[PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init

linux-arm-kernel.lists.infradead.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init
@ 2012-11-21 16:42 Lorenzo Pieralisi
  2012-11-22 12:08 ` Lorenzo Pieralisi
  0 siblings, 1 reply; 4+ messages in thread
From: Lorenzo Pieralisi @ 2012-11-21 16:42 UTC (permalink / raw)
  To: linux-arm-kernel

If a kernel is configured with a DT containing more /cpu nodes than
nr_cpu_ids, the number of cpus must be capped in the DT parsing
code. Current code carries out the check, but fails to cap the
value and the check is executed after the cpu logical index is used,
which can lead to memory corruption due to index overflow.

This patch refactors the check against nr_cpu_ids and move it before
any computed index is used in the parsing code.

Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
Reported-by: Mark Rutland <mark.rutland@arm.com>
---
Russell,

while refactoring the DT loop over nodes, I unfortunately missed this niggle
in the parsing loop that Mark reported. Here is the fix, sorry for the
additional commit, if it is ok for you I will add it to your patch system.

Apologies and thanks,
Lorenzo

 arch/arm/kernel/devtree.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/arch/arm/kernel/devtree.c b/arch/arm/kernel/devtree.c
index aaf9add..70f1bde 100644
--- a/arch/arm/kernel/devtree.c
+++ b/arch/arm/kernel/devtree.c
@@ -139,10 +139,14 @@ void __init arm_dt_init_cpu_maps(void)
 			i = cpuidx++;
 		}

-		tmp_map[i] = hwid;
-
-		if (cpuidx > nr_cpu_ids)
+		if (WARN(cpuidx > nr_cpu_ids, "DT /cpu %u nodes greater than "
+					       "max cores %u, capping them\n",
+					       cpuidx, nr_cpu_ids)) {
+			cpuidx = nr_cpu_ids;
 			break;
+		}
+
+		tmp_map[i] = hwid;
 	}

 	if (WARN(!bootcpu_valid, "DT missing boot CPU MPIDR[23:0], "
-- 
1.7.12

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init
  2012-11-21 16:42 [PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init Lorenzo Pieralisi
@ 2012-11-22 12:08 ` Lorenzo Pieralisi
  2012-11-22 15:33   ` Grant Likely
  0 siblings, 1 reply; 4+ messages in thread
From: Lorenzo Pieralisi @ 2012-11-22 12:08 UTC (permalink / raw)
  To: linux-arm-kernel

Hi Russell,

On Wed, Nov 21, 2012 at 04:42:56PM +0000, Lorenzo Pieralisi wrote:
> If a kernel is configured with a DT containing more /cpu nodes than
> nr_cpu_ids, the number of cpus must be capped in the DT parsing
> code. Current code carries out the check, but fails to cap the
> value and the check is executed after the cpu logical index is used,
> which can lead to memory corruption due to index overflow.
> 
> This patch refactors the check against nr_cpu_ids and move it before
> any computed index is used in the parsing code.
> 
> Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
> Reported-by: Mark Rutland <mark.rutland@arm.com>
> ---
> Russell,
> 
> while refactoring the DT loop over nodes, I unfortunately missed this niggle
> in the parsing loop that Mark reported. Here is the fix, sorry for the
> additional commit, if it is ok for you I will add it to your patch system.
> 
> Apologies and thanks,
> Lorenzo
> 
>  arch/arm/kernel/devtree.c | 10 +++++++---
>  1 file changed, 7 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/arm/kernel/devtree.c b/arch/arm/kernel/devtree.c
> index aaf9add..70f1bde 100644
> --- a/arch/arm/kernel/devtree.c
> +++ b/arch/arm/kernel/devtree.c
> @@ -139,10 +139,14 @@ void __init arm_dt_init_cpu_maps(void)
>  			i = cpuidx++;
>  		}
>  
> -		tmp_map[i] = hwid;
> -
> -		if (cpuidx > nr_cpu_ids)
> +		if (WARN(cpuidx > nr_cpu_ids, "DT /cpu %u nodes greater than "
> +					       "max cores %u, capping them\n",
> +					       cpuidx, nr_cpu_ids)) {
> +			cpuidx = nr_cpu_ids;
>  			break;
> +		}
> +
> +		tmp_map[i] = hwid;
>  	}
>  
>  	if (WARN(!bootcpu_valid, "DT missing boot CPU MPIDR[23:0], "

If it looks fine to you, can I queue this simple fix in your patch
system please ?

Thanks and apologies for the extra commit,
Lorenzo

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init
  2012-11-22 12:08 ` Lorenzo Pieralisi
@ 2012-11-22 15:33   ` Grant Likely
  2012-11-22 17:05     ` Lorenzo Pieralisi
  0 siblings, 1 reply; 4+ messages in thread
From: Grant Likely @ 2012-11-22 15:33 UTC (permalink / raw)
  To: linux-arm-kernel

On Thu, 22 Nov 2012 12:08:43 +0000, Lorenzo Pieralisi <lorenzo.pieralisi@arm.com> wrote:
> Hi Russell,
> 
> On Wed, Nov 21, 2012 at 04:42:56PM +0000, Lorenzo Pieralisi wrote:
> > If a kernel is configured with a DT containing more /cpu nodes than
> > nr_cpu_ids, the number of cpus must be capped in the DT parsing
> > code. Current code carries out the check, but fails to cap the
> > value and the check is executed after the cpu logical index is used,
> > which can lead to memory corruption due to index overflow.
> > 
> > This patch refactors the check against nr_cpu_ids and move it before
> > any computed index is used in the parsing code.
> > 
> > Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
> > Reported-by: Mark Rutland <mark.rutland@arm.com>
> > ---
> > Russell,
> > 
> > while refactoring the DT loop over nodes, I unfortunately missed this niggle
> > in the parsing loop that Mark reported. Here is the fix, sorry for the
> > additional commit, if it is ok for you I will add it to your patch system.
> > 
> > Apologies and thanks,
> > Lorenzo
> > 
> >  arch/arm/kernel/devtree.c | 10 +++++++---
> >  1 file changed, 7 insertions(+), 3 deletions(-)
> > 
> > diff --git a/arch/arm/kernel/devtree.c b/arch/arm/kernel/devtree.c
> > index aaf9add..70f1bde 100644
> > --- a/arch/arm/kernel/devtree.c
> > +++ b/arch/arm/kernel/devtree.c
> > @@ -139,10 +139,14 @@ void __init arm_dt_init_cpu_maps(void)
> >  			i = cpuidx++;
> >  		}
> >  
> > -		tmp_map[i] = hwid;
> > -
> > -		if (cpuidx > nr_cpu_ids)
> > +		if (WARN(cpuidx > nr_cpu_ids, "DT /cpu %u nodes greater than "
> > +					       "max cores %u, capping them\n",
> > +					       cpuidx, nr_cpu_ids)) {
> > +			cpuidx = nr_cpu_ids;
> >  			break;
> > +		}
> > +
> > +		tmp_map[i] = hwid;
> >  	}
> >  
> >  	if (WARN(!bootcpu_valid, "DT missing boot CPU MPIDR[23:0], "
> 
> If it looks fine to you, can I queue this simple fix in your patch
> system please ?
> 
> Thanks and apologies for the extra commit,
> Lorenzo

Acked-by: Grant Likely <grant.likely@secretlab.ca>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init
  2012-11-22 15:33   ` Grant Likely
@ 2012-11-22 17:05     ` Lorenzo Pieralisi
  0 siblings, 0 replies; 4+ messages in thread
From: Lorenzo Pieralisi @ 2012-11-22 17:05 UTC (permalink / raw)
  To: linux-arm-kernel

On Thu, Nov 22, 2012 at 03:33:36PM +0000, Grant Likely wrote:
> On Thu, 22 Nov 2012 12:08:43 +0000, Lorenzo Pieralisi <lorenzo.pieralisi@arm.com> wrote:
> > Hi Russell,
> > 
> > On Wed, Nov 21, 2012 at 04:42:56PM +0000, Lorenzo Pieralisi wrote:
> > > If a kernel is configured with a DT containing more /cpu nodes than
> > > nr_cpu_ids, the number of cpus must be capped in the DT parsing
> > > code. Current code carries out the check, but fails to cap the
> > > value and the check is executed after the cpu logical index is used,
> > > which can lead to memory corruption due to index overflow.
> > > 
> > > This patch refactors the check against nr_cpu_ids and move it before
> > > any computed index is used in the parsing code.
> > > 
> > > Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
> > > Reported-by: Mark Rutland <mark.rutland@arm.com>
> > > ---
> > > Russell,
> > > 
> > > while refactoring the DT loop over nodes, I unfortunately missed this niggle
> > > in the parsing loop that Mark reported. Here is the fix, sorry for the
> > > additional commit, if it is ok for you I will add it to your patch system.
> > > 
> > > Apologies and thanks,
> > > Lorenzo
> > > 
> > >  arch/arm/kernel/devtree.c | 10 +++++++---
> > >  1 file changed, 7 insertions(+), 3 deletions(-)
> > > 
> > > diff --git a/arch/arm/kernel/devtree.c b/arch/arm/kernel/devtree.c
> > > index aaf9add..70f1bde 100644
> > > --- a/arch/arm/kernel/devtree.c
> > > +++ b/arch/arm/kernel/devtree.c
> > > @@ -139,10 +139,14 @@ void __init arm_dt_init_cpu_maps(void)
> > >  			i = cpuidx++;
> > >  		}
> > >  
> > > -		tmp_map[i] = hwid;
> > > -
> > > -		if (cpuidx > nr_cpu_ids)
> > > +		if (WARN(cpuidx > nr_cpu_ids, "DT /cpu %u nodes greater than "
> > > +					       "max cores %u, capping them\n",
> > > +					       cpuidx, nr_cpu_ids)) {
> > > +			cpuidx = nr_cpu_ids;
> > >  			break;
> > > +		}
> > > +
> > > +		tmp_map[i] = hwid;
> > >  	}
> > >  
> > >  	if (WARN(!bootcpu_valid, "DT missing boot CPU MPIDR[23:0], "
> > 
> > If it looks fine to you, can I queue this simple fix in your patch
> > system please ?
> > 
> > Thanks and apologies for the extra commit,
> > Lorenzo
> 
> Acked-by: Grant Likely <grant.likely@secretlab.ca>

Thanks a lot Grant.

Queued with ID: 7585/1

Thanks,
Lorenzo

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2012-11-22 17:05 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-11-21 16:42 [PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init Lorenzo Pieralisi
2012-11-22 12:08 ` Lorenzo Pieralisi
2012-11-22 15:33   ` Grant Likely
2012-11-22 17:05     ` Lorenzo Pieralisi

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).