From: Yonatan Maman <Ymaman@Nvidia.com>
This patch series addresses two critical issues in the Nouveau driver
related to device channels, error handling, and sensitive data leaks.
- Vulnerability in migrate_to_ram: The migrate_to_ram function might
return a dirty HIGH_USER page when a copy push command (FW channel)
fails, potentially exposing sensitive data and posing a security
risk. To mitigate this, the patch ensures the allocation of a non-dirty
(zero) page for the destination, preventing the return of a dirty page
and enhancing driver security in case of failure.
- Privileged Error in Copy Engine Channel: An error was observed when
the nouveau_dmem_copy_one function is executed, leading to a Host Copy
Engine Privileged error on channel 1. The patch resolves this by
adjusting the Copy Engine channel configuration to permit privileged
push commands, resolving the error.
Changes since V2:
- Fixed version according to Danilo Krummrich's comments.
Yonatan Maman (2):
nouveau/dmem: Fix privileged error in copy engine channel
nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error
drivers/gpu/drm/nouveau/nouveau_dmem.c | 2 +-
drivers/gpu/drm/nouveau/nouveau_drm.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--
2.34.1