[VP] Fix 3DLut/HVS kernel copy overflow

paddingSize will lead to copy kernel (3DLUT/HVS) overflow

Author: jiafengy1

media_common/agnostic/common/hw/mhw_state_heap.h

@@ -253,6 +253,7 @@ typedef struct _MHW_KERNEL_PARAM
     void    *pExtra;                         //!< Kernel parameter
     uint8_t *pBinary;                        //!< Pointer to kernel binary
     int32_t iSize;                          //!< Kernel size
+    int32_t iPaddingSize;                   //!< Padding size  
     int32_t iGrfCount;                      //!< Number of registers
     int32_t iBTCount;                       //!< Number of BT entries
     int32_t iThreadCount;                   //!< Number of threads (max)

media_common/agnostic/common/vp/kdll/hal_kerneldll_next.h

@@ -636,6 +636,7 @@ typedef struct tagKdll_CacheEntry
     // Kernel binary
     uint8_t *pBinary;  // kernel binary
     int      iSize;    // kernel size
+    int      iPaddingSize; //kernel padding size
 
     // Component kernel information
     int            iKUID;   // kernel unique id (static kernel)

media_driver/agnostic/common/vp/hal/vphal_render_common.h

@@ -2417,6 +2417,7 @@ typedef struct _VPHAL_VEBOX_EXEC_STATE
         (MhwKernelParam).iSize    = (_pKernelEntry)->iSize;                         \
         (MhwKernelParam).iKUID    = (_pKernelEntry)->iKUID;                         \
         (MhwKernelParam).iKCID    = (_pKernelEntry)->iKCID;                         \
+        (MhwKernelParam).iPaddingSize = (_pKernelEntry)->iPaddingSize;              \
     } while(0)
 
 //!

media_softlet/agnostic/common/renderhal/renderhal.cpp

@@ -2354,6 +2354,9 @@ int32_t RenderHal_LoadKernel(
             // To reload the kernel forcibly if needed
             if (pKernel->bForceReload)
             {
+                // The ForceReload function is only utilized in legacy code.
+                // Since APO does not follow this execution path,
+                // there is no need to include padding size code here.
                 dwOffset = pKernelAllocation->dwOffset;
                 MOS_SecureMemcpy(pStateHeap->pIshBuffer + dwOffset, iKernelSize, pKernelPtr, iKernelSize);
 
@@ -2398,6 +2401,9 @@ int32_t RenderHal_LoadKernel(
             // To reload the kernel forcibly if needed
             if (pKernel->bForceReload)
             {
+                // The ForceReload function is only utilized in legacy code.
+                // Since APO does not follow this execution path,
+                // there is no need to include padding size code here.
                 dwOffset = pKernelAllocation->dwOffset;
                 MOS_SecureMemcpy(pStateHeap->pIshBuffer + dwOffset, iKernelSize, pKernelPtr, iKernelSize);
 
@@ -2533,10 +2539,11 @@ int32_t RenderHal_LoadKernel(
         pKernelAllocation->iAllocIndex  = iKernelAllocationID;
 
         // Copy kernel data
-        MOS_SecureMemcpy(pStateHeap->pIshBuffer + dwOffset, iKernelSize, pKernelPtr, iKernelSize);
-        if (iKernelSize < iSize)
+        int32_t iCopyKernelSize = iKernelSize - pKernel->iPaddingSize;
+        MOS_SecureMemcpy(pStateHeap->pIshBuffer + dwOffset, iCopyKernelSize, pKernelPtr, iCopyKernelSize);
+        if (iCopyKernelSize < iSize)
         {
-            MOS_ZeroMemory(pStateHeap->pIshBuffer + dwOffset + iKernelSize, iSize - iKernelSize);
+            MOS_ZeroMemory(pStateHeap->pIshBuffer + dwOffset + iCopyKernelSize, iSize - iCopyKernelSize);
         }
     } while (false);
 

media_softlet/agnostic/common/shared/mediacopy/media_render_copy_next.cpp

@@ -40,6 +40,7 @@
         (MhwKernelParam).iSize    = (_pKernelEntry)->iSize;                         \
         (MhwKernelParam).iKUID    = (_pKernelEntry)->iKUID;                         \
         (MhwKernelParam).iKCID    = (_pKernelEntry)->iKCID;                         \
+        (MhwKernelParam).iPaddingSize = (_pKernelEntry)->iPaddingSize;              \
     } while(0)
 
 

media_softlet/agnostic/common/shared/packet/media_render_cmd_packet.h

@@ -78,6 +78,7 @@ class MhwCpInterface;
         (MhwKernelParam).iSize    = (_pKernelEntry)->iSize;                         \
         (MhwKernelParam).iKUID    = (_pKernelEntry)->iKUID;                         \
         (MhwKernelParam).iKCID    = (_pKernelEntry)->iKCID;                         \
+        (MhwKernelParam).iPaddingSize = (_pKernelEntry)->iPaddingSize;              \
     } while(0)
 
 typedef struct _PIPECONTRL_PARAMS

media_softlet/agnostic/common/vp/hal/packet/vp_render_kernel_obj.cpp

@@ -72,6 +72,7 @@ MOS_STATUS VpRenderKernelObj::GetKernelEntry(Kdll_CacheEntry &entry)
     entry.iFilterSize   = 2;
     entry.pFilter       = nullptr;
     entry.iSize         = m_kernelSize;
+    entry.iPaddingSize  = m_kernelPaddingSize; 
     entry.pBinary       = (uint8_t *)m_kernelBinary;
     return MOS_STATUS_SUCCESS;
 }

media_softlet/agnostic/common/vp/hal/packet/vp_render_kernel_obj.h

@@ -596,6 +596,7 @@ class VpRenderKernelObj
     void *                                                  m_kernelBinary = nullptr;
     uint32_t                                                m_kernelBinaryID = 0;
     uint32_t                                                m_kernelSize = 0;
+    uint32_t                                                m_kernelPaddingSize = 0;
     VpKernelID                                              m_kernelId = kernelCombinedFc;
     DelayLoadedKernelType                                   m_kernelType     = KernelNone;
     KernelIndex                                             m_kernelIndex = 0;          // index of current kernel in KERNEL_PARAMS_LIST

media_softlet/agnostic/common/vp/hal/packet/vp_render_vebox_hdr_3dlut_kernel.cpp

@@ -456,7 +456,7 @@ MOS_STATUS VpRenderHdr3DLutKernelCM::Init(VpRenderKernel &kernel)
 {
     VP_FUNC_CALL();
     m_kernelSize = kernel.GetKernelSize() + KERNEL_BINARY_PADDING_SIZE;
-
+    m_kernelPaddingSize = KERNEL_BINARY_PADDING_SIZE;
     uint8_t *pKernelBin = (uint8_t *)kernel.GetKernelBinPointer();
     VP_RENDER_CHK_NULL_RETURN(pKernelBin);
 

media_softlet/agnostic/common/vp/hal/packet/vp_render_vebox_hvs_kernel.cpp

@@ -49,7 +49,7 @@ MOS_STATUS VpRenderHVSKernel::Init(VpRenderKernel &kernel)
 {
     VP_FUNC_CALL();
     m_kernelSize = kernel.GetKernelSize() + KERNEL_BINARY_PADDING_SIZE;
-
+    m_kernelPaddingSize = KERNEL_BINARY_PADDING_SIZE;
     uint8_t *pKernelBin = (uint8_t *)kernel.GetKernelBinPointer();
     VP_RENDER_CHK_NULL_RETURN(pKernelBin);