[PATCH 0/2] drm: A couple of fixes for drm_copy_field() helper function
From: Javier Martinez Canillas
Date: Fri Jul 01 2022 - 08:08:08 EST
Hello,
Peter Robinson reported me a kernel bug in one of his aarch64 test boards
and even though I was not able to reproduce it, I think that figured out
what the problem was. It seems the cause is that a DRM driver doesn't set
some of the struct drm fields copied to userspace via DRM_IOCTL_VERSION.
Even though this is a driver bug, we can make drm_copy_field() more robust
and warn about it instead of leading to an attempt to copy a NULL pointer.
While looking at this, I also found that a variable in drm_copy_field() is
not using the correct type. So I included that change in the patch-set too.
Best regards,
Javier
Javier Martinez Canillas (2):
drm: Use size_t type for len variable in drm_copy_field()
drm: Prevent drm_copy_field() to attempt copying a NULL pointer
drivers/gpu/drm/drm_ioctl.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--
2.36.1