On 02/02/2023 05:57, Chen-Yu Tsai wrote:
The MediaTek DisplayPort interface bridge driver starts its interrupts
as soon as its probed. However when the interrupts trigger the bridge
might not have been attached to a DRM device. As drm_helper_hpd_irq_event()
does not check whether the passed in drm_device is valid or not, a NULL
pointer passed in results in a kernel NULL pointer dereference in it.
Check whether the bridge is attached and only trigger an HPD event if
it is.
Fixes: f70ac097a2cf ("drm/mediatek: Add MT8195 Embedded DisplayPort driver")
Signed-off-by: Chen-Yu Tsai <we...@chromium.org>
Reviewed-by: Guillaume Ranquet <granq...@baylibre.com>
Reviewed-by: Matthias Brugger <matthias....@gmail.com>
---
Changes since v1
- Dropped prerequisite-patch-ids
- Added Guillaume's Reviewed-by
This applies on top of mediatek-drm-next.
drivers/gpu/drm/mediatek/mtk_dp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/mediatek/mtk_dp.c
b/drivers/gpu/drm/mediatek/mtk_dp.c
index 1f94fcc144d3..a82f53e1a146 100644
--- a/drivers/gpu/drm/mediatek/mtk_dp.c
+++ b/drivers/gpu/drm/mediatek/mtk_dp.c
@@ -1823,7 +1823,8 @@ static irqreturn_t mtk_dp_hpd_event_thread(int hpd, void
*dev)
spin_unlock_irqrestore(&mtk_dp->irq_thread_lock, flags);
if (status & MTK_DP_THREAD_CABLE_STATE_CHG) {
- drm_helper_hpd_irq_event(mtk_dp->bridge.dev);
+ if (mtk_dp->bridge.dev)
+ drm_helper_hpd_irq_event(mtk_dp->bridge.dev);
if (!mtk_dp->train_info.cable_plugged_in) {
mtk_dp_disable_sdp_aui(mtk_dp);
