1. Patchew
  2. linux
  3. View series

[PATCH v2] drm: bridge: it66121: Fix invalid connector dereference

Jai Luthra posted 1 patch 2 years, 3 months ago 
drivers/gpu/drm/bridge/ite-it66121.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
[PATCH v2] drm: bridge: it66121: Fix invalid connector dereference
Posted by Jai Luthra 2 years, 3 months ago 
Fix the NULL pointer dereference when no monitor is connected, and the
sound card is opened from userspace.

Instead return an empty buffer (of zeroes) as the EDID information to
the sound framework if there is no connector attached.

Fixes: e0fd83dbe924 ("drm: bridge: it66121: Add audio support")
Reported-by: Nishanth Menon <nm@ti.com>
Closes: https://lore.kernel.org/all/20230825105849.crhon42qndxqif4i@gondola/
Reviewed-by: Helen Koike <helen.koike@collabora.com>
Signed-off-by: Jai Luthra <j-luthra@ti.com>
---
Changes in v2:
- Return an empty buffer of 0s instead of returning an error
- Lock the mutex before accessing ctx->connector
- Link to v1: https://lore.kernel.org/r/20230825-it66121_edid-v1-1-3ab54923e472@ti.com
---
 drivers/gpu/drm/bridge/ite-it66121.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/drivers/gpu/drm/bridge/ite-it66121.c b/drivers/gpu/drm/bridge/ite-it66121.c
index 466641c77fe9..fc7f5ec5fb38 100644
--- a/drivers/gpu/drm/bridge/ite-it66121.c
+++ b/drivers/gpu/drm/bridge/ite-it66121.c
@@ -1447,10 +1447,14 @@ static int it66121_audio_get_eld(struct device *dev, void *data,
 	struct it66121_ctx *ctx = dev_get_drvdata(dev);
 
 	mutex_lock(&ctx->lock);
-
-	memcpy(buf, ctx->connector->eld,
-	       min(sizeof(ctx->connector->eld), len));
-
+	if (!ctx->connector) {
+		/* Pass en empty ELD if connector not available */
+		dev_dbg(dev, "No connector present, passing empty EDID data");
+		memset(buf, 0, len);
+	} else {
+		memcpy(buf, ctx->connector->eld,
+		       min(sizeof(ctx->connector->eld), len));
+	}
 	mutex_unlock(&ctx->lock);
 
 	return 0;

---
base-commit: 99d99825fc075fd24b60cc9cf0fb1e20b9c16b0f
change-id: 20230825-it66121_edid-6ee98517808b

Best regards,
-- 
Jai Luthra <j-luthra@ti.com>
Re: [PATCH v2] drm: bridge: it66121: Fix invalid connector dereference
Posted by Robert Foss 2 years, 3 months ago 
On Fri, 1 Sep 2023 15:01:23 +0530, Jai Luthra wrote:
> Fix the NULL pointer dereference when no monitor is connected, and the
> sound card is opened from userspace.
> 
> Instead return an empty buffer (of zeroes) as the EDID information to
> the sound framework if there is no connector attached.
> 
> 
> [...]

Applied, thanks!

[1/1] drm: bridge: it66121: Fix invalid connector dereference
      https://cgit.freedesktop.org/drm/drm-misc/commit/?id=d0375f6858c4



Rob
Re: [PATCH v2] drm: bridge: it66121: Fix invalid connector dereference
Posted by Aradhya Bhatia 2 years, 3 months ago 

On 01-Sep-23 15:01, Jai Luthra wrote:
> Fix the NULL pointer dereference when no monitor is connected, and the
> sound card is opened from userspace.
> 
> Instead return an empty buffer (of zeroes) as the EDID information to
> the sound framework if there is no connector attached.
> 
> Fixes: e0fd83dbe924 ("drm: bridge: it66121: Add audio support")
> Reported-by: Nishanth Menon <nm@ti.com>
> Closes: https://lore.kernel.org/all/20230825105849.crhon42qndxqif4i@gondola/
> Reviewed-by: Helen Koike <helen.koike@collabora.com>
> Signed-off-by: Jai Luthra <j-luthra@ti.com>

Reviewed-by: Aradhya Bhatia <a-bhatia1@ti.com>

Regards
Aradhya

> ---
> Changes in v2:
> - Return an empty buffer of 0s instead of returning an error
> - Lock the mutex before accessing ctx->connector
> - Link to v1: https://lore.kernel.org/r/20230825-it66121_edid-v1-1-3ab54923e472@ti.com
> ---
>  drivers/gpu/drm/bridge/ite-it66121.c | 12 ++++++++----
>  1 file changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/gpu/drm/bridge/ite-it66121.c b/drivers/gpu/drm/bridge/ite-it66121.c
> index 466641c77fe9..fc7f5ec5fb38 100644
> --- a/drivers/gpu/drm/bridge/ite-it66121.c
> +++ b/drivers/gpu/drm/bridge/ite-it66121.c
> @@ -1447,10 +1447,14 @@ static int it66121_audio_get_eld(struct device *dev, void *data,
>  	struct it66121_ctx *ctx = dev_get_drvdata(dev);
>  
>  	mutex_lock(&ctx->lock);
> -
> -	memcpy(buf, ctx->connector->eld,
> -	       min(sizeof(ctx->connector->eld), len));
> -
> +	if (!ctx->connector) {
> +		/* Pass en empty ELD if connector not available */
> +		dev_dbg(dev, "No connector present, passing empty EDID data");
> +		memset(buf, 0, len);
> +	} else {
> +		memcpy(buf, ctx->connector->eld,
> +		       min(sizeof(ctx->connector->eld), len));
> +	}
>  	mutex_unlock(&ctx->lock);
>  
>  	return 0;
> 
> ---
> base-commit: 99d99825fc075fd24b60cc9cf0fb1e20b9c16b0f
> change-id: 20230825-it66121_edid-6ee98517808b
> 
> Best regards,
Re: [PATCH v2] drm: bridge: it66121: Fix invalid connector dereference
Posted by Nishanth Menon 2 years, 3 months ago 
On 17:01-20230901, Aradhya Bhatia wrote:
> On 01-Sep-23 15:01, Jai Luthra wrote:
> > Fix the NULL pointer dereference when no monitor is connected, and the
> > sound card is opened from userspace.
> > 
> > Instead return an empty buffer (of zeroes) as the EDID information to
> > the sound framework if there is no connector attached.
> > 
> > Fixes: e0fd83dbe924 ("drm: bridge: it66121: Add audio support")
> > Reported-by: Nishanth Menon <nm@ti.com>
> > Closes: https://lore.kernel.org/all/20230825105849.crhon42qndxqif4i@gondola/
> > Reviewed-by: Helen Koike <helen.koike@collabora.com>
> > Signed-off-by: Jai Luthra <j-luthra@ti.com>
> 
> Reviewed-by: Aradhya Bhatia <a-bhatia1@ti.com>
> 

Tested-by: Nishanth Menon <nm@ti.com>

Log (beagleplay): https://gist.github.com/nmenon/17fea9316cbcc5ee47597a39fa5e2d6f

Tested on 99d99825fc07 (origin/master, origin/HEAD) Merge tag 'nfs-for-6.6-1' of git://git.linux-nfs.org/projects/anna/linux-nfs

Could we get this merged for rc1 cycle?

-- 
Regards,
Nishanth Menon
Key (0xDDB5849D1736249D) / Fingerprint: F8A2 8693 54EB 8232 17A3  1A34 DDB5 849D 1736 249D

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.