Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

dmapool: fix overflow condition in pool_find_page()

If a DMA pool lies at the very top of the dma_addr_t range (as may
happen with an IOMMU involved), the calculated end address of the pool
wraps around to zero, and page lookup always fails.

Tweak the relevant calculation to be overflow-proof.

Signed-off-by: Robin Murphy <robin.murphy@arm.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Marek Szyprowski <m.szyprowski@samsung.com>
Cc: Sumit Semwal <sumit.semwal@linaro.org>
Cc: Sakari Ailus <sakari.ailus@iki.fi>
Cc: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Robin Murphy 9 years ago
parent
44241628bb
commit
676bd99178
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      mm/dmapool.c

+ 1 - 1
mm/dmapool.c
View File 

@@ -394,7 +394,7 @@ static struct dma_page *pool_find_page(struct dma_pool *pool, dma_addr_t dma)
 
 	list_for_each_entry(page, &pool->page_list, page_list) {
 
 		if (dma < page->dma)
 
 			continue;
 
-		if (dma < (page->dma + pool->allocation))
 
+		if ((dma - page->dma) < pool->allocation)
 
 			return page;
 
 	}
 
 	return NULL;