Message ID | 20230303122839.320821-2-cascardo@canonical.com |
---|---|
State | New |
Headers | show |
Series | CVE-2022-3108 | expand |
On 03-03-2023 13:28, Thadeu Lima de Souza Cascardo wrote: > From: Jiasheng Jiang <jiasheng@iscas.ac.cn> > > As the possible failure of the allocation, kmemdup() may return NULL > pointer. > Therefore, it should be better to check the 'props2' in order to prevent > the dereference of NULL pointer. > > Fixes: 3a87177eb141 ("drm/amdkfd: Add topology support for dGPUs") > Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> > Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com> > Signed-off-by: Felix Kuehling <Felix.Kuehling@amd.com> > Signed-off-by: Alex Deucher <alexander.deucher@amd.com> > (cherry picked from commit abfaf0eee97925905e742aa3b0b72e04a918fa9e) > CVE-2022-3108 > Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> > --- > drivers/gpu/drm/amd/amdkfd/kfd_crat.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c > index 3685e89415d5..6066cd7a9d8c 100644 > --- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c > +++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c > @@ -407,6 +407,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink, > return -ENODEV; > /* same everything but the other direction */ > props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL); > + if (!props2) > + return -ENOMEM; > + > props2->node_from = id_to; > props2->node_to = id_from; > props2->kobj = NULL; Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c index 3685e89415d5..6066cd7a9d8c 100644 --- a/drivers/gpu/drm/amd/amdkfd/kfd_crat.c +++ b/drivers/gpu/drm/amd/amdkfd/kfd_crat.c @@ -407,6 +407,9 @@ static int kfd_parse_subtype_iolink(struct crat_subtype_iolink *iolink, return -ENODEV; /* same everything but the other direction */ props2 = kmemdup(props, sizeof(*props2), GFP_KERNEL); + if (!props2) + return -ENOMEM; + props2->node_from = id_to; props2->node_to = id_from; props2->kobj = NULL;