From: "Christian König" <christian.koenig@amd.com>
To: Greg KH <gregkh@linuxfoundation.org>,
Dragos-Marian Panait <dragos.panait@windriver.com>
Cc: stable@vger.kernel.org, Jiasheng Jiang <jiasheng@iscas.ac.cn>,
Felix Kuehling <Felix.Kuehling@amd.com>,
Alex Deucher <alexander.deucher@amd.com>,
Oded Gabbay <oded.gabbay@gmail.com>,
David Zhou <David1.Zhou@amd.com>, David Airlie <airlied@linux.ie>,
dri-devel@lists.freedesktop.org, amd-gfx@lists.freedesktop.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 4.19 1/1] drm/amdkfd: Check for null pointer after calling kmemdup
Date: Wed, 4 Jan 2023 14:22:46 +0100 [thread overview]
Message-ID: <a8c6859f-5876-08cf-5949-ecf88e6bb528@amd.com> (raw)
In-Reply-To: <Y7Vz8mm0X+1h844b@kroah.com>
Am 04.01.23 um 13:41 schrieb Greg KH:
> On Tue, Jan 03, 2023 at 08:43:08PM +0200, Dragos-Marian Panait wrote:
>> From: Jiasheng Jiang <jiasheng@iscas.ac.cn>
>>
>> [ Upstream commit abfaf0eee97925905e742aa3b0b72e04a918fa9e ]
>>
>> As the possible failure of the allocation, kmemdup() may return NULL
>> pointer.
>> Therefore, it should be better to check the 'props2' in order to prevent
>> the dereference of NULL pointer.
>>
>> Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs")
>> Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
>> Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
>> Signed-off-by: Felix Kuehling <Felix.Kuehling@amd.com>
>> Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
>> Signed-off-by: Dragos-Marian Panait <dragos.panait@windriver.com>
>> ---
>> drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++
>> 1 file changed, 3 insertions(+)
> For obvious reasons, I can't take a patch for 4.19.y and not newer
> kernel releases, right?
>
> Please provide backports for all kernels if you really need to see this
> merged. And note, it's not a real bug at all, and given that a CVE was
> allocated for it that makes me want to even more reject it to show the
> whole folly of that mess.
Well as far as I can see this is nonsense to back port.
The code in question is only used only once during driver load and then
never again, that exactly this allocation fails while tons of other are
made before and after is extremely unlikely.
It's nice to have it fixed in newer kernels, but not worth a backport
and certainly not stuff for a CVE.
Regards,
Christian.
>
> thanks,
>
> greg k-h
next prev parent reply other threads:[~2023-01-04 13:23 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-03 18:43 [PATCH 4.19 0/1] drm/amdkfd: Check for null pointer after calling kmemdup Dragos-Marian Panait
2023-01-03 18:43 ` [PATCH 4.19 1/1] " Dragos-Marian Panait
2023-01-04 12:41 ` Greg KH
2023-01-04 13:22 ` Christian König [this message]
2023-01-04 14:35 ` Alex Deucher
2023-01-04 14:48 ` Greg KH
2023-01-04 18:05 ` Dragos-Marian Panait
2023-01-05 8:01 ` Greg KH
2023-01-04 12:38 ` [PATCH 4.19 0/1] " Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a8c6859f-5876-08cf-5949-ecf88e6bb528@amd.com \
--to=christian.koenig@amd.com \
--cc=David1.Zhou@amd.com \
--cc=Felix.Kuehling@amd.com \
--cc=airlied@linux.ie \
--cc=alexander.deucher@amd.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=dragos.panait@windriver.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=gregkh@linuxfoundation.org \
--cc=jiasheng@iscas.ac.cn \
--cc=linux-kernel@vger.kernel.org \
--cc=oded.gabbay@gmail.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox