Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices[EOL][EOL]Previously, APU platforms (and other scenarios with uninitialized VRAM managers)[EOL]triggered a NULL pointer dereference in `ttm_resource_manager_usage()`. The root[EOL]cause is not that the `struct ttm_resource_manager *man` pointer itself is NULL,[EOL]but that `man->bdev` (the backing device pointer within the manager) remains[EOL]uninitialized (NULL) on APUsâ\x80\x94since APUs lack dedicated VRAM and do not fully[EOL]set up VRAM manager structures. When `ttm_resource_manager_usage()` attempts to[EOL]acquire `man->bdev->lru_lock`, it dereferences the NULL `man->bdev`, leading to[EOL]a kernel OOPS.[EOL][EOL]1. **amdgpu_cs.c**: Extend the existing bandwidth control check in[EOL]   `amdgpu_cs_get_threshold_for_moves()` to include a check for[EOL]   `ttm_resource_manager_used()`. If the manager is not used (uninitialized[EOL]   `bdev`), return 0 for migration thresholds immediatelyâ\x80\x94skipping VRAM-specific[EOL]   logic that would trigger the NULL dereference.[EOL][EOL]2. **amdgpu_kms.c**: Update the `AMDGPU_INFO_VRAM_USAGE` ioctl and memory info[EOL]   reporting to use a conditional: if the manager is used, return the real VRAM[EOL]   usage; otherwise, return 0. This avoids accessing `man->bdev` when it is[EOL]   NULL.[EOL][EOL]3. **amdgpu_virt.c**: Modify the vf2pf (virtual function to physical function)[EOL]   data write path. Use `ttm_resource_manager_used()` to check validity: if the[EOL]   manager is usable, calculate `fb_usage` from VRAM usage; otherwise, set[EOL]   `fb_usage` to 0 (APUs have no discrete framebuffer to report).[EOL][EOL]This approach is more robust than APU-specific checks because it:[EOL]- Works for all scenarios where the VRAM manager is uninitialized (not just APUs),[EOL]- Aligns with TTM's design by using its native helper function,[EOL]- Preserves correct behavior for discrete GPUs (which have fully initialized[EOL]  `man->bdev` and pass the `ttm_resource_manager_used()` check).[EOL][EOL]v4: use ttm_resource_manager_used(&adev->mman.vram_mgr.manager) instead of checking the adev->gmc.is_app_apu flag (Christian)