git.monstr.eu Git - linux-2.6-microblaze.git/commit

author	Qu Huang <jinsdb@126.com>
	Thu, 28 Jan 2021 12:14:25 +0000 (20:14 +0800)
committer	Alex Deucher <alexander.deucher@amd.com>
	Thu, 1 Apr 2021 01:53:25 +0000 (21:53 -0400)
commit	e92049ae4548ba09e53eaa9c8f6964b07ea274c9
tree	67fc315e4aff60df091f148c9fc57b5c72aaab83	tree \| snapshot
parent	5e61b84f9d3ddfba73091f9fbc940caae1c9eb22	commit \| diff

drm/amdkfd: dqm fence memory corruption

Amdgpu driver uses 4-byte data type as DQM fence memory,
and transmits GPU address of fence memory to microcode
through query status PM4 message. However, query status
PM4 message definition and microcode processing are all
processed according to 8 bytes. Fence memory only allocates
4 bytes of memory, but microcode does write 8 bytes of memory,
so there is a memory corruption.

Changes since v1:
* Change dqm->fence_addr as a u64 pointer to fix this issue,
also fix up query_status and amdkfd_fence_wait_timeout function
uses 64 bit fence value to make them consistent.

Signed-off-by: Qu Huang <jinsdb@126.com>
Reviewed-by: Felix Kuehling <Felix.Kuehling@amd.com>
Signed-off-by: Felix Kuehling <Felix.Kuehling@amd.com>
Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Cc: stable@vger.kernel.org

drivers/gpu/drm/amd/amdkfd/kfd_dbgdev.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.h		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_packet_manager.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_packet_manager_v9.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_packet_manager_vi.c		diff \| blob \| history
drivers/gpu/drm/amd/amdkfd/kfd_priv.h		diff \| blob \| history