devicetree.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] of: Use proper types for checking memory overflow
@ 2014-07-08  0:45 Laura Abbott
  2014-07-08  7:15 ` Geert Uytterhoeven
       [not found] ` <1404780343-32188-1-git-send-email-lauraa-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
  0 siblings, 2 replies; 4+ messages in thread
From: Laura Abbott @ 2014-07-08  0:45 UTC (permalink / raw)
  To: Grant Likely, Rob Herring
  Cc: Laura Abbott, Geert Uytterhoeven, Nicolas Pitre, devicetree,
	linux-kernel, linux-arm-kernel

Commit a67a6ed15513541579d38bcbd127e7be170710e5
(of: Check for phys_addr_t overflows in early_init_dt_add_memory_arch)
corrected early_init_dt_add_memory_arch to account for overflows
but did so in an unclean way using ULONG_MAX. There is no
guarantee that sizeof(unsigned long) == sizeof(phys_addr_t).
Check against phys_addr_t instead.

Signed-off-by: Laura Abbott <lauraa@codeaurora.org>
---
 drivers/of/fdt.c | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
index b777d8f..b88a68e 100644
--- a/drivers/of/fdt.c
+++ b/drivers/of/fdt.c
@@ -875,24 +875,24 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
 }
 
 #ifdef CONFIG_HAVE_MEMBLOCK
+#define MAX_PHYS_ADDR	((phys_addr_t)~0)
+
 void __init __weak early_init_dt_add_memory_arch(u64 base, u64 size)
 {
 	const u64 phys_offset = __pa(PAGE_OFFSET);
 	base &= PAGE_MASK;
 	size &= PAGE_MASK;
 
-	if (sizeof(phys_addr_t) < sizeof(u64)) {
-		if (base > ULONG_MAX) {
-			pr_warning("Ignoring memory block 0x%llx - 0x%llx\n",
-					base, base + size);
-			return;
-		}
+	if (base > MAX_PHYS_ADDR) {
+		pr_warning("Ignoring memory block 0x%llx - 0x%llx\n",
+				base, base + size);
+		return;
+	}
 
-		if (base + size > ULONG_MAX) {
-			pr_warning("Ignoring memory range 0x%lx - 0x%llx\n",
-					ULONG_MAX, base + size);
-			size = ULONG_MAX - base;
-		}
+	if (base + size > MAX_PHYS_ADDR) {
+		pr_warning("Ignoring memory range 0x%lx - 0x%llx\n",
+				ULONG_MAX, base + size);
+		size = MAX_PHYS_ADDR - base;
 	}
 
 	if (base + size < phys_offset) {
-- 
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
hosted by The Linux Foundation

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] of: Use proper types for checking memory overflow
  2014-07-08  0:45 [PATCH] of: Use proper types for checking memory overflow Laura Abbott
@ 2014-07-08  7:15 ` Geert Uytterhoeven
       [not found] ` <1404780343-32188-1-git-send-email-lauraa-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
  1 sibling, 0 replies; 4+ messages in thread
From: Geert Uytterhoeven @ 2014-07-08  7:15 UTC (permalink / raw)
  To: Laura Abbott
  Cc: Grant Likely, Rob Herring, Nicolas Pitre,
	devicetree@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org

On Tue, Jul 8, 2014 at 2:45 AM, Laura Abbott <lauraa@codeaurora.org> wrote:
> Commit a67a6ed15513541579d38bcbd127e7be170710e5
> (of: Check for phys_addr_t overflows in early_init_dt_add_memory_arch)
> corrected early_init_dt_add_memory_arch to account for overflows
> but did so in an unclean way using ULONG_MAX. There is no
> guarantee that sizeof(unsigned long) == sizeof(phys_addr_t).
> Check against phys_addr_t instead.

Thanks!

> Signed-off-by: Laura Abbott <lauraa@codeaurora.org>

Tested-by: Geert Uytterhoeven <geert@linux-m68k.org>

Gr{oetje,eeting}s,

                        Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] of: Use proper types for checking memory overflow
       [not found] ` <1404780343-32188-1-git-send-email-lauraa-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
@ 2014-07-08  7:24   ` Nicolas Pitre
  2014-07-09 12:58     ` Grant Likely
  0 siblings, 1 reply; 4+ messages in thread
From: Nicolas Pitre @ 2014-07-08  7:24 UTC (permalink / raw)
  To: Laura Abbott
  Cc: Grant Likely, Rob Herring, Geert Uytterhoeven,
	devicetree-u79uwXL29TY76Z2rM5mHXA,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r

On Mon, 7 Jul 2014, Laura Abbott wrote:

> Commit a67a6ed15513541579d38bcbd127e7be170710e5
> (of: Check for phys_addr_t overflows in early_init_dt_add_memory_arch)
> corrected early_init_dt_add_memory_arch to account for overflows
> but did so in an unclean way using ULONG_MAX. There is no
> guarantee that sizeof(unsigned long) == sizeof(phys_addr_t).
> Check against phys_addr_t instead.
> 
> Signed-off-by: Laura Abbott <lauraa-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>

Acked-by: Nicolas Pitre <nico-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>

> ---
>  drivers/of/fdt.c | 22 +++++++++++-----------
>  1 file changed, 11 insertions(+), 11 deletions(-)
> 
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index b777d8f..b88a68e 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -875,24 +875,24 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
>  }
>  
>  #ifdef CONFIG_HAVE_MEMBLOCK
> +#define MAX_PHYS_ADDR	((phys_addr_t)~0)
> +
>  void __init __weak early_init_dt_add_memory_arch(u64 base, u64 size)
>  {
>  	const u64 phys_offset = __pa(PAGE_OFFSET);
>  	base &= PAGE_MASK;
>  	size &= PAGE_MASK;
>  
> -	if (sizeof(phys_addr_t) < sizeof(u64)) {
> -		if (base > ULONG_MAX) {
> -			pr_warning("Ignoring memory block 0x%llx - 0x%llx\n",
> -					base, base + size);
> -			return;
> -		}
> +	if (base > MAX_PHYS_ADDR) {
> +		pr_warning("Ignoring memory block 0x%llx - 0x%llx\n",
> +				base, base + size);
> +		return;
> +	}
>  
> -		if (base + size > ULONG_MAX) {
> -			pr_warning("Ignoring memory range 0x%lx - 0x%llx\n",
> -					ULONG_MAX, base + size);
> -			size = ULONG_MAX - base;
> -		}
> +	if (base + size > MAX_PHYS_ADDR) {
> +		pr_warning("Ignoring memory range 0x%lx - 0x%llx\n",
> +				ULONG_MAX, base + size);
> +		size = MAX_PHYS_ADDR - base;
>  	}
>  
>  	if (base + size < phys_offset) {
> -- 
> The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
> hosted by The Linux Foundation
> 
> 
--
To unsubscribe from this list: send the line "unsubscribe devicetree" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH] of: Use proper types for checking memory overflow
  2014-07-08  7:24   ` Nicolas Pitre
@ 2014-07-09 12:58     ` Grant Likely
  0 siblings, 0 replies; 4+ messages in thread
From: Grant Likely @ 2014-07-09 12:58 UTC (permalink / raw)
  To: Nicolas Pitre, Laura Abbott
  Cc: Rob Herring, Geert Uytterhoeven, devicetree, linux-kernel,
	linux-arm-kernel

On Tue, 8 Jul 2014 09:24:08 +0200 (CEST), Nicolas Pitre <nicolas.pitre@linaro.org> wrote:
> On Mon, 7 Jul 2014, Laura Abbott wrote:
> 
> > Commit a67a6ed15513541579d38bcbd127e7be170710e5
> > (of: Check for phys_addr_t overflows in early_init_dt_add_memory_arch)
> > corrected early_init_dt_add_memory_arch to account for overflows
> > but did so in an unclean way using ULONG_MAX. There is no
> > guarantee that sizeof(unsigned long) == sizeof(phys_addr_t).
> > Check against phys_addr_t instead.
> > 
> > Signed-off-by: Laura Abbott <lauraa@codeaurora.org>
> 
> Acked-by: Nicolas Pitre <nico@linaro.org>

Applied, thanks.

g.

> 
> > ---
> >  drivers/of/fdt.c | 22 +++++++++++-----------
> >  1 file changed, 11 insertions(+), 11 deletions(-)
> > 
> > diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> > index b777d8f..b88a68e 100644
> > --- a/drivers/of/fdt.c
> > +++ b/drivers/of/fdt.c
> > @@ -875,24 +875,24 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
> >  }
> >  
> >  #ifdef CONFIG_HAVE_MEMBLOCK
> > +#define MAX_PHYS_ADDR	((phys_addr_t)~0)
> > +
> >  void __init __weak early_init_dt_add_memory_arch(u64 base, u64 size)
> >  {
> >  	const u64 phys_offset = __pa(PAGE_OFFSET);
> >  	base &= PAGE_MASK;
> >  	size &= PAGE_MASK;
> >  
> > -	if (sizeof(phys_addr_t) < sizeof(u64)) {
> > -		if (base > ULONG_MAX) {
> > -			pr_warning("Ignoring memory block 0x%llx - 0x%llx\n",
> > -					base, base + size);
> > -			return;
> > -		}
> > +	if (base > MAX_PHYS_ADDR) {
> > +		pr_warning("Ignoring memory block 0x%llx - 0x%llx\n",
> > +				base, base + size);
> > +		return;
> > +	}
> >  
> > -		if (base + size > ULONG_MAX) {
> > -			pr_warning("Ignoring memory range 0x%lx - 0x%llx\n",
> > -					ULONG_MAX, base + size);
> > -			size = ULONG_MAX - base;
> > -		}
> > +	if (base + size > MAX_PHYS_ADDR) {
> > +		pr_warning("Ignoring memory range 0x%lx - 0x%llx\n",
> > +				ULONG_MAX, base + size);
> > +		size = MAX_PHYS_ADDR - base;
> >  	}
> >  
> >  	if (base + size < phys_offset) {
> > -- 
> > The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
> > hosted by The Linux Foundation
> > 
> > 

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-07-09 12:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-07-08  0:45 [PATCH] of: Use proper types for checking memory overflow Laura Abbott
2014-07-08  7:15 ` Geert Uytterhoeven
     [not found] ` <1404780343-32188-1-git-send-email-lauraa-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2014-07-08  7:24   ` Nicolas Pitre
2014-07-09 12:58     ` Grant Likely

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).