From: Fenghua Yu Date: Mon, 6 Apr 2009 18:21:49 +0000 (-0700) Subject: Intel-IOMMU Alignment Issue in dma_pte_clear_range() X-Git-Tag: firefly_0821_release~14528^2~1 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=31d3568dfeb1dfb2735f119efe5ece7c6d40969c;p=firefly-linux-kernel-4.4.55.git Intel-IOMMU Alignment Issue in dma_pte_clear_range() This issue was pointed out by Linus. In dma_pte_clear_range() in intel-iommu.c start = PAGE_ALIGN(start); end &= PAGE_MASK; npages = (end - start) / VTD_PAGE_SIZE; In partial page case, start could be bigger than end and npages will be negative. Currently the issue doesn't show up as a real bug in because start and end have been aligned to page boundary already by all callers. So the issue has been hidden. But it is dangerous programming practice. Signed-off-by: Fenghua Yu Signed-off-by: David Woodhouse --- diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c index dcda5212f3bb..f0dade1c587b 100644 --- a/drivers/pci/intel-iommu.c +++ b/drivers/pci/intel-iommu.c @@ -733,8 +733,8 @@ static void dma_pte_clear_range(struct dmar_domain *domain, u64 start, u64 end) start &= (((u64)1) << addr_width) - 1; end &= (((u64)1) << addr_width) - 1; /* in case it's partial page */ - start = PAGE_ALIGN(start); - end &= PAGE_MASK; + start &= PAGE_MASK; + end = PAGE_ALIGN(end); npages = (end - start) / VTD_PAGE_SIZE; /* we don't need lock here, nobody else touches the iova range */