* [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
@ 2025-01-19 2:58 Su Hui
2025-01-20 7:21 ` Dan Carpenter
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Su Hui @ 2025-01-19 2:58 UTC (permalink / raw)
To: boris.brezillon, steven.price, liviu.dudau, maarten.lankhorst,
mripard, tzimmermann, airlied, simona
Cc: Su Hui, mary.guillemard, dri-devel, linux-kernel, kernel-janitors
'priorities_info' is uninitialized, and the uninitialized value is copied
to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
'priorities_info' to avoid this garbage value problem.
Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
Signed-off-by: Su Hui <suhui@nfschina.com>
---
drivers/gpu/drm/panthor/panthor_drv.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/gpu/drm/panthor/panthor_drv.c b/drivers/gpu/drm/panthor/panthor_drv.c
index 0b3fbee3d37a..44f5c72d46c3 100644
--- a/drivers/gpu/drm/panthor/panthor_drv.c
+++ b/drivers/gpu/drm/panthor/panthor_drv.c
@@ -802,6 +802,7 @@ static void panthor_query_group_priorities_info(struct drm_file *file,
{
int prio;
+ memset(arg, 0, sizeof(*arg));
for (prio = PANTHOR_GROUP_PRIORITY_REALTIME; prio >= 0; prio--) {
if (!group_priority_permit(file, prio))
arg->allowed_mask |= BIT(prio);
--
2.30.2
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
2025-01-19 2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
@ 2025-01-20 7:21 ` Dan Carpenter
2025-01-20 8:42 ` Su Hui
2025-02-07 16:44 ` Boris Brezillon
2025-01-20 9:26 ` Boris Brezillon
2025-01-20 10:01 ` Steven Price
2 siblings, 2 replies; 6+ messages in thread
From: Dan Carpenter @ 2025-01-20 7:21 UTC (permalink / raw)
To: Su Hui
Cc: boris.brezillon, steven.price, liviu.dudau, maarten.lankhorst,
mripard, tzimmermann, airlied, simona, mary.guillemard, dri-devel,
linux-kernel, kernel-janitors
On Sun, Jan 19, 2025 at 10:58:29AM +0800, Su Hui wrote:
> 'priorities_info' is uninitialized, and the uninitialized value is copied
> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> 'priorities_info' to avoid this garbage value problem.
>
> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> Signed-off-by: Su Hui <suhui@nfschina.com>
Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>
How did you find this bug?
regards,
dan carpenter
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
2025-01-20 7:21 ` Dan Carpenter
@ 2025-01-20 8:42 ` Su Hui
2025-02-07 16:44 ` Boris Brezillon
1 sibling, 0 replies; 6+ messages in thread
From: Su Hui @ 2025-01-20 8:42 UTC (permalink / raw)
To: Dan Carpenter
Cc: boris.brezillon, steven.price, liviu.dudau, maarten.lankhorst,
mripard, tzimmermann, airlied, simona, mary.guillemard, dri-devel,
linux-kernel, kernel-janitors
On 2025/1/20 15:21, Dan Carpenter wrote:
> On Sun, Jan 19, 2025 at 10:58:29AM +0800, Su Hui wrote:
>> 'priorities_info' is uninitialized, and the uninitialized value is copied
>> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
>> 'priorities_info' to avoid this garbage value problem.
>>
>> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
>> Signed-off-by: Su Hui <suhui@nfschina.com>
> Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>
>
> How did you find this bug?
Clang found this bug, run command like this:
scan-build --use-cc=clang make CC=clang
drivers/gpu/drm/panthor/panthor_drv.o
There will be some warnings, one is this:
drivers/gpu/drm/panthor/panthor_drv.c:807:22: warning: The left
expression of the compound
assignment is an uninitialized value. The computed value will also be
garbage [core.uninitialized.Assign]
807 | arg->allowed_mask |= BIT(prio);
| ~~~~~~~~~~~~~~~~~ ^
regards,
su hui
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
2025-01-19 2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
2025-01-20 7:21 ` Dan Carpenter
@ 2025-01-20 9:26 ` Boris Brezillon
2025-01-20 10:01 ` Steven Price
2 siblings, 0 replies; 6+ messages in thread
From: Boris Brezillon @ 2025-01-20 9:26 UTC (permalink / raw)
To: Su Hui
Cc: steven.price, liviu.dudau, maarten.lankhorst, mripard,
tzimmermann, airlied, simona, mary.guillemard, dri-devel,
linux-kernel, kernel-janitors
On Sun, 19 Jan 2025 10:58:29 +0800
Su Hui <suhui@nfschina.com> wrote:
> 'priorities_info' is uninitialized, and the uninitialized value is copied
> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> 'priorities_info' to avoid this garbage value problem.
>
> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> Signed-off-by: Su Hui <suhui@nfschina.com>
Reviewed-by: Boris Brezillon <boris.brezillon@collabora.com>
> ---
> drivers/gpu/drm/panthor/panthor_drv.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/gpu/drm/panthor/panthor_drv.c b/drivers/gpu/drm/panthor/panthor_drv.c
> index 0b3fbee3d37a..44f5c72d46c3 100644
> --- a/drivers/gpu/drm/panthor/panthor_drv.c
> +++ b/drivers/gpu/drm/panthor/panthor_drv.c
> @@ -802,6 +802,7 @@ static void panthor_query_group_priorities_info(struct drm_file *file,
> {
> int prio;
>
> + memset(arg, 0, sizeof(*arg));
> for (prio = PANTHOR_GROUP_PRIORITY_REALTIME; prio >= 0; prio--) {
> if (!group_priority_permit(file, prio))
> arg->allowed_mask |= BIT(prio);
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
2025-01-19 2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
2025-01-20 7:21 ` Dan Carpenter
2025-01-20 9:26 ` Boris Brezillon
@ 2025-01-20 10:01 ` Steven Price
2 siblings, 0 replies; 6+ messages in thread
From: Steven Price @ 2025-01-20 10:01 UTC (permalink / raw)
To: Su Hui, boris.brezillon, liviu.dudau, maarten.lankhorst, mripard,
tzimmermann, airlied, simona
Cc: mary.guillemard, dri-devel, linux-kernel, kernel-janitors
On 19/01/2025 02:58, Su Hui wrote:
> 'priorities_info' is uninitialized, and the uninitialized value is copied
> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> 'priorities_info' to avoid this garbage value problem.
>
> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> Signed-off-by: Su Hui <suhui@nfschina.com>
Reviewed-by: Steven Price <steven.price@arm.com>
> ---
> drivers/gpu/drm/panthor/panthor_drv.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/gpu/drm/panthor/panthor_drv.c b/drivers/gpu/drm/panthor/panthor_drv.c
> index 0b3fbee3d37a..44f5c72d46c3 100644
> --- a/drivers/gpu/drm/panthor/panthor_drv.c
> +++ b/drivers/gpu/drm/panthor/panthor_drv.c
> @@ -802,6 +802,7 @@ static void panthor_query_group_priorities_info(struct drm_file *file,
> {
> int prio;
>
> + memset(arg, 0, sizeof(*arg));
> for (prio = PANTHOR_GROUP_PRIORITY_REALTIME; prio >= 0; prio--) {
> if (!group_priority_permit(file, prio))
> arg->allowed_mask |= BIT(prio);
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
2025-01-20 7:21 ` Dan Carpenter
2025-01-20 8:42 ` Su Hui
@ 2025-02-07 16:44 ` Boris Brezillon
1 sibling, 0 replies; 6+ messages in thread
From: Boris Brezillon @ 2025-02-07 16:44 UTC (permalink / raw)
To: Dan Carpenter
Cc: Su Hui, steven.price, liviu.dudau, maarten.lankhorst, mripard,
tzimmermann, airlied, simona, mary.guillemard, dri-devel,
linux-kernel, kernel-janitors
On Mon, 20 Jan 2025 10:21:49 +0300
Dan Carpenter <dan.carpenter@linaro.org> wrote:
> On Sun, Jan 19, 2025 at 10:58:29AM +0800, Su Hui wrote:
> > 'priorities_info' is uninitialized, and the uninitialized value is copied
> > to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> > 'priorities_info' to avoid this garbage value problem.
> >
> > Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> > Signed-off-by: Su Hui <suhui@nfschina.com>
>
> Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>
Queued to drm-misc-fixes.
>
> How did you find this bug?
>
> regards,
> dan carpenter
>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2025-02-07 16:45 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-01-19 2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
2025-01-20 7:21 ` Dan Carpenter
2025-01-20 8:42 ` Su Hui
2025-02-07 16:44 ` Boris Brezillon
2025-01-20 9:26 ` Boris Brezillon
2025-01-20 10:01 ` Steven Price
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox