Setting context engine slot N into I915_ENGINE_CLASS_INVALID /
I915_ENGINE_CLASS_INVALID_NONE and attempting to apply
I915_CONTEXT_PARAM_SSEU to the same slot N will deref NULL.
Fix that.

Discovered using AI-assisted static analysis confirmed by
Intel Product Security.

Reported-by: Martin Hodo <[email protected]>
Fixes: d4433c7600f7 ("drm/i915/gem: Use the proto-context to handle create 
parameters (v5)")
Cc: Faith Ekstrand <[email protected]>
Cc: Simona Vetter <[email protected]>
Cc: Tvrtko Ursulin <[email protected]>
Cc: Maarten Lankhorst <[email protected]>
Cc: <[email protected]> # v5.15+
Signed-off-by: Joonas Lahtinen <[email protected]>
---
 drivers/gpu/drm/i915/gem/i915_gem_context.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.c 
b/drivers/gpu/drm/i915/gem/i915_gem_context.c
index aeafe1742d30..347d1f2c05f5 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_context.c
+++ b/drivers/gpu/drm/i915/gem/i915_gem_context.c
@@ -850,7 +850,7 @@ static int set_proto_ctx_sseu(struct drm_i915_file_private 
*fpriv,
                pe = &pc->user_engines[idx];
 
                /* Only render engine supports RPCS configuration. */
-               if (pe->engine->class != RENDER_CLASS)
+               if (!pe->engine || pe->engine->class != RENDER_CLASS)
                        return -EINVAL;
 
                sseu = &pe->sseu;
-- 
2.54.0

Reply via email to