nv-tegra-mirror/linux-nvgpu
1
0
Fork 0
mirror of git://nv-tegra.nvidia.com/linux-nvgpu.git synced 2025-12-23 18:16:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

gpu: nvgpu: fix KASAN slab-out-of-bounds error

Browse Source 
KASAN reports below slab-out-of-bounds error when accessing
gr->map_tiles since gr->map_tiles is allocated with wrong(small) size.

fixing it by passing correct size to nvgpu_kzalloc.

BUG: KASAN: slab-out-of-bounds in gr_gk20a_init_map_tiles+0x6f0/0x7b0 ...
....
BUG: KASAN: slab-out-of-bounds in gr_gk20a_zcull_init_hw+0x184/0x848 ...
...
BUG: KASAN: slab-out-of-bounds in gr_gk20a_setup_rop_mapping+0x108/0x1740 ...
...
BUG: KASAN: slab-out-of-bounds in gr_gk20a_setup_rop_mapping+0x108/0x1740 ...

Bug 1918671

Change-Id: I667ac80b20a3d8539ed3eaae6e0f98e91f917819
Signed-off-by: David Pu <dpu@nvidia.com>
Reviewed-on: http://git-master/r/1472491
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
This commit is contained in:
David Pu
2017-04-28 17:18:22 -07:00
committed by mobile promotions
parent abbc687a31
commit 162108d070
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/gpu/nvgpu/gk20a/gr_gk20a.c
View File

@@ -3770,7 +3770,7 @@ static int gr_gk20a_init_map_tiles(struct gk20a *g, struct gr_gk20a *gr)
} }
if (gr->map_tiles == NULL) { if (gr->map_tiles == NULL) {
gr->map_tiles = nvgpu_kzalloc(g, num_gpcs * sizeof(u8)); gr->map_tiles = nvgpu_kzalloc(g, map_tile_count * sizeof(u8));
if (gr->map_tiles == NULL) { if (gr->map_tiles == NULL) {
ret = -ENOMEM; ret = -ENOMEM;
goto clean_up; goto clean_up;