amdgpu: Add parameter validation to amdgpu_bo functions to fix SIGSEGV

This commit adds essential parameter validation to several key functions in amdgpu_bo.c to prevent null pointer dereferences that were causing segmentation faults and improve overall code robustness. The changes address the following crash scenario: Received signal SIGSEGV. Stack trace: #0 [fatal_sig_handler+0x17b] #1 [__sigaction+0x50] #2 [amdgpu_bo_alloc+0x37] #3 [__igt_unique____real_main461+0x7d5] #4 [main+0x2d] #5 [__libc_init_first+0x90] #6 [__libc_start_main+0x80] #7 [_start+0x25] Changes made: 1. amdgpu_bo_alloc(): - Validate alloc_buffer and buf_handle parameters - Return -EINVAL if either is NULL - Prevents null pointer dereference in memset and subsequent operations 2. amdgpu_bo_set_metadata(): - Validate info parameter - Return -EINVAL if info is NULL - Prevents accessing invalid metadata structure 3. amdgpu_bo_query_info(): - Validate info parameter in addition to existing bo->handle check - Return -EINVAL if info is NULL - Prevents writing to invalid info pointer 4. amdgpu_bo_list_create(): - Validate resources parameter - Return -EINVAL if resources is NULL when number_of_resources > 0 - Prevents invalid memory access during resource array processing These changes ensure proper error handling when callers pass invalid null pointers, preventing potential segmentation faults and making the API more robust against programming errors. The validation occurs early in each function to minimize performance impact. Reviewed-by: Marek Olšák <marek.olsak@amd.com> Signed-off-by: Jesse Zhang <Jesse.Zhang@amd.com>
2025-12-20 04:40:09 +01:00 · 2025-10-21 16:50:02 +08:00 · 2025-10-21 16:50:02 +08:00 · 7518cc4fdd
commit 7518cc4fdd
parent 2c1d39eff8
1 changed files with 8 additions and 2 deletions
--- a/amdgpu/amdgpu_bo.c
+++ b/amdgpu/amdgpu_bo.c
@ -74,6 +74,9 @@ drm_public int amdgpu_bo_alloc(amdgpu_device_handle dev,
 	union drm_amdgpu_gem_create args;
 	int r;

+	if (!alloc_buffer || !buf_handle)
+		return -EINVAL;
+
 	memset(&args, 0, sizeof(args));
 	args.in.bo_size = alloc_buffer->alloc_size;
 	args.in.alignment = alloc_buffer->phys_alignment;
@ -105,6 +108,9 @@ drm_public int amdgpu_bo_set_metadata(amdgpu_bo_handle bo,
 {
 	struct drm_amdgpu_gem_metadata args = {};

+	if (!info)
+		return -EINVAL;
+
 	args.handle = bo->handle;
 	args.op = AMDGPU_GEM_METADATA_OP_SET_METADATA;
 	args.data.flags = info->flags;
@ -132,7 +138,7 @@ drm_public int amdgpu_bo_query_info(amdgpu_bo_handle bo,
 	int r;

 	/* Validate the BO passed in */
-	if (!bo->handle)
+	if (!bo->handle || !info)
 		return -EINVAL;

 	/* Query metadata. */
@ -642,7 +648,7 @@ drm_public int amdgpu_bo_list_create(amdgpu_device_handle dev,
 	unsigned i;
 	int r;

-	if (!number_of_resources)
+	if (!number_of_resources || !resources)
 		return -EINVAL;

 	/* overflow check for multiplication */