]> git.baikalelectronics.ru Git - kernel.git/commitdiff
projects / kernel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f99d59c)
drm/nouveau/ttm: avoid using nouveau_drm.ttm.type_vram prior to nv50
authorBen Skeggs <bskeggs@redhat.com>
Sat, 14 Nov 2020 03:50:44 +0000 (13:50 +1000)
committerBen Skeggs <bskeggs@redhat.com>
Sat, 14 Nov 2020 04:19:17 +0000 (14:19 +1000)
Pre-NV50 chipsets don't currently use the MMU subsystem that later
chipsets use, and type_vram is negative here, leading to an OOB memory
access.

This was previously guarded by a chipset check, restore that.

Reported-by: Thomas Zimmermann <tzimmermann@suse.de>
Fixes: 7bb58a0a0bdc ("drm/nouveau: explicitly specify caching to use")
Signed-off-by: Ben Skeggs <bskeggs@redhat.com>
drivers/gpu/drm/nouveau/nouveau_bo.c patch | blob | history

diff --git a/drivers/gpu/drm/nouveau/nouveau_bo.c b/drivers/gpu/drm/nouveau/nouveau_bo.c
index 2ee75646ad6fcb44e33435981d92e2147885d9b8..56b335a5596689ad41164b3d49167f4204b1c896 100644 (file)
--- a/drivers/gpu/drm/nouveau/nouveau_bo.c
+++ b/drivers/gpu/drm/nouveau/nouveau_bo.c
@@ -350,14 +350,13 @@ set_placement_list(struct nouveau_drm *drm, struct ttm_place *pl, unsigned *n,
 
        if (domain & NOUVEAU_GEM_DOMAIN_VRAM) {
                struct nvif_mmu *mmu = &drm->client.mmu;
-               const u8 type = mmu->type[drm->ttm.type_vram].type;
 
                pl[*n].mem_type = TTM_PL_VRAM;
                pl[*n].flags = flags & ~TTM_PL_FLAG_CACHED;
 
                /* Some BARs do not support being ioremapped WC */
                if (drm->client.device.info.family >= NV_DEVICE_INFO_V0_TESLA &&
-                   type & NVIF_MEM_UNCACHED)
+                   mmu->type[drm->ttm.type_vram].type & NVIF_MEM_UNCACHED)
                        pl[*n].flags &= ~TTM_PL_FLAG_WC;
 
                (*n)++;
Linux Kernel Source Tree.