video/rockchip: fix zero memory copy in vcodec reg_init

When extra_size is zero, this triggers exception in kernel:

[ 2689.066416] rk_vcodec: set reg[77] ffffffff
[ 2689.066428] rk_vcodec: reg_copy_to_hw:1656: leave
[ 2689.066443] rk_iommu ff660480.iommu: Page fault at 0x0000000000000200 of type read
[ 2689.066452] rk_iommu ff660480.iommu: iova = 0x0000000000000200: dte_index: 0x0 pte_index: 0x0 page_offset: 0x200
[ 2689.066471] rk_iommu ff660480.iommu: mmu_dte_addr: 0x00000000785c4000 dte@0x00000000785c4000: 0x000000 valid: 0 pte@0x0000000000000000: 0x000000 valid: 0 page@0x0000000000000000 flags: 0x0
[ 2689.069518] rk_vcodec: try_set_reg:1738: leave
[ 2689.108387] rk_vcodec: vdpu_irq reg 1 status 408362 mask: irq 100 ready 1000 error 3e000
[ 2689.108406] rk_vcodec: vdpu_irq dec status 00408362
[ 2689.108413] rk_vcodec: task rkvdec status 00408362 mask 0003e000
[ 2689.108419] rk_vcodec: rkvdec task: 41 ms

This commit fixes that.

diff --git a/drivers/video/rockchip/vcodec/vcodec_service.c b/drivers/video/rockchip/vcodec/vcodec_service.c
index d4156bf16804a54cb2582aa3aa1c6a2f9fd46932..fed175d359731130040ab8e24d1d7e65c9e05baa 100644 (file)
--- a/drivers/video/rockchip/vcodec/vcodec_service.c
+++ b/drivers/video/rockchip/vcodec/vcodec_service.c
@@ -1275,11 +1275,15 @@ static struct vpu_reg *reg_init(struct vpu_subdev_data *data,
                return NULL;
        }
 
-       if (copy_from_user(&extra_info, (u8 *)src + size, extra_size)) {
-               vpu_err("error: copy_from_user failed\n");
-               kfree(reg);
-               return NULL;
-       }
+  if (extra_size > 0) {
+    if (copy_from_user(&extra_info, (u8 *)src + size, extra_size)) {
+      vpu_err("error: copy_from_user failed\n");
+      kfree(reg);
+      return NULL;
+    }
+  } else {
+    memset(&extra_info, 0, sizeof(extra_info));
+  }
 
        if (vcodec_reg_address_translate(data, session, reg, &extra_info) < 0) {
                int i = 0;