[PATCH] drm/via: Add new condition to via_dma_cleanup()

From: Alisa Khabibrakhmanova
Date: Fri Jul 29 2022 - 05:06:53 EST

Next message: Greg KH: "Re: [PATCH] staging: vme_user: Put quoted string in a single line"
Previous message: Sudip Mukherjee (Codethink): "Re: [PATCH 5.10 000/101] 5.10.134-rc2 review"
In reply to: Sam Ravnborg: "Re: [PATCH] drm/via: Add new condition to via_dma_cleanup()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Pointer dev_priv->mmio, which was checked for NULL at via_do_init_map(),
is passed to via_do_cleanup_map() and is dereferenced there without check.

The patch adds the condition in via_dma_cleanup() which prevents potential NULL
pointer dereference.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: 22f579c621e2 ("drm: Add via unichrome support")
Signed-off-by: Alisa Khabibrakhmanova <khabibrakhmanova@xxxxxxxxx>
---
drivers/gpu/drm/via/via_dri1.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/via/via_dri1.c b/drivers/gpu/drm/via/via_dri1.c
index d695d9291ece..691e3ceb0062 100644
--- a/drivers/gpu/drm/via/via_dri1.c
+++ b/drivers/gpu/drm/via/via_dri1.c
@@ -2961,7 +2961,7 @@ int via_dma_cleanup(struct drm_device *dev)
drm_via_private_t *dev_priv =
(drm_via_private_t *) dev->dev_private;

- if (dev_priv->ring.virtual_start) {
+ if (dev_priv->ring.virtual_start && dev_priv->mmio) {
via_cmdbuf_reset(dev_priv);

drm_legacy_ioremapfree(&dev_priv->ring.map, dev);
--
2.34.1

Next message: Greg KH: "Re: [PATCH] staging: vme_user: Put quoted string in a single line"
Previous message: Sudip Mukherjee (Codethink): "Re: [PATCH 5.10 000/101] 5.10.134-rc2 review"
In reply to: Sam Ravnborg: "Re: [PATCH] drm/via: Add new condition to via_dma_cleanup()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]