[SRU][J/F][PATCH 0/1] CVE-2024-35951
Hui Wang
hui.wang at canonical.com
Wed Sep 25 04:01:08 UTC 2024
[Impact]
If some the pages or sgt allocation failed, we shouldn't release the
pages ref we got earlier, otherwise we will end up with unbalanced
get/put_pages() calls. We should instead leave everything in place
and let the BO release function deal with extra cleanup when the object
is destroyed, or let the fault handler try again next time it's called.
[Backport]
This fix commit can't be cleanly applied to J and F due to
missing a prerequisite commit 21aa27ddc582 ("drm/shmem-helper: Switch
to reservation lock"), the prerequisite commit will introduce a
significant change hence here can't introduce it in the J and F. So
I edited the fix commit accordingly, changed "goto err_unlock" to
"goto err_bo".
[Fix]
Noble: Already fixed
Jammy: Backported from mainline v6.9-rc4, see explanation in [Backport]
Focal: Backported from mainline v6.9-rc4, see explanation in [Backport]
Bionic: Not affected
Xenial: Not affected
Trusty: Not affected
[Test Case]
Compile and boot test.
[Where problems could occur]
The change is on drm/panfrost driver, if there is regression, it could
impact graphic on platforms with panfrost hw. But the likely of
regression is very low, the change is basically same as the original
commit and is straightforward.
Boris Brezillon (1):
drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()
drivers/gpu/drm/panfrost/panfrost_mmu.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list