[PATCH] ARM: kernel: fix nr_cpu_ids check in DT logical map init

Lorenzo Pieralisi lorenzo.pieralisi at arm.com
Fri Nov 23 04:05:39 EST 2012


On Thu, Nov 22, 2012 at 03:33:36PM +0000, Grant Likely wrote:
> On Thu, 22 Nov 2012 12:08:43 +0000, Lorenzo Pieralisi <lorenzo.pieralisi at arm.com> wrote:
> > Hi Russell,
> > 
> > On Wed, Nov 21, 2012 at 04:42:56PM +0000, Lorenzo Pieralisi wrote:
> > > If a kernel is configured with a DT containing more /cpu nodes than
> > > nr_cpu_ids, the number of cpus must be capped in the DT parsing
> > > code. Current code carries out the check, but fails to cap the
> > > value and the check is executed after the cpu logical index is used,
> > > which can lead to memory corruption due to index overflow.
> > > 
> > > This patch refactors the check against nr_cpu_ids and move it before
> > > any computed index is used in the parsing code.
> > > 
> > > Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi at arm.com>
> > > Reported-by: Mark Rutland <mark.rutland at arm.com>
> > > ---
> > > Russell,
> > > 
> > > while refactoring the DT loop over nodes, I unfortunately missed this niggle
> > > in the parsing loop that Mark reported. Here is the fix, sorry for the
> > > additional commit, if it is ok for you I will add it to your patch system.
> > > 
> > > Apologies and thanks,
> > > Lorenzo
> > > 
> > >  arch/arm/kernel/devtree.c | 10 +++++++---
> > >  1 file changed, 7 insertions(+), 3 deletions(-)
> > > 
> > > diff --git a/arch/arm/kernel/devtree.c b/arch/arm/kernel/devtree.c
> > > index aaf9add..70f1bde 100644
> > > --- a/arch/arm/kernel/devtree.c
> > > +++ b/arch/arm/kernel/devtree.c
> > > @@ -139,10 +139,14 @@ void __init arm_dt_init_cpu_maps(void)
> > >  			i = cpuidx++;
> > >  		}
> > >  
> > > -		tmp_map[i] = hwid;
> > > -
> > > -		if (cpuidx > nr_cpu_ids)
> > > +		if (WARN(cpuidx > nr_cpu_ids, "DT /cpu %u nodes greater than "
> > > +					       "max cores %u, capping them\n",
> > > +					       cpuidx, nr_cpu_ids)) {
> > > +			cpuidx = nr_cpu_ids;
> > >  			break;
> > > +		}
> > > +
> > > +		tmp_map[i] = hwid;
> > >  	}
> > >  
> > >  	if (WARN(!bootcpu_valid, "DT missing boot CPU MPIDR[23:0], "
> > 
> > If it looks fine to you, can I queue this simple fix in your patch
> > system please ?
> > 
> > Thanks and apologies for the extra commit,
> > Lorenzo
> 
> Acked-by: Grant Likely <grant.likely at secretlab.ca>

Thanks a lot Grant.

Queued with ID: 7585/1

Thanks,
Lorenzo



More information about the devicetree-discuss mailing list