proxmox-mirrors/mirror_ubuntu-kernels
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_ubuntu-kernels.git synced 2026-01-08 13:58:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c958e86e9c
mirror_ubuntu-kernels/drivers/gpu/drm/mediatek
History
Hsin-Yi Wang c958e86e9c drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip 
It's possible that mtk_crtc->event is NULL in
mtk_drm_crtc_finish_page_flip().

pending_needs_vblank value is set by mtk_crtc->event, but in
mtk_drm_crtc_atomic_flush(), it's is not guarded by the same
lock in mtk_drm_finish_page_flip(), thus a race condition happens.

Consider the following case:

CPU1                              CPU2
step 1:
mtk_drm_crtc_atomic_begin()
mtk_crtc->event is not null,
                                  step 1:
                                  mtk_drm_crtc_atomic_flush:
                                  mtk_drm_crtc_update_config(
                                      !!mtk_crtc->event)
step 2:
mtk_crtc_ddp_irq ->
mtk_drm_finish_page_flip:
lock
mtk_crtc->event set to null,
pending_needs_vblank set to false
unlock
                                  pending_needs_vblank set to true,

                                  step 2:
                                  mtk_crtc_ddp_irq ->
                                  mtk_drm_finish_page_flip called again,
                                  pending_needs_vblank is still true
                                  //null pointer

Instead of guarding the entire mtk_drm_crtc_atomic_flush(), it's more
efficient to just check if mtk_crtc->event is null before use.

Fixes: 119f517362 ("drm/mediatek: Add DRM Driver for Mediatek SoC MT8173.")
Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org>
Reviewed-by: CK Hu <ck.hu@mediatek.com>
Link: https://patchwork.kernel.org/project/dri-devel/patch/20240223212404.3709690-1-hsinyi@chromium.org/
Signed-off-by: Chun-Kuang Hu <chunkuang.hu@kernel.org>
2024-02-29 16:15:28 +00:00
..
Kconfig drm/mediatek: dp: Add support for embedded DisplayPort aux-bus 2023-08-09 23:25:00 +00:00
Makefile drm/mediatek: Support MT8188 Padding in display driver 2023-12-14 14:45:36 +00:00
mtk_cec.c drm/mediatek: Use devm_platform_ioremap_resource() 2023-12-07 15:58:02 +00:00
mtk_cec.h
mtk_disp_aal.c drm/mediatek: Use devm_platform_ioremap_resource() 2023-12-07 15:58:02 +00:00
mtk_disp_ccorr.c drm/mediatek: Use devm_platform_ioremap_resource() 2023-12-07 15:58:02 +00:00
mtk_disp_color.c Mediatek DRM Next for Linux 6.6 2023-08-15 12:07:19 +10:00
mtk_disp_drv.h drm/mediatek: Filter modes according to hardware capability 2024-02-27 00:02:55 +00:00
mtk_disp_gamma.c drm/mediatek: mtk_disp_gamma: Fix breakage due to merge issue 2023-11-23 14:49:47 +00:00
mtk_disp_merge.c drm/mediatek: Filter modes according to hardware capability 2024-02-27 00:02:55 +00:00
mtk_disp_ovl_adaptor.c drm/mediatek: Filter modes according to hardware capability 2024-02-27 00:02:55 +00:00
mtk_disp_ovl.c Mediatek DRM Next for Linux 6.6 2023-08-15 12:07:19 +10:00
mtk_disp_rdma.c Mediatek DRM Next for Linux 6.6 2023-08-15 12:07:19 +10:00
mtk_dp_reg.h drm/mediatek: dp: Add support MT8188 dp/edp function 2023-09-24 14:00:23 +00:00
mtk_dp.c drm/mediatek: dp: Add phy_mtk_dp module as pre-dependency 2023-12-18 14:31:32 +00:00
mtk_dpi_regs.h drm/mediatek: dpi: Add dp_intf support 2022-07-06 22:51:44 +08:00
mtk_dpi.c drm/mediatek: Remove the redundant driver data for DPI 2023-12-14 14:55:48 +00:00
mtk_drm_crtc.c drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip 2024-02-29 16:15:28 +00:00
mtk_drm_crtc.h drm/mediatek: gamma: Support SoC specific LUT size 2023-10-15 23:44:59 +00:00
mtk_drm_ddp_comp.c drm/mediatek: Filter modes according to hardware capability 2024-02-27 00:02:55 +00:00
mtk_drm_ddp_comp.h drm/mediatek: Filter modes according to hardware capability 2024-02-27 00:02:55 +00:00
mtk_drm_drv.c drm/mediatek: Support MT8188 VDOSYS1 in display driver 2024-01-29 00:30:06 +00:00
mtk_drm_drv.h drm/mediatek: Support MT8188 Padding in display driver 2023-12-14 14:45:36 +00:00
mtk_drm_gem.c Linux 6.6-rc7 2023-10-23 18:20:06 +10:00
mtk_drm_gem.h dma-buf-map: Rename to iosys-map 2022-02-07 16:35:35 -08:00
mtk_drm_plane.c drm/mediatek: Fix iommu fault by swapping FBs after updating plane state 2023-10-08 01:28:31 +00:00
mtk_drm_plane.h drm/mediatek: Refactor pixel format logic 2023-03-12 15:03:56 +00:00
mtk_dsi.c drm/mediatek: dsi: Use mipi_dsi_pixel_format_to_bpp() helper function 2024-02-19 14:49:51 +00:00
mtk_ethdr.c drm/mediatek: Convert to platform remove callback returning void 2023-11-21 09:18:53 +01:00
mtk_ethdr.h drm/mediatek: Add ETHDR support for MT8195 2023-03-22 16:25:00 +00:00
mtk_hdmi_ddc.c drm: remove I2C_CLASS_DDC support 2024-01-18 21:10:41 +01:00
mtk_hdmi_regs.h
mtk_hdmi.c drm/mediatek: Convert to platform remove callback returning void 2023-08-10 23:41:55 +00:00
mtk_hdmi.h drm/mediatek: Separate mtk_hdmi_phy to an independent module 2020-09-06 07:02:54 +08:00
mtk_mdp_rdma.c drm/mediatek: Return error if MDP RDMA failed to enable the clock 2023-12-14 14:53:44 +00:00
mtk_mdp_rdma.h drm/mediatek: Add display MDP RDMA support for MT8195 2022-06-27 22:24:14 +08:00
mtk_padding.c drm/mediatek: Support MT8188 Padding in display driver 2023-12-14 14:45:36 +00:00