review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Zhipeng Lu <alexious@zju.edu.cn>
	Thu, 14 Dec 2023 16:24:58 +0000 (00:24 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 25 Jan 2024 23:35:36 +0000 (15:35 -0800)
commit	95084632a65d5c0d682a83b55935560bdcd2a1e3
tree	df9e98d4f7f436226da3f728d30a947bea19c595	tree \| snapshot
parent	fb1936cb587262cd539e84b34541abb06e42b2f9	commit \| diff

drivers/amd/pm: fix a use-after-free in kv_parse_power_table

[ Upstream commit 28dd788382c43b330480f57cd34cde0840896743 ]

When ps allocated by kzalloc equals to NULL, kv_parse_power_table
frees adev->pm.dpm.ps that allocated before. However, after the control
flow goes through the following call chains:

kv_parse_power_table
  |-> kv_dpm_init
        |-> kv_dpm_sw_init
      |-> kv_dpm_fini

The adev->pm.dpm.ps is used in the for loop of kv_dpm_fini after its
first free in kv_parse_power_table and causes a use-after-free bug.

Fixes: a2e73f56fa62 ("drm/amdgpu: Add support for CIK parts")
Signed-off-by: Zhipeng Lu <alexious@zju.edu.cn>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>