Commit e6c82f8c authored by Kees Cook's avatar Kees Cook Committed by Zheng Zengkai
Browse files

drm/amd/display: Avoid HDCP over-read and corruption 

stable inclusion
from stable-5.10.51
commit c5b518f4b98dbb2bc31b6a55e6aaa1e0e2948f2e
bugzilla: 175263 https://gitee.com/openeuler/kernel/issues/I4DT6F

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c5b518f4b98dbb2bc31b6a55e6aaa1e0e2948f2e



--------------------------------

[ Upstream commit 06888d57 ]

Instead of reading the desired 5 bytes of the actual target field,
the code was reading 8. This could result in a corrupted value if the
trailing 3 bytes were non-zero, so instead use an appropriately sized
and zero-initialized bounce buffer, and read only 5 bytes before casting
to u64.

Signed-off-by: default avatarKees Cook <keescook@chromium.org>
Signed-off-by: default avatarAlex Deucher <alexander.deucher@amd.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarChen Jun <chenjun102@huawei.com>
Acked-by: default avatarWeilong Chen <chenweilong@huawei.com>
Signed-off-by: default avatarChen Jun <chenjun102@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent d5d53d1b
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment