From 5c049b5c793a14a3cb936b23e503b07e6ac5c0d6 Mon Sep 17 00:00:00 2001
From: Deepak Nibade <dnibade@nvidia.com>
Date: Fri, 9 Sep 2016 12:18:14 +0530
Subject: gpu: nvgpu: fix allocation and map size mismatch while mapping

It is possible to allocate larger size than user requested
e.g. If we allocate at 64k granularity, and user asks for
32k buffer, we end up allocating 64k chunk.

User still asks to map the buffer with size 32k and
hence we reserve mapping addresses only for 32k

But due to bug in mapping in update_gmmu_ptes_locked()
we end up creating mappings considering size of 64k
and corrupt some mappings

Fix this by considering min(chunk->length, map_size) while
mapping address range for a chunk

Also, map_size will be zero once we map all requested
address range. So bail out from the loop if map_size
is zero

Bug 1805064

Change-Id: I125d3ce261684dce7e679f9cb39198664f8937c4
Signed-off-by: Deepak Nibade <dnibade@nvidia.com>
Reviewed-on: http://git-master/r/1217755
(cherry picked from commit 3ee1c6bc0718fb8dd9a28a37eff43a2872bdd5c0)
Reviewed-on: http://git-master/r/1221775
GVS: Gerrit_Virtual_Submit
Reviewed-by: Bharat Nihalani <bnihalani@nvidia.com>
---
 drivers/gpu/nvgpu/gk20a/mm_gk20a.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'drivers')

diff --git a/drivers/gpu/nvgpu/gk20a/mm_gk20a.c b/drivers/gpu/nvgpu/gk20a/mm_gk20a.c
index a0e88c3e..1551dd16 100644
--- a/drivers/gpu/nvgpu/gk20a/mm_gk20a.c
+++ b/drivers/gpu/nvgpu/gk20a/mm_gk20a.c
@@ -3749,6 +3749,7 @@ static int update_gmmu_ptes_locked(struct vm_gk20a *vm,
 	u64 ctag = (u64)ctag_offset * (u64)ctag_granularity;
 	u64 iova = 0;
 	u64 space_to_skip = buffer_offset;
+	u64 map_size = gpu_end - gpu_va;
 	u32 page_size  = vm->gmmu_page_sizes[pgsz_idx];
 	int err;
 	struct scatterlist *sgl = NULL;
@@ -3787,6 +3788,7 @@ static int update_gmmu_ptes_locked(struct vm_gk20a *vm,
 				} else {
 					iova = chunk->base + space_to_skip;
 					length = chunk->length - space_to_skip;
+					length = min(length, map_size);
 					space_to_skip = 0;
 
 					err = update_gmmu_level_locked(vm,
@@ -3799,10 +3801,16 @@ static int update_gmmu_ptes_locked(struct vm_gk20a *vm,
 						cacheable, unmapped_pte,
 						rw_flag, sparse, 0, priv,
 						aperture);
+					if (err)
+						break;
 
 					/* need to set explicit zero here */
 					space_to_skip = 0;
 					gpu_va += length;
+					map_size -= length;
+
+					if (!map_size)
+						break;
 				}
 			}
 		} else {
-- 
cgit v1.2.2