mirrors/mesa
0
0
Fork 0
mirror of https://gitlab.freedesktop.org/mesa/mesa.git synced 2024-11-23 10:14:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

zink: avoid UAF on wayland async present with to-be-retired swapchain

Browse Source 
wayland surfaces are likely to become unlinked in WSI implementations upon
retiring a swapchain, requiring the pending present to complete
in order to avoid invalid access

cc: mesa-stable

Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/25288>
This commit is contained in:
Mike Blumenkrantz 2023-09-19 08:53:42 -04:00 committed by Marge Bot
parent 2b7b1059e4
commit aaabb5b0f2
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/gallium/drivers/zink/zink_kopper.c
View File

@ -255,6 +255,9 @@ kopper_CreateSwapchain(struct zink_screen *screen, struct kopper_displaytarget *
bool has_alpha = cdt->info.has_alpha && (cdt->caps.supportedCompositeAlpha & VK_COMPOSITE_ALPHA_PRE_MULTIPLIED_BIT_KHR);
if (cdt->swapchain) {
cswap->scci = cdt->swapchain->scci;
/* avoid UAF if async present needs to-be-retired swapchain */
if (cdt->type == KOPPER_WAYLAND && cdt->swapchain->swapchain)
util_queue_fence_wait(&cdt->swapchain->present_fence);
cswap->scci.oldSwapchain = cdt->swapchain->swapchain;
} else {
cswap->scci.sType = VK_STRUCTURE_TYPE_SWAPCHAIN_CREATE_INFO_KHR;