From 1d960cfa849eccc2cb995786153dea5b53757dcb Mon Sep 17 00:00:00 2001 From: Nitin Kumbhar Date: Wed, 31 Oct 2018 11:32:16 +0530 Subject: [PATCH] gpu: nvgpu: add checks for acr ucode mem free Trying to unmap and free acr ucode memory when it's not initialized results in NULL pointer dereferencing. Fix this by checking for validity of ucode memory. [ 132.347391] Unable to handle kernel NULL pointer dereference at virtual address 00000000 ... [ 132.423191] PC is at nvgpu_dma_unmap_free+0x28/0x44 [nvgpu] [ 132.428545] LR is at gm20b_remove_acr_support+0x48/0x64 [nvgpu] ... [ 132.535447] [] nvgpu_dma_unmap_free+0x28/0x44 [nvgpu] [ 132.541836] [] gm20b_remove_acr_support+0x48/0x64 [nvgpu] [ 132.548301] [] gk20a_remove_support+0x58/0x104 [nvgpu] [ 132.554694] [] gk20a_free_cb+0x48/0x78 [nvgpu] [ 132.560299] [] gk20a_put+0x50/0x70 [nvgpu] [ 132.565628] [] nvgpu_pci_remove+0xcc/0x170 [nvgpu] [ 132.571251] [] pci_device_remove+0x3c/0x104 [ 132.576597] [] __device_release_driver+0x7c/0xfc [ 132.582194] [] device_release_driver+0x24/0x38 [ 132.588052] [] unbind_store+0xd8/0xfc [ 132.593203] [] drv_attr_store+0x20/0x30 [ 132.598302] [] sysfs_kf_write+0x40/0x50 [ 132.604068] [] kernfs_fop_write+0xb4/0x1d0 [ 132.609411] [] __vfs_write+0x40/0x140 [ 132.614571] [] vfs_write+0xa8/0x1a0 [ 132.619739] [] SyS_write+0x5c/0xc4 [ 132.624967] [] el0_svc_naked+0x34/0x38 [ 132.630134] ---[ end trace 3563988eb20f2c14 ]--- This situation occurs when gpu is not able to power on for some reason. Bug 2412369 Change-Id: Ifc226ebd692b1ead56066dafeb5da4c23bc2ec48 Signed-off-by: Nitin Kumbhar Reviewed-on: https://git-master.nvidia.com/r/1939939 Reviewed-by: svc-mobile-coverity Reviewed-by: svc-misra-checker Reviewed-by: Mahantesh Kumbar GVS: Gerrit_Virtual_Submit Reviewed-by: Alex Waterman Reviewed-by: mobile promotions Tested-by: mobile promotions --- drivers/gpu/nvgpu/gm20b/acr_gm20b.c | 8 ++++++-- drivers/gpu/nvgpu/tu104/acr_tu104.c | 8 ++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/nvgpu/gm20b/acr_gm20b.c b/drivers/gpu/nvgpu/gm20b/acr_gm20b.c index 3505deebc..8e6ad7dcc 100644 --- a/drivers/gpu/nvgpu/gm20b/acr_gm20b.c +++ b/drivers/gpu/nvgpu/gm20b/acr_gm20b.c @@ -1358,8 +1358,12 @@ void gm20b_remove_acr_support(struct nvgpu_acr *acr) nvgpu_release_firmware(g, acr->acr.acr_hs_bl.hs_bl_fw); } - nvgpu_dma_unmap_free(vm, &acr->acr.acr_ucode); - nvgpu_dma_unmap_free(vm, &acr->acr.acr_hs_bl.hs_bl_ucode); + if (nvgpu_mem_is_valid(&acr->acr.acr_ucode)) { + nvgpu_dma_unmap_free(vm, &acr->acr.acr_ucode); + } + if (nvgpu_mem_is_valid(&acr->acr.acr_hs_bl.hs_bl_ucode)) { + nvgpu_dma_unmap_free(vm, &acr->acr.acr_hs_bl.hs_bl_ucode); + } } static void gm20b_acr_default_sw_init(struct gk20a *g, struct hs_acr *hs_acr) diff --git a/drivers/gpu/nvgpu/tu104/acr_tu104.c b/drivers/gpu/nvgpu/tu104/acr_tu104.c index b6b9d9e82..75055096c 100644 --- a/drivers/gpu/nvgpu/tu104/acr_tu104.c +++ b/drivers/gpu/nvgpu/tu104/acr_tu104.c @@ -120,8 +120,12 @@ static void tu104_free_hs_acr(struct gk20a *g, nvgpu_release_firmware(g, acr_type->acr_hs_bl.hs_bl_fw); } - nvgpu_dma_unmap_free(vm, &acr_type->acr_ucode); - nvgpu_dma_unmap_free(vm, &acr_type->acr_hs_bl.hs_bl_ucode); + if (nvgpu_mem_is_valid(&acr_type->acr_ucode)) { + nvgpu_dma_unmap_free(vm, &acr_type->acr_ucode); + } + if (nvgpu_mem_is_valid(&acr_type->acr_hs_bl.hs_bl_ucode)) { + nvgpu_dma_unmap_free(vm, &acr_type->acr_hs_bl.hs_bl_ucode); + } } static void tu104_remove_acr_support(struct nvgpu_acr *acr)