From: Carsten Haitzler carsten.haitzler@arm.com
KASAN found this problem. find_first_bit() expects to look at a pointer pointing to a long, but we look at a u32 - this is going to be an issue with endianess but, KSAN already flags this as out-of-bounds stack reads. This fixes it by just importing inot a local long.
Signed-off-by: Carsten Haitzler carsten.haitzler@arm.com --- drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c index 452e505a1fd3..719a79728e24 100644 --- a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c +++ b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c @@ -137,9 +137,10 @@ komeda_pipeline_get_first_component(struct komeda_pipeline *pipe, u32 comp_mask) { struct komeda_component *c = NULL; + unsigned long comp_mask_local = (unsigned long)comp_mask; int id;
- id = find_first_bit((unsigned long *)&comp_mask, 32); + id = find_first_bit(&comp_mask_local, 32); if (id < 32) c = komeda_pipeline_get_component(pipe, id);
On Fri, Dec 18, 2020 at 03:08:12PM +0000, carsten.haitzler@foss.arm.com wrote:
From: Carsten Haitzler carsten.haitzler@arm.com
KASAN found this problem. find_first_bit() expects to look at a pointer pointing to a long, but we look at a u32 - this is going to be an issue with endianess but, KSAN already flags this as out-of-bounds stack reads. This fixes it by just importing inot a local long.
Signed-off-by: Carsten Haitzler carsten.haitzler@arm.com
Acked-by: Liviu Dudau liviu.dudau@arm.com
Best regards, Liviu
drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c index 452e505a1fd3..719a79728e24 100644 --- a/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c +++ b/drivers/gpu/drm/arm/display/komeda/komeda_pipeline.c @@ -137,9 +137,10 @@ komeda_pipeline_get_first_component(struct komeda_pipeline *pipe, u32 comp_mask) { struct komeda_component *c = NULL;
- unsigned long comp_mask_local = (unsigned long)comp_mask; int id;
- id = find_first_bit((unsigned long *)&comp_mask, 32);
- id = find_first_bit(&comp_mask_local, 32); if (id < 32) c = komeda_pipeline_get_component(pipe, id);
-- 2.29.2
dri-devel@lists.freedesktop.org
-
carsten.haitzler@foss.arm.com -
Liviu Dudau