[PATCH 5.10] drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags

From: Daniil Dulov
Date: Thu Jul 24 2025 - 06:40:40 EST

Next message: Daniil Dulov: "[PATCH 5.15/6.1] drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags"
Previous message: Michael Ellerman: "Re: POWER9: duplicate interrupt line in /proc/interrupts, kernel problem or userspace problem?"
Next in thread: Daniil Dulov: "[PATCH 5.15/6.1] drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alex Hung <alex.hung@xxxxxxx>

commit 5559598742fb4538e4c51c48ef70563c49c2af23 upstream.

[WHAT & HOW]
"dcn20_validate_apply_pipe_split_flags" dereferences merge, and thus it
cannot be a null pointer. Let's pass a valid pointer to avoid null
dereference.

This fixes 2 FORWARD_NULL issues reported by Coverity.

Reviewed-by: Rodrigo Siqueira <rodrigo.siqueira@xxxxxxx>
Signed-off-by: Jerry Zuo <jerry.zuo@xxxxxxx>
Signed-off-by: Alex Hung <alex.hung@xxxxxxx>
Tested-by: Daniel Wheeler <daniel.wheeler@xxxxxxx>
Signed-off-by: Alex Deucher <alexander.deucher@xxxxxxx>
[ Daniil: Changes to dcn21_fast_validate_bw() were dropped since the function
is not inplemented in 5.10.y. Also dcn20 and dcn21 were moved from
drivers/gpu/drm/amd/display/dc to drivers/gpu/drm/amd/display/dc/resource
since commit 8b8eed05a1c6 ("drm/amd/display: Refactor resource into component
directory"). The path is changed accordingly to apply the patch on 5.10.y ]
Signed-off-by: Daniil Dulov <d.dulov@xxxxxxxxxx>
---
Backport fix for CVE-2024-49923

drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c b/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c
index b4bff3b3d842..029aba780d83 100644
--- a/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c
+++ b/drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c
@@ -2847,6 +2847,7 @@ bool dcn20_fast_validate_bw(
{
bool out = false;
int split[MAX_PIPES] = { 0 };
+ bool merge[MAX_PIPES] = { false };
int pipe_cnt, i, pipe_idx, vlevel;

ASSERT(pipes);
@@ -2869,7 +2870,7 @@ bool dcn20_fast_validate_bw(
if (vlevel > context->bw_ctx.dml.soc.num_states)
goto validate_fail;

- vlevel = dcn20_validate_apply_pipe_split_flags(dc, context, vlevel, split, NULL);
+ vlevel = dcn20_validate_apply_pipe_split_flags(dc, context, vlevel, split, merge);

/*initialize pipe_just_split_from to invalid idx*/
for (i = 0; i < MAX_PIPES; i++)
--
2.34.1

Next message: Daniil Dulov: "[PATCH 5.15/6.1] drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags"
Previous message: Michael Ellerman: "Re: POWER9: duplicate interrupt line in /proc/interrupts, kernel problem or userspace problem?"
Next in thread: Daniil Dulov: "[PATCH 5.15/6.1] drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]