summaryrefslogtreecommitdiffstats
path: root/drivers
diff options
context:
space:
mode:
authorFenghua Yu <fenghua.yu@intel.com>2009-04-06 11:21:49 -0700
committerDavid Woodhouse <David.Woodhouse@intel.com>2009-04-06 14:47:00 -0700
commit31d3568dfeb1dfb2735f119efe5ece7c6d40969c (patch)
tree1318855f27727682e4ceda925c499ae99d6f4bba /drivers
parentffa009c366e33f3eae48bba2547051fe15795f64 (diff)
downloadlinux-31d3568dfeb1dfb2735f119efe5ece7c6d40969c.tar.gz
linux-31d3568dfeb1dfb2735f119efe5ece7c6d40969c.tar.bz2
linux-31d3568dfeb1dfb2735f119efe5ece7c6d40969c.zip
Intel-IOMMU Alignment Issue in dma_pte_clear_range()
This issue was pointed out by Linus. In dma_pte_clear_range() in intel-iommu.c start = PAGE_ALIGN(start); end &= PAGE_MASK; npages = (end - start) / VTD_PAGE_SIZE; In partial page case, start could be bigger than end and npages will be negative. Currently the issue doesn't show up as a real bug in because start and end have been aligned to page boundary already by all callers. So the issue has been hidden. But it is dangerous programming practice. Signed-off-by: Fenghua Yu <fenghua.yu@intel.com> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Diffstat (limited to 'drivers')
-rw-r--r--drivers/pci/intel-iommu.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/drivers/pci/intel-iommu.c b/drivers/pci/intel-iommu.c
index dcda5212f3bb..f0dade1c587b 100644
--- a/drivers/pci/intel-iommu.c
+++ b/drivers/pci/intel-iommu.c
@@ -733,8 +733,8 @@ static void dma_pte_clear_range(struct dmar_domain *domain, u64 start, u64 end)
start &= (((u64)1) << addr_width) - 1;
end &= (((u64)1) << addr_width) - 1;
/* in case it's partial page */
- start = PAGE_ALIGN(start);
- end &= PAGE_MASK;
+ start &= PAGE_MASK;
+ end = PAGE_ALIGN(end);
npages = (end - start) / VTD_PAGE_SIZE;
/* we don't need lock here, nobody else touches the iova range */