[PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
@ 2025-01-19  2:58 Su Hui
  2025-01-20  7:21 ` Dan Carpenter
                   ` (2 more replies)
  0 siblings, 3 replies; 6+ messages in thread
From: Su Hui @ 2025-01-19  2:58 UTC (permalink / raw)
  To: boris.brezillon, steven.price, liviu.dudau, maarten.lankhorst,
	mripard, tzimmermann, airlied, simona
  Cc: Su Hui, mary.guillemard, dri-devel, linux-kernel, kernel-janitors

'priorities_info' is uninitialized, and the uninitialized value is copied
to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
'priorities_info' to avoid this garbage value problem.

Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
Signed-off-by: Su Hui <suhui@nfschina.com>
---
 drivers/gpu/drm/panthor/panthor_drv.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/gpu/drm/panthor/panthor_drv.c b/drivers/gpu/drm/panthor/panthor_drv.c
index 0b3fbee3d37a..44f5c72d46c3 100644
--- a/drivers/gpu/drm/panthor/panthor_drv.c
+++ b/drivers/gpu/drm/panthor/panthor_drv.c
@@ -802,6 +802,7 @@ static void panthor_query_group_priorities_info(struct drm_file *file,
 {
 	int prio;
 
+	memset(arg, 0, sizeof(*arg));
 	for (prio = PANTHOR_GROUP_PRIORITY_REALTIME; prio >= 0; prio--) {
 		if (!group_priority_permit(file, prio))
 			arg->allowed_mask |= BIT(prio);
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
  2025-01-19  2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
@ 2025-01-20  7:21 ` Dan Carpenter
  2025-01-20  8:42   ` Su Hui
  2025-02-07 16:44   ` Boris Brezillon
  2025-01-20  9:26 ` Boris Brezillon
  2025-01-20 10:01 ` Steven Price
  2 siblings, 2 replies; 6+ messages in thread
From: Dan Carpenter @ 2025-01-20  7:21 UTC (permalink / raw)
  To: Su Hui
  Cc: boris.brezillon, steven.price, liviu.dudau, maarten.lankhorst,
	mripard, tzimmermann, airlied, simona, mary.guillemard, dri-devel,
	linux-kernel, kernel-janitors

On Sun, Jan 19, 2025 at 10:58:29AM +0800, Su Hui wrote:
> 'priorities_info' is uninitialized, and the uninitialized value is copied
> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> 'priorities_info' to avoid this garbage value problem.
> 
> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> Signed-off-by: Su Hui <suhui@nfschina.com>

Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>

How did you find this bug?

regards,
dan carpenter


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
  2025-01-20  7:21 ` Dan Carpenter
@ 2025-01-20  8:42   ` Su Hui
  2025-02-07 16:44   ` Boris Brezillon
  1 sibling, 0 replies; 6+ messages in thread
From: Su Hui @ 2025-01-20  8:42 UTC (permalink / raw)
  To: Dan Carpenter
  Cc: boris.brezillon, steven.price, liviu.dudau, maarten.lankhorst,
	mripard, tzimmermann, airlied, simona, mary.guillemard, dri-devel,
	linux-kernel, kernel-janitors

On 2025/1/20 15:21, Dan Carpenter wrote:
> On Sun, Jan 19, 2025 at 10:58:29AM +0800, Su Hui wrote:
>> 'priorities_info' is uninitialized, and the uninitialized value is copied
>> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
>> 'priorities_info' to avoid this garbage value problem.
>>
>> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
>> Signed-off-by: Su Hui <suhui@nfschina.com>
> Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>
>
> How did you find this bug?
Clang found this bug, run command like this:
scan-build  --use-cc=clang    make CC=clang 
drivers/gpu/drm/panthor/panthor_drv.o

There will be some warnings, one is this:
drivers/gpu/drm/panthor/panthor_drv.c:807:22: warning: The left 
expression of the compound
assignment is an uninitialized value. The computed value will also be 
garbage [core.uninitialized.Assign]
   807 |                         arg->allowed_mask |= BIT(prio);
       |                         ~~~~~~~~~~~~~~~~~ ^


regards,
su hui

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
  2025-01-20  7:21 ` Dan Carpenter
  2025-01-20  8:42   ` Su Hui
@ 2025-02-07 16:44   ` Boris Brezillon
  1 sibling, 0 replies; 6+ messages in thread
From: Boris Brezillon @ 2025-02-07 16:44 UTC (permalink / raw)
  To: Dan Carpenter
  Cc: Su Hui, steven.price, liviu.dudau, maarten.lankhorst, mripard,
	tzimmermann, airlied, simona, mary.guillemard, dri-devel,
	linux-kernel, kernel-janitors

On Mon, 20 Jan 2025 10:21:49 +0300
Dan Carpenter <dan.carpenter@linaro.org> wrote:

> On Sun, Jan 19, 2025 at 10:58:29AM +0800, Su Hui wrote:
> > 'priorities_info' is uninitialized, and the uninitialized value is copied
> > to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> > 'priorities_info' to avoid this garbage value problem.
> > 
> > Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> > Signed-off-by: Su Hui <suhui@nfschina.com>  
> 
> Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>

Queued to drm-misc-fixes.

> 
> How did you find this bug?
> 
> regards,
> dan carpenter
> 


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
  2025-01-19  2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
  2025-01-20  7:21 ` Dan Carpenter
@ 2025-01-20  9:26 ` Boris Brezillon
  2025-01-20 10:01 ` Steven Price
  2 siblings, 0 replies; 6+ messages in thread
From: Boris Brezillon @ 2025-01-20  9:26 UTC (permalink / raw)
  To: Su Hui
  Cc: steven.price, liviu.dudau, maarten.lankhorst, mripard,
	tzimmermann, airlied, simona, mary.guillemard, dri-devel,
	linux-kernel, kernel-janitors

On Sun, 19 Jan 2025 10:58:29 +0800
Su Hui <suhui@nfschina.com> wrote:

> 'priorities_info' is uninitialized, and the uninitialized value is copied
> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> 'priorities_info' to avoid this garbage value problem.
> 
> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> Signed-off-by: Su Hui <suhui@nfschina.com>

Reviewed-by: Boris Brezillon <boris.brezillon@collabora.com>

> ---
>  drivers/gpu/drm/panthor/panthor_drv.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/drivers/gpu/drm/panthor/panthor_drv.c b/drivers/gpu/drm/panthor/panthor_drv.c
> index 0b3fbee3d37a..44f5c72d46c3 100644
> --- a/drivers/gpu/drm/panthor/panthor_drv.c
> +++ b/drivers/gpu/drm/panthor/panthor_drv.c
> @@ -802,6 +802,7 @@ static void panthor_query_group_priorities_info(struct drm_file *file,
>  {
>  	int prio;
>  
> +	memset(arg, 0, sizeof(*arg));
>  	for (prio = PANTHOR_GROUP_PRIORITY_REALTIME; prio >= 0; prio--) {
>  		if (!group_priority_permit(file, prio))
>  			arg->allowed_mask |= BIT(prio);


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
  2025-01-19  2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
  2025-01-20  7:21 ` Dan Carpenter
  2025-01-20  9:26 ` Boris Brezillon
@ 2025-01-20 10:01 ` Steven Price
  2 siblings, 0 replies; 6+ messages in thread
From: Steven Price @ 2025-01-20 10:01 UTC (permalink / raw)
  To: Su Hui, boris.brezillon, liviu.dudau, maarten.lankhorst, mripard,
	tzimmermann, airlied, simona
  Cc: mary.guillemard, dri-devel, linux-kernel, kernel-janitors

On 19/01/2025 02:58, Su Hui wrote:
> 'priorities_info' is uninitialized, and the uninitialized value is copied
> to user object when calling PANTHOR_UOBJ_SET(). Using memset to initialize
> 'priorities_info' to avoid this garbage value problem.
> 
> Fixes: f70000ef2352 ("drm/panthor: Add DEV_QUERY_GROUP_PRIORITIES_INFO dev query")
> Signed-off-by: Su Hui <suhui@nfschina.com>

Reviewed-by: Steven Price <steven.price@arm.com>

> ---
>  drivers/gpu/drm/panthor/panthor_drv.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/drivers/gpu/drm/panthor/panthor_drv.c b/drivers/gpu/drm/panthor/panthor_drv.c
> index 0b3fbee3d37a..44f5c72d46c3 100644
> --- a/drivers/gpu/drm/panthor/panthor_drv.c
> +++ b/drivers/gpu/drm/panthor/panthor_drv.c
> @@ -802,6 +802,7 @@ static void panthor_query_group_priorities_info(struct drm_file *file,
>  {
>  	int prio;
>  
> +	memset(arg, 0, sizeof(*arg));
>  	for (prio = PANTHOR_GROUP_PRIORITY_REALTIME; prio >= 0; prio--) {
>  		if (!group_priority_permit(file, prio))
>  			arg->allowed_mask |= BIT(prio);


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2025-02-07 16:45 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-01-19  2:58 [PATCH] drm/panthor: avoid garbage value in panthor_ioctl_dev_query() Su Hui
2025-01-20  7:21 ` Dan Carpenter
2025-01-20  8:42   ` Su Hui
2025-02-07 16:44   ` Boris Brezillon
2025-01-20  9:26 ` Boris Brezillon
2025-01-20 10:01 ` Steven Price

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox