On Thu, Sep 5, 2024 at 2:46 AM Thomas Weißschuh <thomas.weissschuh@xxxxxxxxxxxxx> wrote: > > The members "start" and "end" of struct resource are of type > "resource_size_t" which can be 32bit wide. > Values read from OF however are always 64bit wide. > Avoid silently truncating the value and instead return an error value. > > This can happen on real systems when the DT was created for a > PAE-enabled kernel and a non-PAE kernel is actually running. > For example with an arm defconfig and "qemu-system-arm -M virt". A nice follow-up would be to make of_pci_range_to_resource() use overflows_type() as well instead of open coding it. > Link: https://bugs.launchpad.net/qemu/+bug/1790975 > Signed-off-by: Thomas Weißschuh <thomas.weissschuh@xxxxxxxxxxxxx> > Tested-by: Nam Cao <namcao@xxxxxxxxxxxxx> > Reviewed-by: Nam Cao <namcao@xxxxxxxxxxxxx> > --- > drivers/of/address.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/drivers/of/address.c b/drivers/of/address.c > index d669ce25b5f9..7e59283a4472 100644 > --- a/drivers/of/address.c > +++ b/drivers/of/address.c > @@ -8,6 +8,7 @@ > #include <linux/logic_pio.h> > #include <linux/module.h> > #include <linux/of_address.h> > +#include <linux/overflow.h> > #include <linux/pci.h> > #include <linux/pci_regs.h> > #include <linux/sizes.h> > @@ -1061,7 +1062,11 @@ static int __of_address_to_resource(struct device_node *dev, int index, int bar_ > if (of_mmio_is_nonposted(dev)) > flags |= IORESOURCE_MEM_NONPOSTED; > > + if (overflows_type(taddr, r->start)) > + return -EOVERFLOW; > r->start = taddr; It looks odd that "r->start" is used before it is set, but I guess overflows_type isn't using the value and the compiler would warn otherwise. Applied, thanks. Rob
