This is a note to let you know that I've just added the patch titled
memblock: ensure there is no overflow in memblock_overlaps_region()
to the 5.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
memblock-ensure-there-is-no-overflow-in-memblock_overlaps_region.patch
and it can be found in the queue-5.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Wed Dec 15 03:02:39 PM CET 2021
From: Mark-PK Tsai <mark-pk.tsai@xxxxxxxxxxxx>
Date: Mon, 13 Dec 2021 16:57:08 +0800
Subject: memblock: ensure there is no overflow in memblock_overlaps_region()
To: <stable@xxxxxxxxxxxxxxx>
Cc: <rppt@xxxxxxxxxx>, <akpm@xxxxxxxxxxxxxxxxxxxx>, <linux-arm-kernel@xxxxxxxxxxxxxxxxxxx>, <linux-kernel@xxxxxxxxxxxxxxx>, <linux-mm@xxxxxxxxx>, <linux@xxxxxxxxxxxxxxx>, <rppt@xxxxxxxxxxxxx>, <tony@xxxxxxxxxxx>, <wangkefeng.wang@xxxxxxxxxx>, <mark-pk.tsai@xxxxxxxxxxxx>, <yj.chiang@xxxxxxxxxxxx>
Message-ID: <20211213085710.28962-4-mark-pk.tsai@xxxxxxxxxxxx>
From: Mike Rapoport <rppt@xxxxxxxxxxxxx>
commit 023accf5cdc1e504a9b04187ec23ff156fe53d90 upstream.
There maybe an overflow in memblock_overlaps_region() if it is called with
base and size such that
base + size > PHYS_ADDR_MAX
Make sure that memblock_overlaps_region() caps the size to prevent such
overflow and remove now duplicated call to memblock_cap_size() from
memblock_is_region_reserved().
Signed-off-by: Mike Rapoport <rppt@xxxxxxxxxxxxx>
Tested-by: Tony Lindgren <tony@xxxxxxxxxxx>
Link: https://lore.kernel.org/lkml/20210630071211.21011-1-rppt@xxxxxxxxxx/
Signed-off-by: Mark-PK Tsai <mark-pk.tsai@xxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
mm/memblock.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/mm/memblock.c
+++ b/mm/memblock.c
@@ -164,6 +164,8 @@ bool __init_memblock memblock_overlaps_r
{
unsigned long i;
+ memblock_cap_size(base, &size);
+
for (i = 0; i < type->cnt; i++)
if (memblock_addrs_overlap(base, size, type->regions[i].base,
type->regions[i].size))
@@ -1760,7 +1762,6 @@ bool __init_memblock memblock_is_region_
*/
bool __init_memblock memblock_is_region_reserved(phys_addr_t base, phys_addr_t size)
{
- memblock_cap_size(base, &size);
return memblock_overlaps_region(&memblock.reserved, base, size);
}
Patches currently in stable-queue which might be from mark-pk.tsai@xxxxxxxxxxxx are
queue-5.4/arm-extend-pfn_valid-to-take-into-account-freed-memory-map-alignment.patch
queue-5.4/arm-ioremap-don-t-abuse-pfn_valid-to-check-if-pfn-is-in-ram.patch
queue-5.4/memblock-free_unused_memmap-use-pageblock-units-instead-of-max_order.patch
queue-5.4/memblock-align-freed-memory-map-on-pageblock-boundaries-with-sparsemem.patch
queue-5.4/memblock-ensure-there-is-no-overflow-in-memblock_overlaps_region.patch
