drm: Branch 'main'

[GitLab M. <git...@ke...>]

 amdgpu/amdgpu_bo.c |   10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

New commits:
commit 7518cc4fddd5870868b36cf497a65c144cb01b29
Author: Jesse.Zhang <Jes...@am...>
Date:   Tue Oct 21 16:50:02 2025 +0800

    amdgpu: Add parameter validation to amdgpu_bo functions to fix SIGSEGV
    
    This commit adds essential parameter validation to several key
    functions in amdgpu_bo.c to prevent null pointer dereferences
    that were causing segmentation faults and improve overall code
    robustness.
    
    The changes address the following crash scenario:
    Received signal SIGSEGV.
    Stack trace:
     #0 [fatal_sig_handler+0x17b]
     #1 [__sigaction+0x50]
     #2 [amdgpu_bo_alloc+0x37]
     #3 [__igt_unique____real_main461+0x7d5]
     #4 [main+0x2d]
     #5 [__libc_init_first+0x90]
     #6 [__libc_start_main+0x80]
     #7 [_start+0x25]
    
    Changes made:
    
    1. amdgpu_bo_alloc():
       - Validate alloc_buffer and buf_handle parameters
       - Return -EINVAL if either is NULL
       - Prevents null pointer dereference in memset and subsequent operations
    
    2. amdgpu_bo_set_metadata():
       - Validate info parameter
       - Return -EINVAL if info is NULL
       - Prevents accessing invalid metadata structure
    
    3. amdgpu_bo_query_info():
       - Validate info parameter in addition to existing bo->handle check
       - Return -EINVAL if info is NULL
       - Prevents writing to invalid info pointer
    
    4. amdgpu_bo_list_create():
       - Validate resources parameter
       - Return -EINVAL if resources is NULL when number_of_resources > 0
       - Prevents invalid memory access during resource array processing
    
    These changes ensure proper error handling when callers pass invalid
    null pointers, preventing potential segmentation faults and making
    the API more robust against programming errors. The validation occurs
    early in each function to minimize performance impact.
    
    Reviewed-by: Marek Olšák <mar...@am...>
    Signed-off-by: Jesse Zhang <Jes...@am...>

diff --git a/amdgpu/amdgpu_bo.c b/amdgpu/amdgpu_bo.c
index 16ff35f9..74e63984 100644
--- a/amdgpu/amdgpu_bo.c
+++ b/amdgpu/amdgpu_bo.c
@@ -74,6 +74,9 @@ drm_public int amdgpu_bo_alloc(amdgpu_device_handle dev,
 	union drm_amdgpu_gem_create args;
 	int r;
 
+	if (!alloc_buffer || !buf_handle)
+		return -EINVAL;
+
 	memset(&args, 0, sizeof(args));
 	args.in.bo_size = alloc_buffer->alloc_size;
 	args.in.alignment = alloc_buffer->phys_alignment;
@@ -105,6 +108,9 @@ drm_public int amdgpu_bo_set_metadata(amdgpu_bo_handle bo,
 {
 	struct drm_amdgpu_gem_metadata args = {};
 
+	if (!info)
+		return -EINVAL;
+
 	args.handle = bo->handle;
 	args.op = AMDGPU_GEM_METADATA_OP_SET_METADATA;
 	args.data.flags = info->flags;
@@ -132,7 +138,7 @@ drm_public int amdgpu_bo_query_info(amdgpu_bo_handle bo,
 	int r;
 
 	/* Validate the BO passed in */
-	if (!bo->handle)
+	if (!bo->handle || !info)
 		return -EINVAL;
 
 	/* Query metadata. */
@@ -642,7 +648,7 @@ drm_public int amdgpu_bo_list_create(amdgpu_device_handle dev,
 	unsigned i;
 	int r;
 
-	if (!number_of_resources)
+	if (!number_of_resources || !resources)
 		return -EINVAL;
 
 	/* overflow check for multiplication */