1. Patchew
  2. linux
  3. View series

[PATCH] drm/amd/display: Add null pointer check for get_first_active_display()

Wentao Liang posted 1 patch 6 months, 3 weeks ago 
drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +++
1 file changed, 3 insertions(+)
[PATCH] drm/amd/display: Add null pointer check for get_first_active_display()
Posted by Wentao Liang 6 months, 3 weeks ago 
The function mod_hdcp_hdcp1_enable_encryption() calls the function
get_first_active_display(), but does not check its return value.
The return value is a null pointer if the display list is empty.
This will lead to a null pointer dereference in
mod_hdcp_hdcp2_enable_encryption().

Add a null pointer check for get_first_active_display() and return
MOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.

Fixes: 2deade5ede56 ("drm/amd/display: Remove hdcp display state with mst fix")
Cc: stable@vger.kernel.org # v5.8
Signed-off-by: Wentao Liang <vulab@iscas.ac.cn>
---
 drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c b/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c
index 8c137d7c032e..e58e7b93810b 100644
--- a/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c
+++ b/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c
@@ -368,6 +368,9 @@ enum mod_hdcp_status mod_hdcp_hdcp1_enable_encryption(struct mod_hdcp *hdcp)
 	struct mod_hdcp_display *display = get_first_active_display(hdcp);
 	enum mod_hdcp_status status = MOD_HDCP_STATUS_SUCCESS;
 
+	if (!display)
+		return MOD_HDCP_STATUS_DISPLAY_NOT_FOUND;
+
 	mutex_lock(&psp->hdcp_context.mutex);
 	hdcp_cmd = (struct ta_hdcp_shared_memory *)psp->hdcp_context.context.mem_context.shared_buf;
 	memset(hdcp_cmd, 0, sizeof(struct ta_hdcp_shared_memory));
-- 
2.42.0.windows.2
Re: [PATCH] drm/amd/display: Add null pointer check for get_first_active_display()
Posted by Alex Hung 6 months, 3 weeks ago 
Reviewed-by: Alex Hung <alex.hung@amd.com>

On 5/25/25 20:37, Wentao Liang wrote:
> The function mod_hdcp_hdcp1_enable_encryption() calls the function
> get_first_active_display(), but does not check its return value.
> The return value is a null pointer if the display list is empty.
> This will lead to a null pointer dereference in
> mod_hdcp_hdcp2_enable_encryption().
> 
> Add a null pointer check for get_first_active_display() and return
> MOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null.
> 
> Fixes: 2deade5ede56 ("drm/amd/display: Remove hdcp display state with mst fix")
> Cc: stable@vger.kernel.org # v5.8
> Signed-off-by: Wentao Liang <vulab@iscas.ac.cn>
> ---
>   drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c b/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c
> index 8c137d7c032e..e58e7b93810b 100644
> --- a/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c
> +++ b/drivers/gpu/drm/amd/display/modules/hdcp/hdcp_psp.c
> @@ -368,6 +368,9 @@ enum mod_hdcp_status mod_hdcp_hdcp1_enable_encryption(struct mod_hdcp *hdcp)
>   	struct mod_hdcp_display *display = get_first_active_display(hdcp);
>   	enum mod_hdcp_status status = MOD_HDCP_STATUS_SUCCESS;
>   
> +	if (!display)
> +		return MOD_HDCP_STATUS_DISPLAY_NOT_FOUND;
> +
>   	mutex_lock(&psp->hdcp_context.mutex);
>   	hdcp_cmd = (struct ta_hdcp_shared_memory *)psp->hdcp_context.context.mem_context.shared_buf;
>   	memset(hdcp_cmd, 0, sizeof(struct ta_hdcp_shared_memory));

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.