Commit 62465415 authored by Matt Evans's avatar Matt Evans Committed by Arnd Bergmann

locking/atomic: cmpxchg: Make __generic_cmpxchg_local compare against zero-extended 'old' value

__generic_cmpxchg_local takes unsigned long old/new arguments which
might end up being up-cast from smaller signed types (which will
sign-extend).  The loaded compare value must be compared against a
truncated smaller type, so down-cast appropriately for each size.

The issue is apparent on 64-bit machines with code, such as
atomic_dec_unless_positive(), that sign-extends from int.

64-bit machines generally don't use the generic cmpxchg but
development/early ports might make use of it, so make it correct.
Signed-off-by: default avatarMatt Evans <mev@rivosinc.com>
Signed-off-by: default avatarArnd Bergmann <arnd@arndb.de>
parent 88603b6d
...@@ -26,15 +26,15 @@ static inline unsigned long __generic_cmpxchg_local(volatile void *ptr, ...@@ -26,15 +26,15 @@ static inline unsigned long __generic_cmpxchg_local(volatile void *ptr,
raw_local_irq_save(flags); raw_local_irq_save(flags);
switch (size) { switch (size) {
case 1: prev = *(u8 *)ptr; case 1: prev = *(u8 *)ptr;
if (prev == old) if (prev == (u8)old)
*(u8 *)ptr = (u8)new; *(u8 *)ptr = (u8)new;
break; break;
case 2: prev = *(u16 *)ptr; case 2: prev = *(u16 *)ptr;
if (prev == old) if (prev == (u16)old)
*(u16 *)ptr = (u16)new; *(u16 *)ptr = (u16)new;
break; break;
case 4: prev = *(u32 *)ptr; case 4: prev = *(u32 *)ptr;
if (prev == old) if (prev == (u32)old)
*(u32 *)ptr = (u32)new; *(u32 *)ptr = (u32)new;
break; break;
case 8: prev = *(u64 *)ptr; case 8: prev = *(u64 *)ptr;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment