of: device: Fix overflow of coherent_dma_mask

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Size of the dma-range is calculated as coherent_dma_mask + 1
and passed to arch_setup_dma_ops further. It overflows when
the coherent_dma_mask is set for full 64 bits 0xFFFFFFFFFFFFFFFF,
resulting in size getting passed as 0 wrongly. Fix this by
passsing in max(mask, mask + 1). Note that in this case
when the mask is set to full 64bits, we will be passing the mask
itself to arch_setup_dma_ops instead of the size. The real fix
for this should be to make arch_setup_dma_ops receive the
mask and handle it, to be done in the future.

Reviewed-by: Robin Murphy <robin.murphy@arm.com>
Acked-by: Rob Herring <robh@kernel.org>
Signed-off-by: Sricharan R <sricharan@codeaurora.org>
Signed-off-by: Joerg Roedel <jroedel@suse.de>

authored by

Sricharan R and committed by

Joerg Roedel 9 years ago efc8551a 1d9029d4

+1 -1

1 changed file

expand all

drivers

device.c

+1 -1

drivers/of/device.c

··· 107 107 ret = of_dma_get_range(np, &dma_addr, &paddr, &size); 108 108 if (ret < 0) { 109 109 dma_addr = offset = 0; 110 - size = dev->coherent_dma_mask + 1; 110 + size = max(dev->coherent_dma_mask, dev->coherent_dma_mask + 1); 111 111 } else { 112 112 offset = PFN_DOWN(paddr - dma_addr); 113 113