a lot recently, especially with regards to
patches that purport to fix bugs yet obviously were never tested.
That being said, there are a few developers who are doing great things
with fault-injection testing and providing good patches for that. So we
can't just say that everyone using these tools has no clue.
thanks,
greg k-h
WARNING: multiple messages have this Message-ID (diff)
From: Greg KH <gregkh@linuxfoundation.org>
To: Daniel Vetter <daniel@ffwll.ch>
Cc: "Dragos-Marian Panait" <dragos.panait@windriver.com>,
stable@vger.kernel.org, "Jiasheng Jiang" <jiasheng@iscas.ac.cn>,
"Felix Kuehling" <Felix.Kuehling@amd.com>,
"Alex Deucher" <alexander.deucher@amd.com>,
"Oded Gabbay" <oded.gabbay@gmail.com>,
"Christian König" <christian.koenig@amd.com>,
"Kent Russell" <kent.russell@amd.com>,
"Harish Kasiviswanathan" <Harish.Kasiviswanathan@amd.com>,
dri-devel@lists.freedesktop.org, amd-gfx@lists.freedesktop.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 5.10 1/1] drm/amdkfd: Check for null pointer after calling kmemdup
Date: Thu, 12 Jan 2023 17:45:42 +0100 [thread overview]
Message-ID: <Y8A5NgtGLDJv4sON@kroah.com> (raw)
In-Reply-To: <CAKMK7uEgzJU8ukgR3sQtSUB5+wrD9VyMwCHOA-SReFWd0tKzzw@mail.gmail.com>
On Thu, Jan 12, 2023 at 04:26:45PM +0100, Daniel Vetter wrote:
> On Thu, 12 Jan 2023 at 13:47, Greg KH <gregkh@linuxfoundation.org> wrote:
> > On Wed, Jan 04, 2023 at 07:56:33PM +0200, Dragos-Marian Panait wrote:
> > > From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
> > >
> > > [ Upstream commit abfaf0eee97925905e742aa3b0b72e04a918fa9e ]
> > >
> > > As the possible failure of the allocation, kmemdup() may return NULL
> > > pointer.
> > > Therefore, it should be better to check the 'props2' in order to prevent
> > > the dereference of NULL pointer.
> > >
> > > Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs")
> > > Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
> > > Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
> > > Signed-off-by: Felix Kuehling <Felix.Kuehling@amd.com>
> > > Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
> > > Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
> > > ---
> > > drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++
> > > 1 file changed, 3 insertions(+)
> > >
> > > diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > index 86b4dadf772e..02e3c650ed1c 100644
> > > --- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > +++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > @@ -408,6 +408,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink,
> > > return -ENODEV;
> > > /* same everything but the other direction */
> > > props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL);
> > > + if (!props2)
> > > + return -ENOMEM;
> >
> > Not going to queue this up as this is a bogus CVE.
>
> Are we at the point where CVE presence actually contraindicates
> backporting?
Some would say that that point passed a long time ago :)
> At least I'm getting a bit the feeling there's a surge of
> automated (security) fixes that just don't hold up to any scrutiny.
That has been happening a lot more in the past 6-8 months than in years
past with the introduction of more automated tools being present.
> Last week I had to toss out an fbdev locking patch due to static
> checker that has no clue at all how refcounting works, and so
> complained that things need more locking ... (that was -fixes, but
> would probably have gone to stable too if I didn't catch it).
>
> Simple bugfixes from random people was nice when it was checkpatch
> stuff and I was fairly happy to take these aggressively in drm. But my
> gut feeling says things seem to be shifting towards more advanced
> tooling, but without more advanced understanding by submitters. Does
> that holder in other areas too?
Again, yes, I have seen that a lot recently, especially with regards to
patches that purport to fix bugs yet obviously were never tested.
That being said, there are a few developers who are doing great things
with fault-injection testing and providing good patches for that. So we
can't just say that everyone using these tools has no clue.
thanks,
greg k-h
WARNING: multiple messages have this Message-ID (diff)
From: Greg KH <gregkh@linuxfoundation.org>
To: Daniel Vetter <daniel@ffwll.ch>
Cc: amd-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org,
"Dragos-Marian Panait" <dragos.panait@windriver.com>,
"Felix Kuehling" <Felix.Kuehling@amd.com>,
"Jiasheng Jiang" <jiasheng@iscas.ac.cn>,
"Harish Kasiviswanathan" <Harish.Kasiviswanathan@amd.com>,
linux-kernel@vger.kernel.org, stable@vger.kernel.org,
"Kent Russell" <kent.russell@amd.com>,
"Alex Deucher" <alexander.deucher@amd.com>,
"Christian König" <christian.koenig@amd.com>
Subject: Re: [PATCH 5.10 1/1] drm/amdkfd: Check for null pointer after calling kmemdup
Date: Thu, 12 Jan 2023 17:45:42 +0100 [thread overview]
Message-ID: <Y8A5NgtGLDJv4sON@kroah.com> (raw)
In-Reply-To: <CAKMK7uEgzJU8ukgR3sQtSUB5+wrD9VyMwCHOA-SReFWd0tKzzw@mail.gmail.com>
On Thu, Jan 12, 2023 at 04:26:45PM +0100, Daniel Vetter wrote:
> On Thu, 12 Jan 2023 at 13:47, Greg KH <gregkh@linuxfoundation.org> wrote:
> > On Wed, Jan 04, 2023 at 07:56:33PM +0200, Dragos-Marian Panait wrote:
> > > From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
> > >
> > > [ Upstream commit abfaf0eee97925905e742aa3b0b72e04a918fa9e ]
> > >
> > > As the possible failure of the allocation, kmemdup() may return NULL
> > > pointer.
> > > Therefore, it should be better to check the 'props2' in order to prevent
> > > the dereference of NULL pointer.
> > >
> > > Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs")
> > > Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
> > > Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
> > > Signed-off-by: Felix Kuehling <Felix.Kuehling@amd.com>
> > > Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
> > > Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
> > > ---
> > > drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++
> > > 1 file changed, 3 insertions(+)
> > >
> > > diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > index 86b4dadf772e..02e3c650ed1c 100644
> > > --- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > +++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c
> > > @@ -408,6 +408,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink,
> > > return -ENODEV;
> > > /* same everything but the other direction */
> > > props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL);
> > > + if (!props2)
> > > + return -ENOMEM;
> >
> > Not going to queue this up as this is a bogus CVE.
>
> Are we at the point where CVE presence actually contraindicates
> backporting?
Some would say that that point passed a long time ago :)
> At least I'm getting a bit the feeling there's a surge of
> automated (security) fixes that just don't hold up to any scrutiny.
That has been happening a lot more in the past 6-8 months than in years
past with the introduction of more automated tools being present.
> Last week I had to toss out an fbdev locking patch due to static
> checker that has no clue at all how refcounting works, and so
> complained that things need more locking ... (that was -fixes, but
> would probably have gone to stable too if I didn't catch it).
>
> Simple bugfixes from random people was nice when it was checkpatch
> stuff and I was fairly happy to take these aggressively in drm. But my
> gut feeling says things seem to be shifting towards more advanced
> tooling, but without more advanced understanding by submitters. Does
> that holder in other areas too?
Again, yes, I have seen that a lot recently, especially with regards to
patches that purport to fix bugs yet obviously were never tested.
That being said, there are a few developers who are doing great things
with fault-injection testing and providing good patches for that. So we
can't just say that everyone using these tools has no clue.
thanks,
greg k-h
next prev parent reply other threads:[~2023-01-12 16:46 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-04 17:56 [PATCH 5.10 0/1] drm/amdkfd: Check for null pointer after calling kmemdup Dragos-Marian Panait
2023-01-04 17:56 ` Dragos-Marian Panait
2023-01-04 17:56 ` Dragos-Marian Panait
2023-01-04 17:56 ` [PATCH 5.10 1/1] " Dragos-Marian Panait
2023-01-04 17:56 ` Dragos-Marian Panait
2023-01-04 17:56 ` Dragos-Marian Panait
2023-01-12 12:47 ` Greg KH
2023-01-12 12:47 ` Greg KH
2023-01-12 12:47 ` Greg KH
2023-01-12 15:26 ` Daniel Vetter
2023-01-12 15:26 ` Daniel Vetter
2023-01-12 15:26 ` Daniel Vetter
2023-01-12 16:45 ` Greg KH [this message]
2023-01-12 16:45 ` Greg KH
2023-01-12 16:45 ` Greg KH
2023-01-19 10:26 ` Daniel Vetter
2023-01-19 10:26 ` Daniel Vetter
2023-01-19 10:26 ` Daniel Vetter
2023-01-19 11:49 ` Christian König
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y8A5NgtGLDJv4sON@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=Felix.Kuehling@amd.com \
--cc=Harish.Kasiviswanathan@amd.com \
--cc=alexander.deucher@amd.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=christian.koenig@amd.com \
--cc=daniel@ffwll.ch \
--cc=dragos.panait@windriver.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=jiasheng@iscas.ac.cn \
--cc=kent.russell@amd.com \
--cc=linux-kernel@vger.kernel.org \
--cc=oded.gabbay@gmail.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.