From 7aac00ee58d0cf9f7f790721a510bc19f2c30f43 Mon Sep 17 00:00:00 2001
From: Konsta Holtta <kholtta@nvidia.com>
Date: Wed, 12 Dec 2018 14:40:43 +0200
Subject: [PATCH] gpu: nvgpu: verify usermode mapping is at most 64K

Commit ca611e4d0e14 (gpu: nvgpu: verify usermode mapping is at least
PAGE_SIZE) was not quite the right thing to do; do_mmap() rounds the
length up to a page boundary anyway, but the length must not be longer
than the size of the usermode region which is 64 KB to avoid leaking
access to other registers.

Bug 2441531

Change-Id: Ib1c88a6725db62c8276b6e8b880631227a4fc8cd
Signed-off-by: Konsta Holtta <kholtta@nvidia.com>
Reviewed-on: https://git-master.nvidia.com/r/1971339
Reviewed-by: Alex Waterman <alexw@nvidia.com>
GVS: Gerrit_Virtual_Submit
Reviewed-by: Terje Bergstrom <tbergstrom@nvidia.com>
Reviewed-by: Allen Martin <amartin@nvidia.com>
Reviewed-by: Debarshi Dutta <ddutta@nvidia.com>
Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com>
Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
---
 drivers/gpu/nvgpu/os/linux/ioctl_ctrl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/nvgpu/os/linux/ioctl_ctrl.c b/drivers/gpu/nvgpu/os/linux/ioctl_ctrl.c
index 08c3fd281..e21cdf792 100644
--- a/drivers/gpu/nvgpu/os/linux/ioctl_ctrl.c
+++ b/drivers/gpu/nvgpu/os/linux/ioctl_ctrl.c
@@ -1958,7 +1958,7 @@ int gk20a_ctrl_dev_mmap(struct file *filp, struct vm_area_struct *vma)
 	if (priv->usermode_vma.vma != NULL)
 		return -EBUSY;
 
-	if (vma->vm_end - vma->vm_start < PAGE_SIZE)
+	if (vma->vm_end - vma->vm_start > SZ_64K)
 		return -EINVAL;
 
 	if (vma->vm_pgoff != 0UL)