1 From 5926e9c05d611bdbc57686f05f37f0ba9591f831 Mon Sep 17 00:00:00 2001
2 From: Sasha Levin <sashal@kernel.org>
3 Date: Wed, 20 Mar 2024 04:15:23 +0500
4 Subject: dma-buf: Fix NULL pointer dereference in sanitycheck()
6 Content-Type: text/plain; charset=UTF-8
7 Content-Transfer-Encoding: 8bit
9 From: Pavel Sakharov <p.sakharov@ispras.ru>
11 [ Upstream commit 2295bd846765c766701e666ed2e4b35396be25e6 ]
13 If due to a memory allocation failure mock_chain() returns NULL, it is
14 passed to dma_fence_enable_sw_signaling() resulting in NULL pointer
17 Call dma_fence_enable_sw_signaling() only if mock_chain() succeeds.
19 Found by Linux Verification Center (linuxtesting.org) with SVACE.
21 Fixes: d62c43a953ce ("dma-buf: Enable signaling on fence for selftests")
22 Signed-off-by: Pavel Sakharov <p.sakharov@ispras.ru>
23 Reviewed-by: Christian König <christian.koenig@amd.com>
24 Signed-off-by: Christian König <christian.koenig@amd.com>
25 Link: https://patchwork.freedesktop.org/patch/msgid/20240319231527.1821372-1-p.sakharov@ispras.ru
26 Signed-off-by: Sasha Levin <sashal@kernel.org>
28 drivers/dma-buf/st-dma-fence-chain.c | 6 +++---
29 1 file changed, 3 insertions(+), 3 deletions(-)
31 diff --git a/drivers/dma-buf/st-dma-fence-chain.c b/drivers/dma-buf/st-dma-fence-chain.c
32 index c0979c8049b5a..661de4add4c72 100644
33 --- a/drivers/dma-buf/st-dma-fence-chain.c
34 +++ b/drivers/dma-buf/st-dma-fence-chain.c
35 @@ -84,11 +84,11 @@ static int sanitycheck(void *arg)
38 chain = mock_chain(NULL, f, 1);
41 + dma_fence_enable_sw_signaling(chain);
45 - dma_fence_enable_sw_signaling(chain);