Commit 9069925a authored by Andrew Morton's avatar Andrew Morton Committed by Linus Torvalds

[PATCH] resource.c bounds checking fix

From: Jeremy Higdon <jeremy@classic.engr.sgi.com>

I believe there is a bug in kernel/resource.c.

We (SGI sn2 I/O code) are using this for allocating dma map resources, and
we tracked failures we were seeing to find_resource().

The problem is that when testing bounds in the forever loop, the end bound
would be one higher than it should be if it gets set from another resource
(it's set to the proper value when it gets set from the root), causing
find_resource to return an invalid min/max when the requested size was one
greater than would fit between two existing resources.
parent 0693b768
...@@ -244,9 +244,17 @@ static int find_resource(struct resource *root, struct resource *new, ...@@ -244,9 +244,17 @@ static int find_resource(struct resource *root, struct resource *new,
struct resource *this = root->child; struct resource *this = root->child;
new->start = root->start; new->start = root->start;
/*
* Skip past an allocated resource that starts at 0, since the assignment
* of this->start - 1 to new->end below would cause an underflow.
*/
if (this && this->start == 0) {
new->start = this->end + 1;
this = this->sibling;
}
for(;;) { for(;;) {
if (this) if (this)
new->end = this->start; new->end = this->start - 1;
else else
new->end = root->end; new->end = root->end;
if (new->start < min) if (new->start < min)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment