On Thu, 2022-09-29 at 12:58 -0300, Jason Gunthorpe wrote: > On Thu, Sep 29, 2022 at 05:33:01PM +0200, Niklas Schnelle wrote: > > The domain->geometry.aperture_end specifies the last valid address treat > > it as such when checking if a DMA address is valid. > > > > Reviewed-by: Pierre Morel <pmorel@xxxxxxxxxxxxx> > > Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxx> > > Signed-off-by: Niklas Schnelle <schnelle@xxxxxxxxxxxxx> > > --- > > drivers/iommu/s390-iommu.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/iommu/s390-iommu.c b/drivers/iommu/s390-iommu.c > > index ed0e64f478cf..6d4a9c7db32c 100644 > > --- a/drivers/iommu/s390-iommu.c > > +++ b/drivers/iommu/s390-iommu.c > > @@ -210,7 +210,7 @@ static int s390_iommu_update_trans(struct s390_domain *s390_domain, > > int rc = 0; > > > > if (dma_addr < s390_domain->domain.geometry.aperture_start || > > - dma_addr + size > s390_domain->domain.geometry.aperture_end) > > + dma_addr + size > s390_domain->domain.geometry.aperture_end + 1) > > The reason the iommu layer uses 'last' (= start + size - 1) not 'end' > is to allow for the very last byte of the range to be used. > > Meaning (start + size) == 0 in some cases due to the overflow. > > Generally when working with lasts's I prefer people write code in a > way that doesn't trigger the overflow, because there are some > complicated C rules about integer promotion that can mean the desired > overflow silently doesn't happen in obscure cases - especially if > unsigned long != u64 > > So, I'd write this as: > > (dma_addr + size - 1) > s390_domain->domain.geometry.aperture_end > > Jason Makes sense. Thanks.
