gpu: nvgpu: fix KASAN slab-out-of-bounds error

KASAN reports below slab-out-of-bounds error when accessing gr->map_tiles since gr->map_tiles is allocated with wrong(small) size. fixing it by passing correct size to nvgpu_kzalloc. BUG: KASAN: slab-out-of-bounds in gr_gk20a_init_map_tiles+0x6f0/0x7b0 ... .... BUG: KASAN: slab-out-of-bounds in gr_gk20a_zcull_init_hw+0x184/0x848 ... ... BUG: KASAN: slab-out-of-bounds in gr_gk20a_setup_rop_mapping+0x108/0x1740 ... ... BUG: KASAN: slab-out-of-bounds in gr_gk20a_setup_rop_mapping+0x108/0x1740 ... Bug 1918671 Change-Id: I667ac80b20a3d8539ed3eaae6e0f98e91f917819 Signed-off-by: David Pu <dpu@nvidia.com> Reviewed-on: http://git-master/r/1472491 Reviewed-by: mobile promotions <svcmobile_promotions@nvidia.com> Tested-by: mobile promotions <svcmobile_promotions@nvidia.com>
author: David Pu <dpu@nvidia.com> 2017-04-28 20:18:22 -0400
committer: mobile promotions <svcmobile_promotions@nvidia.com> 2017-05-03 11:44:42 -0400
commit: 162108d0706bb45cdff07c31ab1360935b396f67 (patch)
tree: 1235750da6d0d57595762f68787806641319ba77 /drivers/gpu/nvgpu/gk20a/gr_gk20a.c
parent: abbc687a31de4ebd53bd5a05889d31d3b090969c (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/gpu/nvgpu/gk20a/gr_gk20a.c b/drivers/gpu/nvgpu/gk20a/gr_gk20a.c
index ac03c1e5..b2225dae 100644
--- a/drivers/gpu/nvgpu/gk20a/gr_gk20a.c
+++ b/drivers/gpu/nvgpu/gk20a/gr_gk20a.c
@@ -3770,7 +3770,7 @@ static int gr_gk20a_init_map_tiles(struct gk20a *g, struct gr_gk20a *gr)
        }
        if (gr->map_tiles == NULL) {
-                gr->map_tiles = nvgpu_kzalloc(g, num_gpcs * sizeof(u8));
+                gr->map_tiles = nvgpu_kzalloc(g, map_tile_count * sizeof(u8));
                if (gr->map_tiles == NULL) {
                        ret = -ENOMEM;
                        goto clean_up;
author	David Pu <dpu@nvidia.com>	2017-04-28 20:18:22 -0400
committer	mobile promotions <svcmobile_promotions@nvidia.com>	2017-05-03 11:44:42 -0400
commit	162108d0706bb45cdff07c31ab1360935b396f67 (patch)
tree	1235750da6d0d57595762f68787806641319ba77 /drivers/gpu/nvgpu/gk20a/gr_gk20a.c
parent	abbc687a31de4ebd53bd5a05889d31d3b090969c (diff)

diff --git a/drivers/gpu/nvgpu/gk20a/gr_gk20a.c b/drivers/gpu/nvgpu/gk20a/gr_gk20a.c index ac03c1e5..b2225dae 100644 --- a/drivers/gpu/nvgpu/gk20a/gr_gk20a.c +++ b/drivers/gpu/nvgpu/gk20a/gr_gk20a.c
@@ -3770,7 +3770,7 @@ static int gr_gk20a_init_map_tiles(struct gk20a g, struct gr_gk20a gr)
3770	}	3770	}
3771		3771
3772	if (gr->map_tiles == NULL) {	3772	if (gr->map_tiles == NULL) {
3773	gr->map_tiles = nvgpu_kzalloc(g, num_gpcs * sizeof(u8));	3773	gr->map_tiles = nvgpu_kzalloc(g, map_tile_count * sizeof(u8));
3774	if (gr->map_tiles == NULL) {	3774	if (gr->map_tiles == NULL) {
3775	ret = -ENOMEM;	3775	ret = -ENOMEM;
3776	goto clean_up;	3776	goto clean_up;