On 10/02/2018 11:37 AM, Cornelia Huck wrote:
From: Eric Farman <farman@xxxxxxxxxxxxx> We have two nested loops to check the entries within the pfn_array_table arrays. But we mistakenly use the outer array as an index in our check, and completely ignore the indexing performed by the inner loop. Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxx> Message-Id: <20181002010235.42483-1-farman@xxxxxxxxxxxxx> Signed-off-by: Cornelia Huck <cohuck@xxxxxxxxxx> --- drivers/s390/cio/vfio_ccw_cp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/s390/cio/vfio_ccw_cp.c b/drivers/s390/cio/vfio_ccw_cp.c index dbe7c7ac9ac8..fd77e46eb3b2 100644 --- a/drivers/s390/cio/vfio_ccw_cp.c +++ b/drivers/s390/cio/vfio_ccw_cp.c @@ -163,7 +163,7 @@ static bool pfn_array_table_iova_pinned(struct pfn_array_table *pat, for (i = 0; i < pat->pat_nr; i++, pa++) for (j = 0; j < pa->pa_nr; j++) - if (pa->pa_iova_pfn[i] == iova_pfn) + if (pa->pa_iova_pfn[j] == iova_pfn) return true; return false;
Me and Jason have been looking at this code recently and we think this is the right fix.
Reviewed-by: Farhan Ali <alifm@xxxxxxxxxxxxx> Reviewed-by: Jason J. Herne <jjherne@xxxxxxxxxxxxxxxxxx>
