review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Qu Huang <jinsdb@126.com>
	Thu, 28 Jan 2021 12:14:25 +0000 (20:14 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 7 Apr 2021 13:00:10 +0000 (15:00 +0200)
commit	28f901fe1634c04b3f0073704e5ec8d0d62a2764
tree	57b1e2175457a794ae16bbc241ad9bcfc54fa08b	tree \| snapshot
parent	ec3e06e06f763d8ef5ba3919e2c4e59366b5b92a	commit \| diff

drm/amdkfd: dqm fence memory corruption

commit e92049ae4548ba09e53eaa9c8f6964b07ea274c9 upstream.

Amdgpu driver uses 4-byte data type as DQM fence memory,
and transmits GPU address of fence memory to microcode
through query status PM4 message. However, query status
PM4 message definition and microcode processing are all
processed according to 8 bytes. Fence memory only allocates
4 bytes of memory, but microcode does write 8 bytes of memory,
so there is a memory corruption.

Changes since v1:
* Change dqm->fence_addr as a u64 pointer to fix this issue,
also fix up query_status and amdkfd_fence_wait_timeout function
uses 64 bit fence value to make them consistent.

Signed-off-by: Qu Huang <jinsdb@126.com>
Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
Signed-off-by: Felix Kuehling <Felix.Kuehling@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

drivers/gpu/drm/amd/amdkfd/kfd_dbgdev.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.h		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_packet_manager.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_packet_manager_v9.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_packet_manager_vi.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_priv.h		diff \| blob \| history