From 42754eeee448a60b253c6f5240b0f098b95e5b27 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@suse.de>
Date: Tue, 6 Apr 2010 16:41:06 -0700
Subject: [PATCH] different drm patch for .33 added

this one doesn't break the build
---
 ...ry-allocation-failed-in-a-simple-way.patch | 124 ++++++++++++++++++
 ...eference-if-memory-allocation-failed.patch |  45 -------
 queue-2.6.33/series                           |   2 +-
 3 files changed, 125 insertions(+), 46 deletions(-)
 create mode 100644 queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed-in-a-simple-way.patch
 delete mode 100644 queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed.patch

diff --git a/queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed-in-a-simple-way.patch b/queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed-in-a-simple-way.patch
new file mode 100644
index 00000000000..13c6a213be4
--- /dev/null
+++ b/queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed-in-a-simple-way.patch
@@ -0,0 +1,124 @@
+From s.L-H@gmx.de  Tue Apr  6 16:37:44 2010
+From: "Stefan Lippers-Hollmann" <s.L-H@gmx.de>
+Date: Tue, 6 Apr 2010 23:45:38 +0200
+Subject:  drm/radeon/kms: Fix NULL pointer dereference if memory allocation failed in a simple way
+
+
+> From: Pauli Nieminen <suokkos@gmail.com>
+> Date: Fri, 19 Mar 2010 07:44:33 +0000
+> Subject: drm/radeon/kms: Fix NULL pointer dereference if memory allocation failed.
+> 
+> From: Pauli Nieminen <suokkos@gmail.com>
+> 
+> commit fcbc451ba1948fba967198bd150ecbd10bbb7075 upstream.
+> 
+> When there is allocation failure in radeon_cs_parser_relocs parser->nrelocs
+> is not cleaned. This causes NULL pointer defeference in radeon_cs_parser_fini
+> when clean up code is trying to loop over the relocation array and free the
+> objects.
+> 
+> Fix adds a check for a possible NULL pointer in clean up code.
+[...]
+
+This patch breaks compiling kernel 2.6.33 + the current stable queue:
+
+  CC [M]  drivers/gpu/drm/radeon/radeon_cs.o
+/tmp/buildd/linux-sidux-2.6-2.6.33/debian/build/source_amd64_none/drivers/gpu/drm/radeon/radeon_cs.c: In function 'radeon_cs_parser_fini':
+/tmp/buildd/linux-sidux-2.6-2.6.33/debian/build/source_amd64_none/drivers/gpu/drm/radeon/radeon_cs.c:200: error: implicit declaration of function 'drm_gem_object_unreference_unlocked'
+make[6]: *** [drivers/gpu/drm/radeon/radeon_cs.o] Error 1
+
+as it depends on the introduction of drm_gem_object_unreference_unlocked()
+in:
+
+Commit:     c3ae90c099bb62387507e86da7cf799850444b08
+Author:     Luca Barbieri <luca@luca-barbieri.com>
+AuthorDate: Tue Feb 9 05:49:11 2010 +0000
+
+    drm: introduce drm_gem_object_[handle_]unreference_unlocked
+    
+    This patch introduces the drm_gem_object_unreference_unlocked
+    and drm_gem_object_handle_unreference_unlocked functions that
+    do not require holding struct_mutex.
+    
+    drm_gem_object_unreference_unlocked calls the new
+    ->gem_free_object_unlocked entry point if available, and
+    otherwise just takes struct_mutex and just calls ->gem_free_object
+
+which in turn suggests:
+
+Commit:     bc9025bdc4e2b591734cca17697093845007b63d
+Author:     Luca Barbieri <luca@luca-barbieri.com>
+AuthorDate: Tue Feb 9 05:49:12 2010 +0000
+
+    Use drm_gem_object_[handle_]unreference_unlocked where possible
+    
+    Mostly obvious simplifications.
+    
+    The i915 pread/pwrite ioctls, intel_overlay_put_image and
+    nouveau_gem_new were incorrectly using the locked versions
+    without locking: this is also fixed in this patch.
+
+which don't really look like candidates for 2.6.33-stable.
+
+> --- a/drivers/gpu/drm/radeon/radeon_cs.c
+> +++ b/drivers/gpu/drm/radeon/radeon_cs.c
+> @@ -193,11 +193,13 @@ static void radeon_cs_parser_fini(struct
+>  		radeon_bo_list_fence(&parser->validated, parser->ib->fence);
+>  	}
+>  	radeon_bo_list_unreserve(&parser->validated);
+> -	for (i = 0; i < parser->nrelocs; i++) {
+> -		if (parser->relocs[i].gobj) {
+> -			mutex_lock(&parser->rdev->ddev->struct_mutex);
+> -			drm_gem_object_unreference(parser->relocs[i].gobj);
+> -			mutex_unlock(&parser->rdev->ddev->struct_mutex);
+> +	if (parser->relocs != NULL) {
+   	^ the only important part, the rest merely covers the new indentation 
+  	  level
+
+> +		for (i = 0; i < parser->nrelocs; i++) {
+> +			if (parser->relocs[i].gobj) {
+> +				mutex_lock(&parser->rdev->ddev->struct_mutex);
+> +				drm_gem_object_unreference_unlocked(parser->relocs[i].gobj);
+  				^ drm_gem_object_unreference_unlocked() doesn't exist in 2.6.33, yet
+  				  we can use drm_gem_object_unreference() instead.
+
+> +				mutex_unlock(&parser->rdev->ddev->struct_mutex);
+> +			}
+>  		}
+>  	}
+>  	kfree(parser->track);
+
+As a consequence, I'd suggest to merely backport the NULL pointer check,
+while ignoring the simplification of using the newly introduced
+drm_gem_object_unreference_unlocked() from 2.6.34:
+
+Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
+Cc: Pauli Nieminen <suokkos@gmail.com>
+Cc: Dave Airlie <airlied@redhat.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/gpu/drm/radeon/radeon_cs.c |   12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+--- a/drivers/gpu/drm/radeon/radeon_cs.c
++++ b/drivers/gpu/drm/radeon/radeon_cs.c
+@@ -193,11 +193,13 @@ static void radeon_cs_parser_fini(struct
+ 		radeon_bo_list_fence(&parser->validated, parser->ib->fence);
+ 	}
+ 	radeon_bo_list_unreserve(&parser->validated);
+-	for (i = 0; i < parser->nrelocs; i++) {
+-		if (parser->relocs[i].gobj) {
+-			mutex_lock(&parser->rdev->ddev->struct_mutex);
+-			drm_gem_object_unreference(parser->relocs[i].gobj);
+-			mutex_unlock(&parser->rdev->ddev->struct_mutex);
++	if (parser->relocs != NULL) {
++		for (i = 0; i < parser->nrelocs; i++) {
++			if (parser->relocs[i].gobj) {
++				mutex_lock(&parser->rdev->ddev->struct_mutex);
++				drm_gem_object_unreference(parser->relocs[i].gobj);
++				mutex_unlock(&parser->rdev->ddev->struct_mutex);
++			}
+ 		}
+ 	}
+ 	kfree(parser->track);
diff --git a/queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed.patch b/queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed.patch
deleted file mode 100644
index 7828a679dd0..00000000000
--- a/queue-2.6.33/drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From fcbc451ba1948fba967198bd150ecbd10bbb7075 Mon Sep 17 00:00:00 2001
-From: Pauli Nieminen <suokkos@gmail.com>
-Date: Fri, 19 Mar 2010 07:44:33 +0000
-Subject: drm/radeon/kms: Fix NULL pointer dereference if memory allocation failed.
-
-From: Pauli Nieminen <suokkos@gmail.com>
-
-commit fcbc451ba1948fba967198bd150ecbd10bbb7075 upstream.
-
-When there is allocation failure in radeon_cs_parser_relocs parser->nrelocs
-is not cleaned. This causes NULL pointer defeference in radeon_cs_parser_fini
-when clean up code is trying to loop over the relocation array and free the
-objects.
-
-Fix adds a check for a possible NULL pointer in clean up code.
-
-Signed-off-by: Pauli Nieminen <suokkos@gmail.com>
-Signed-off-by: Dave Airlie <airlied@redhat.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-
----
- drivers/gpu/drm/radeon/radeon_cs.c |   12 +++++++-----
- 1 file changed, 7 insertions(+), 5 deletions(-)
-
---- a/drivers/gpu/drm/radeon/radeon_cs.c
-+++ b/drivers/gpu/drm/radeon/radeon_cs.c
-@@ -193,11 +193,13 @@ static void radeon_cs_parser_fini(struct
- 		radeon_bo_list_fence(&parser->validated, parser->ib->fence);
- 	}
- 	radeon_bo_list_unreserve(&parser->validated);
--	for (i = 0; i < parser->nrelocs; i++) {
--		if (parser->relocs[i].gobj) {
--			mutex_lock(&parser->rdev->ddev->struct_mutex);
--			drm_gem_object_unreference(parser->relocs[i].gobj);
--			mutex_unlock(&parser->rdev->ddev->struct_mutex);
-+	if (parser->relocs != NULL) {
-+		for (i = 0; i < parser->nrelocs; i++) {
-+			if (parser->relocs[i].gobj) {
-+				mutex_lock(&parser->rdev->ddev->struct_mutex);
-+				drm_gem_object_unreference_unlocked(parser->relocs[i].gobj);
-+				mutex_unlock(&parser->rdev->ddev->struct_mutex);
-+			}
- 		}
- 	}
- 	kfree(parser->track);
diff --git a/queue-2.6.33/series b/queue-2.6.33/series
index aeda0689851..eb2bb1afa50 100644
--- a/queue-2.6.33/series
+++ b/queue-2.6.33/series
@@ -4,7 +4,7 @@ drm-remove-the-edid-blob-stored-in-the-edid-property-when-it-is-disconnected.pat
 fat-fix-buffer-overflow-in-vfat_create_shortname.patch
 oom-fix-the-unsafe-usage-of-badness-in-proc_oom_score.patch
 drm-radeon-kms-never-treat-rs4xx-as-agp.patch
-drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed.patch
+drm-radeon-kms-fix-null-pointer-dereference-if-memory-allocation-failed-in-a-simple-way.patch
 drm-radeon-kms-don-t-print-error-on-erestartsys.patch
 drm-radeon-kms-fix-pal-tv-out-support-on-legacy-igp-chips.patch
 drm-return-enodev-if-the-inode-mapping-changes.patch
-- 
2.47.3