From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753669AbcIUEU4 (ORCPT <rfc822;w@1wt.eu>);
        Wed, 21 Sep 2016 00:20:56 -0400
Received: from sender153-mail.zoho.com ([74.201.84.153]:25475 "EHLO
        sender153-mail.zoho.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753367AbcIUEUx (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 21 Sep 2016 00:20:53 -0400
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; 
  s=zapps768; d=zoho.com; 
  h=cc:to:from:subject:message-id:date:user-agent:mime-version:content-type; 
  b=D5B1og1C4rdHh6nYrqJX8W2Gk/vJXc1vw+eP59v2wjRKK5XvA3n/E4bkBGkh6qtC3HbuKcEn/1KH
    nX4Q7ZUSOwZQO1vDp5K44EDt5E3jgUEt8v3g2HWTPlKPX/fCJB7t  
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, zijun_hu@htc.com,
        tj@kernel.org, mingo@kernel.org, rientjes@google.com,
        iamjoonsoo.kim@lge.com, mgorman@techsingularity.net
To: Andrew Morton <akpm@linux-foundation.org>
From: zijun_hu <zijun_hu@zoho.com>
Subject: [PATCH 1/1] lib/ioremap.c: avoid endless loop under ioremapping page
 unaligned ranges
Message-ID: <57E20A69.5010206@zoho.com>
Date: Wed, 21 Sep 2016 12:19:53 +0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: zijun_hu <zijun_hu@htc.com>

endless loop maybe happen if either of parameter addr and end is not
page aligned for kernel API function ioremap_page_range()

in order to fix this issue and alert improper range parameters to user
WARN_ON() checkup and rounding down range lower boundary are performed
firstly, loop end condition within ioremap_pte_range() is optimized due
to lack of relevant macro pte_addr_end()

Signed-off-by: zijun_hu <zijun_hu@htc.com>
---
 lib/ioremap.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/ioremap.c b/lib/ioremap.c
index 86c8911..911bdca 100644
--- a/lib/ioremap.c
+++ b/lib/ioremap.c
@@ -64,7 +64,7 @@ static int ioremap_pte_range(pmd_t *pmd, unsigned long addr,
 		BUG_ON(!pte_none(*pte));
 		set_pte_at(&init_mm, addr, pte, pfn_pte(pfn, prot));
 		pfn++;
-	} while (pte++, addr += PAGE_SIZE, addr != end);
+	} while (pte++, addr += PAGE_SIZE, addr < end && addr >= PAGE_SIZE);
 	return 0;
 }
 
@@ -129,7 +129,9 @@ int ioremap_page_range(unsigned long addr,
 	int err;
 
 	BUG_ON(addr >= end);
+	WARN_ON(!PAGE_ALIGNED(addr) || !PAGE_ALIGNED(end));
 
+	addr = round_down(addr, PAGE_SIZE);
 	start = addr;
 	phys_addr -= addr;
 	pgd = pgd_offset_k(addr);
-- 
1.9.1