* [patch] iommu/vt-d: shift wrapping bug in prq_event_thread()
@ 2015-10-15 18:25 Dan Carpenter
2015-10-16 16:28 ` Woodhouse, David
0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2015-10-15 18:25 UTC (permalink / raw)
To: Joerg Roedel, David Woodhouse; +Cc: iommu, kernel-janitors
The "req->addr" variable is a bit field declared as "u64 addr:52;".
The "address" variable is a u64. We need to cast "req->addr" to a u64
before the shift or the result is truncated to 52 bits.
Fixes: 0b9252a34858 ('iommu/vt-d: Implement page request handling')
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
Also does this code work if PAGE_SHIFT is more than 12? (I am a newbie
so this is not rhetorical, I don't know the answer).
diff --git a/drivers/iommu/intel-svm.c b/drivers/iommu/intel-svm.c
index ba88889..19aa67b 100644
--- a/drivers/iommu/intel-svm.c
+++ b/drivers/iommu/intel-svm.c
@@ -395,7 +395,7 @@ static irqreturn_t prq_event_thread(int irq, void *d)
req = &iommu->prq[head / sizeof(*req)];
result = QI_RESP_INVALID;
- address = req->addr << PAGE_SHIFT;
+ address = (u64)req->addr << PAGE_SHIFT;
if (!req->pasid_present) {
pr_err("%s: Page request without PASID: %08llx %08llx\n",
iommu->name, ((unsigned long long *)req)[0],
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [patch] iommu/vt-d: shift wrapping bug in prq_event_thread()
2015-10-15 18:25 [patch] iommu/vt-d: shift wrapping bug in prq_event_thread() Dan Carpenter
@ 2015-10-16 16:28 ` Woodhouse, David
0 siblings, 0 replies; 2+ messages in thread
From: Woodhouse, David @ 2015-10-16 16:28 UTC (permalink / raw)
To: joro-zLv9SwRftAIdnm+yROfE0A@public.gmane.org,
dan.carpenter-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org
Cc: iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
kernel-janitors-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
[-- Attachment #1: Type: text/plain, Size: 846 bytes --]
On Thu, 2015-10-15 at 21:25 +0300, Dan Carpenter wrote:
> The "req->addr" variable is a bit field declared as "u64 addr:52;".
> The "address" variable is a u64. We need to cast "req->addr" to a u64
> before the shift or the result is truncated to 52 bits.
>
> Fixes: 0b9252a34858 ('iommu/vt-d: Implement page request handling')
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Applied; thanks.
> Also does this code work if PAGE_SHIFT is more than 12? (I am a newbie
> so this is not rhetorical, I don't know the answer).
Er, no it doesn't. That should have been VTD_PAGE_SHIFT, not PAGE_SHIFT
— and then it *will* always be 12. Thanks for pointing it out.
--
David Woodhouse Open Source Technology Centre
David.Woodhouse@intel.com Intel Corporation
[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 3437 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-10-16 16:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-10-15 18:25 [patch] iommu/vt-d: shift wrapping bug in prq_event_thread() Dan Carpenter
2015-10-16 16:28 ` Woodhouse, David
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).