aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFenghua Yu <fenghua.yu@intel.com>2009-04-06 14:21:49 -0400
committerDavid Woodhouse <David.Woodhouse@intel.com>2009-04-06 17:47:00 -0400
commit31d3568dfeb1dfb2735f119efe5ece7c6d40969c (patch)
tree1318855f27727682e4ceda925c499ae99d6f4bba
parentffa009c366e33f3eae48bba2547051fe15795f64 (diff)
Intel-IOMMU Alignment Issue in dma_pte_clear_range()
This issue was pointed out by Linus. In dma_pte_clear_range() in intel-iommu.c start = PAGE_ALIGN(start); end &= PAGE_MASK; npages = (end - start) / VTD_PAGE_SIZE; In partial page case, start could be bigger than end and npages will be negative. Currently the issue doesn't show up as a real bug in because start and end have been aligned to page boundary already by all callers. So the issue has been hidden. But it is dangerous programming practice. Signed-off-by: Fenghua Yu <fenghua.yu@intel.com> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
-rw-r--r--drivers/pci/intel-iommu.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c
index dcda5212f3bb..f0dade1c587b 100644
--- a/drivers/pci/intel-iommu.c
+++ b/drivers/pci/intel-iommu.c
@@ -733,8 +733,8 @@ static void dma_pte_clear_range(struct dmar_domain *domain, u64 start, u64 end)
733 start &= (((u64)1) << addr_width) - 1; 733 start &= (((u64)1) << addr_width) - 1;
734 end &= (((u64)1) << addr_width) - 1; 734 end &= (((u64)1) << addr_width) - 1;
735 /* in case it's partial page */ 735 /* in case it's partial page */
736 start = PAGE_ALIGN(start); 736 start &= PAGE_MASK;
737 end &= PAGE_MASK; 737 end = PAGE_ALIGN(end);
738 npages = (end - start) / VTD_PAGE_SIZE; 738 npages = (end - start) / VTD_PAGE_SIZE;
739 739
740 /* we don't need lock here, nobody else touches the iova range */ 740 /* we don't need lock here, nobody else touches the iova range */