[PATCH 1/2] ACPI/IORT: Handle potential overflow in iort_dma_setup
Andrew Jones
drjones at redhat.com
Tue Dec 18 18:48:40 UTC 2018
The sum of dmaaddr and size may overflow, particularly considering
there are cases where size will be U64_MAX.
Signed-off-by: Andrew Jones <drjones at redhat.com>
---
drivers/acpi/arm64/iort.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/acpi/arm64/iort.c b/drivers/acpi/arm64/iort.c
index 70f4e80b9246..a0f4c157ba5e 100644
--- a/drivers/acpi/arm64/iort.c
+++ b/drivers/acpi/arm64/iort.c
@@ -1002,7 +1002,12 @@ void iort_dma_setup(struct device *dev, u64 *dma_addr, u64 *dma_size)
}
if (!ret) {
- msb = fls64(dmaaddr + size - 1);
+ u64 dmaaddr_max = dmaaddr + size - 1;
+ if (dmaaddr_max >= dmaaddr)
+ msb = fls64(dmaaddr_max);
+ else
+ msb = 64;
+
/*
* Round-up to the power-of-two mask or set
* the mask to the whole 64-bit address space
--
2.17.2
More information about the iommu
mailing list