f644e3038f
The value of struct drm_device.ttm.type_vram can become -1 for unknown types of memory (see nouveau_ttm_init()). This leads to an out-of-bounds error when accessing struct nvif_mmu.type[]: [ 18.304116] ================================================================== [ 18.311649] BUG: KASAN: slab-out-of-bounds in nouveau_ttm_io_mem_reserve+0x17a/0x7e0 [nouveau] [ 18.320415] Read of size 1 at addr ffff88810ffac1fe by task systemd-udevd/342 [ 18.327681] [ 18.329208] CPU: 1 PID: 342 Comm: systemd-udevd Tainted: G E 5.10.0-rc2-1-default+ #581 [ 18.338681] Hardware name: Dell Inc. OptiPlex 9020/0N4YC8, BIOS A24 10/24/2018 [ 18.346032] Call Trace: [ 18.348536] dump_stack+0xae/0xe5 [ 18.351919] print_address_description.constprop.0+0x17/0xf0 [ 18.357787] ? nouveau_ttm_io_mem_reserve+0x17a/0x7e0 [nouveau] [ 18.363818] __kasan_report.cold+0x20/0x38 [ 18.368099] ? nouveau_ttm_io_mem_reserve+0x17a/0x7e0 [nouveau] [ 18.374133] kasan_report+0x3a/0x50 [ 18.377789] nouveau_ttm_io_mem_reserve+0x17a/0x7e0 [nouveau] <...> [ 18.767690] Allocated by task 342: [ 18.773087] kasan_save_stack+0x1b/0x40 [ 18.778890] __kasan_kmalloc.constprop.0+0xbf/0xd0 [ 18.785646] __kmalloc_track_caller+0x1be/0x390 [ 18.792165] kstrdup_const+0x46/0x70 [ 18.797686] kobject_set_name_vargs+0x2f/0xb0 [ 18.803992] kobject_init_and_add+0x9d/0xf0 [ 18.810117] ttm_mem_global_init+0x12c/0x210 [ttm] [ 18.816853] ttm_bo_global_init+0x4a/0x160 [ttm] [ 18.823420] ttm_bo_device_init+0x39/0x220 [ttm] [ 18.830046] nouveau_ttm_init+0x2c3/0x830 [nouveau] [ 18.836929] nouveau_drm_device_init+0x1b4/0x3f0 [nouveau] <...> [ 19.105336] ================================================================== Fix this error, by not using type_vram as an index if it's negative. Assume default values instead. The error was seen on Nvidia G72 hardware. Signed-off-by: Thomas Zimmermann <tzimmermann@suse.de> Reviewed-by: Michael J. Ruhl <michael.j.ruhl@intel.com> Acked-by: Christian König <christian.koenig@amd.com> Fixes: 1cf65c45183a ("drm/ttm: add caching state to ttm_bus_placement") Cc: Christian König <christian.koenig@amd.com> Cc: Michael J. Ruhl <michael.j.ruhl@intel.com> Cc: Maarten Lankhorst <maarten.lankhorst@linux.intel.com> Cc: Maxime Ripard <mripard@kernel.org> Cc: Thomas Zimmermann <tzimmermann@suse.de> Cc: David Airlie <airlied@linux.ie> Cc: Daniel Vetter <daniel@ffwll.ch> Cc: Ben Skeggs <bskeggs@redhat.com> Cc: Dave Airlie <airlied@redhat.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Alex Deucher <alexander.deucher@amd.com> Cc: "Christian König" <christian.koenig@amd.com> Cc: VMware Graphics <linux-graphics-maintainer@vmware.com> Cc: Roland Scheidegger <sroland@vmware.com> Cc: Huang Rui <ray.huang@amd.com> Cc: Felix Kuehling <Felix.Kuehling@amd.com> Cc: Hawking Zhang <Hawking.Zhang@amd.com> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Likun Gao <Likun.Gao@amd.com> Cc: dri-devel@lists.freedesktop.org Cc: nouveau@lists.freedesktop.org Cc: virtualization@lists.linux-foundation.org Cc: spice-devel@lists.freedesktop.org Cc: amd-gfx@lists.freedesktop.org Link: https://patchwork.freedesktop.org/patch/msgid/20201110133655.13174-1-tzimmermann@suse.de
Linux kernel
============
There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.
In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``. The formatted documentation can also be read online at:
https://www.kernel.org/doc/html/latest/
There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.