mirror of
git://nv-tegra.nvidia.com/linux-nvgpu.git
synced 2025-12-24 10:34:43 +03:00
6fb2b892ce
gv11b_mm_mmu_fault_handle_mmu_fault_refch() right now checks/sets mmu_nack_handled flag for MMU faults from all clients (i.e. GPC/HUB). Handling of MMU nack in MMU fault handling path is only needed if MMU nack exception is triggered by SM in GPC. Hence set and check this flag only if source client is GPC. In certain cases it is possible that CE engine triggers back to back MMU faults on same channel. When this happens, and because of above incorrect mmu_nack_handled flag handling, mmu_nack_handled flag is set while handling second MMU fault from CE. And because of this gv11b_mm_mmu_fault_handle_mmu_fault_refch() function could end up dropping extra channel refcounts and trigger access after free scenarios on that channel. Bug 3315942 Change-Id: I28d8311edf34a041364dddedb5fc3a5b83132f85 Signed-off-by: Deepak Nibade <dnibade@nvidia.com> Reviewed-on: https://git-master.nvidia.com/r/c/linux-nvgpu/+/2540497 Reviewed-by: svc-mobile-coverity <svc-mobile-coverity@nvidia.com> Reviewed-by: svc-mobile-misra <svc-mobile-misra@nvidia.com> Reviewed-by: svc-mobile-cert <svc-mobile-cert@nvidia.com> Reviewed-by: svc_kernel_abi <svc_kernel_abi@nvidia.com> Reviewed-by: Alex Waterman <alexw@nvidia.com> Reviewed-by: Sagar Kamble <skamble@nvidia.com> Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com> Tested-by: mobile promotions <svcmobile_promotions@nvidia.com> GVS: Gerrit_Virtual_Submit