ACK/Cmnt: [SRU][J][PATCH 0/1] CVE-2024-26661

Stefan Bader stefan.bader at canonical.com
Fri Sep 6 09:47:28 UTC 2024 

On 05.09.24 02:52, Hui Wang wrote:
> [Impact]
> 
> In "u32 otg_inst = pipe_ctx->stream_res.tg->inst;", the
> pipe_ctx->stream_res.tg could be NULL in some cases.
> 
> [Backport]
> 
> To cleanly cherry-pick the patch to jammy kernel, at least 2
> prerequisite patches are needed, they are 6f0ef80a00ad ("
> drm/amd/display: Fix ABM pipe/backlight issues when change backlight")
> and 0210dcf253d8 ("drm/amd/display: Pass pwrseq inst for backlight
> and ABM"), each of them will introduce significant change and most of
> change is not relevant to this CVE issue.
>  From the commit header, the patch is to resolve the possible NULL ptr
> issue of pipe_ctx->stream_res.tg, hence I just backport the relevant
> part and drop the conflict part. This backported patch could resolve
> the possible NULL issue and keep the other part unchanged.
> 
> [Fix]
> 
> Noble:  Fixed
> Jammy:  Backported from mainline linux-v6.8-rc4 to jammy, see explanation in [Backport]
> Focal:  Not affected
> Bionic: Not affected
> Xenial: Not affected
> 
> [Test Case]
> 
> Building test passed.
> 
> And Tested the patched kernel on a Lenovo laptop with AMD cpu, the
> graphic worked as well as before, the system could boot to Desktop,
> I could ran applications under Desktop.
> 
> [Where problems could occur]
> 
> The change impacts amdgpu driver, if there is regression, it will be
> in the graphic, something like abnormal situation on graphic. But the
> likely of regression is very low, the change is straightforward and
> simple, and I tested the patched kernel on an AMD laptop, everything
> worked well.
> 
> Srinivasan Shanmugam (1):
>    drm/amd/display: Add NULL test for 'timing generator' in
>      'dcn21_set_pipe()'
> 
>   drivers/gpu/drm/amd/display/dc/dcn21/dcn21_hwseq.c | 8 +++++++-
>   1 file changed, 7 insertions(+), 1 deletion(-)
> 

The backport description could less verbose in the commit message. Apart 
from the adjusted file location it is basically adjusting for unrelated 
code changes. Which you might have done. What that second half of the 
original patch does is to drop checking for NULL pointers which it does 
now at the beginning.
The check for (abm && panel_cntl) exists even in the jammy code and 
would now be unnecessarily done.

And just as a note, this is the same upstream: there is a slight change 
change in the flow of execution. Maybe intentionally, who knows. But 
before this change, even if abm and panel_cntl were NULL, if dmcu was 
not then dce110_set_pipe would be run. Now, this will never happen.

Acked-by: Stefan Bader <stefan.bader at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240906/798362b7/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240906/798362b7/attachment-0001.sig>

More information about the kernel-team mailing list