--- /dev/null
+From 0beca868cde8742240cd0038141c30482d2b7eb8 Mon Sep 17 00:00:00 2001
+From: Alex Hung <alex.hung@amd.com>
+Date: Thu, 27 Jun 2024 16:45:39 -0600
+Subject: drm/amd/display: Check link_res->hpo_dp_link_enc before using it
+
+From: Alex Hung <alex.hung@amd.com>
+
+commit 0beca868cde8742240cd0038141c30482d2b7eb8 upstream.
+
+[WHAT & HOW]
+Functions dp_enable_link_phy and dp_disable_link_phy can pass link_res
+without initializing hpo_dp_link_enc and it is necessary to check for
+null before dereferencing.
+
+This fixes 2 FORWARD_NULL issues reported by Coverity.
+
+Reviewed-by: Rodrigo Siqueira <rodrigo.siqueira@amd.com>
+Signed-off-by: Jerry Zuo <jerry.zuo@amd.com>
+Signed-off-by: Alex Hung <alex.hung@amd.com>
+Tested-by: Daniel Wheeler <daniel.wheeler@amd.com>
+Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
+[ Minor context change fixed. ]
+Signed-off-by: Alva Lan <alvalan9@foxmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/gpu/drm/amd/display/dc/link/link_hwss_hpo_dp.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+--- a/drivers/gpu/drm/amd/display/dc/link/link_hwss_hpo_dp.c
++++ b/drivers/gpu/drm/amd/display/dc/link/link_hwss_hpo_dp.c
+@@ -29,6 +29,8 @@
+ #include "dc_link_dp.h"
+ #include "clk_mgr.h"
+
++#define DC_LOGGER link->ctx->logger
++
+ static enum phyd32clk_clock_source get_phyd32clk_src(struct dc_link *link)
+ {
+ switch (link->link_enc->transmitter) {
+@@ -224,6 +226,11 @@ static void disable_hpo_dp_link_output(s
+ const struct link_resource *link_res,
+ enum signal_type signal)
+ {
++ if (!link_res->hpo_dp_link_enc) {
++ DC_LOG_ERROR("%s: invalid hpo_dp_link_enc\n", __func__);
++ return;
++ }
++
+ if (IS_FPGA_MAXIMUS_DC(link->dc->ctx->dce_environment)) {
+ disable_hpo_dp_fpga_link_output(link, link_res, signal);
+ } else {
--- /dev/null
+From 974e3fe0ac61de85015bbe5a4990cf4127b304b2 Mon Sep 17 00:00:00 2001
+From: Amir Goldstein <amir73il@gmail.com>
+Date: Thu, 19 Dec 2024 12:53:01 +0100
+Subject: fs: relax assertions on failure to encode file handles
+
+From: Amir Goldstein <amir73il@gmail.com>
+
+commit 974e3fe0ac61de85015bbe5a4990cf4127b304b2 upstream.
+
+Encoding file handles is usually performed by a filesystem >encode_fh()
+method that may fail for various reasons.
+
+The legacy users of exportfs_encode_fh(), namely, nfsd and
+name_to_handle_at(2) syscall are ready to cope with the possibility
+of failure to encode a file handle.
+
+There are a few other users of exportfs_encode_{fh,fid}() that
+currently have a WARN_ON() assertion when ->encode_fh() fails.
+Relax those assertions because they are wrong.
+
+The second linked bug report states commit 16aac5ad1fa9 ("ovl: support
+encoding non-decodable file handles") in v6.6 as the regressing commit,
+but this is not accurate.
+
+The aforementioned commit only increases the chances of the assertion
+and allows triggering the assertion with the reproducer using overlayfs,
+inotify and drop_caches.
+
+Triggering this assertion was always possible with other filesystems and
+other reasons of ->encode_fh() failures and more particularly, it was
+also possible with the exact same reproducer using overlayfs that is
+mounted with options index=on,nfs_export=on also on kernels < v6.6.
+Therefore, I am not listing the aforementioned commit as a Fixes commit.
+
+Backport hint: this patch will have a trivial conflict applying to
+v6.6.y, and other trivial conflicts applying to stable kernels < v6.6.
+
+Reported-by: syzbot+ec07f6f5ce62b858579f@syzkaller.appspotmail.com
+Tested-by: syzbot+ec07f6f5ce62b858579f@syzkaller.appspotmail.com
+Closes: https://lore.kernel.org/linux-unionfs/671fd40c.050a0220.4735a.024f.GAE@google.com/
+Reported-by: Dmitry Safonov <dima@arista.com>
+Closes: https://lore.kernel.org/linux-fsdevel/CAGrbwDTLt6drB9eaUagnQVgdPBmhLfqqxAf3F+Juqy_o6oP8uw@mail.gmail.com/
+Cc: stable@vger.kernel.org
+Signed-off-by: Amir Goldstein <amir73il@gmail.com>
+Link: https://lore.kernel.org/r/20241219115301.465396-1-amir73il@gmail.com
+Signed-off-by: Christian Brauner <brauner@kernel.org>
+Signed-off-by: Norbert Manthey <nmanthey@amazon.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/notify/fdinfo.c | 4 +---
+ fs/overlayfs/copy_up.c | 5 ++---
+ 2 files changed, 3 insertions(+), 6 deletions(-)
+
+--- a/fs/notify/fdinfo.c
++++ b/fs/notify/fdinfo.c
+@@ -51,10 +51,8 @@ static void show_mark_fhandle(struct seq
+ size = f.handle.handle_bytes >> 2;
+
+ ret = exportfs_encode_inode_fh(inode, (struct fid *)f.handle.f_handle, &size, NULL);
+- if ((ret == FILEID_INVALID) || (ret < 0)) {
+- WARN_ONCE(1, "Can't encode file handler for inotify: %d\n", ret);
++ if ((ret == FILEID_INVALID) || (ret < 0))
+ return;
+- }
+
+ f.handle.handle_type = ret;
+ f.handle.handle_bytes = size * sizeof(u32);
+--- a/fs/overlayfs/copy_up.c
++++ b/fs/overlayfs/copy_up.c
+@@ -361,9 +361,8 @@ struct ovl_fh *ovl_encode_real_fh(struct
+ buflen = (dwords << 2);
+
+ err = -EIO;
+- if (WARN_ON(fh_type < 0) ||
+- WARN_ON(buflen > MAX_HANDLE_SZ) ||
+- WARN_ON(fh_type == FILEID_INVALID))
++ if (fh_type < 0 || fh_type == FILEID_INVALID ||
++ WARN_ON(buflen > MAX_HANDLE_SZ))
+ goto out_err;
+
+ fh->fb.version = OVL_FH_VERSION;
projects / thirdparty / kernel / stable-queue.git / commitdiff
