drm/xe: Fix access_ok check in user_fence_create

Check size of the data not size of the pointer.

Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202407300421.IBkAja96-lkp@intel.com/
Fixes: 0fde907da2d5 ("drm/xe: Validate user fence during creation")
Cc: Matthew Auld <matthew.auld@intel.com>
Cc: Matthew Brost <matthew.brost@intel.com>
Reviewed-by: Matthew Auld <matthew.auld@intel.com>
Reviewed-by: Tejas Upadhyay <tejas.upadhyay@intel.com>
Reviewed-by: Apoorva Singh <apoorva.singh@intel.com>
Link: https://patchwork.freedesktop.org/patch/msgid/20240806110722.28661-1-nirmoy.das@intel.com
Signed-off-by: Nirmoy Das <nirmoy.das@intel.com>

diff --git a/drivers/gpu/drm/xe/xe_sync.c b/drivers/gpu/drm/xe/xe_sync.c
index 3aa6270e5dd7753d8911986edc07aeb4d88dc98d..ca826aeb41ea837c7da966ba150a64603947b6b0 100644 (file)
--- a/drivers/gpu/drm/xe/xe_sync.c
+++ b/drivers/gpu/drm/xe/xe_sync.c
@@ -55,7 +55,7 @@ static struct xe_user_fence *user_fence_create(struct xe_device *xe, u64 addr,
        struct xe_user_fence *ufence;
        u64 __user *ptr = u64_to_user_ptr(addr);
 
-       if (!access_ok(ptr, sizeof(ptr)))
+       if (!access_ok(ptr, sizeof(*ptr)))
                return ERR_PTR(-EFAULT);
 
        ufence = kmalloc(sizeof(*ufence), GFP_KERNEL);