* [PATCH] riscv: Fix a number of free'd resources in init_resources()
@ 2021-08-07 17:54 Petr Pavlu
2021-08-07 22:54 ` Nick Kossifidis
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Petr Pavlu @ 2021-08-07 17:54 UTC (permalink / raw)
To: palmer; +Cc: paul.walmsley, aou, mick, linux-riscv, petr.pavlu
Function init_resources() allocates a boot memory block to hold an array of
resources which it adds to iomem_resource. The array is filled in from its
end and the function then attempts to free any unused memory at the
beginning. The problem is that size of the unused memory is incorrectly
calculated and this can result in releasing memory which is in use by
active resources. Their data then gets corrupted later when the memory is
reused by a different part of the system.
Fix the size of the released memory to correctly match the number of unused
resource entries.
Fixes: ffe0e5261268 ("RISC-V: Improve init_resources()")
Signed-off-by: Petr Pavlu <petr.pavlu@suse.com>
---
arch/riscv/kernel/setup.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
index 18bd0e4bc36c..120b2f6f71bc 100644
--- a/arch/riscv/kernel/setup.c
+++ b/arch/riscv/kernel/setup.c
@@ -229,8 +229,8 @@ static void __init init_resources(void)
}
/* Clean-up any unused pre-allocated resources */
- mem_res_sz = (num_resources - res_idx + 1) * sizeof(*mem_res);
- memblock_free(__pa(mem_res), mem_res_sz);
+ if (res_idx >= 0)
+ memblock_free(__pa(mem_res), (res_idx + 1) * sizeof(*mem_res));
return;
error:
--
2.32.0
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] riscv: Fix a number of free'd resources in init_resources()
2021-08-07 17:54 [PATCH] riscv: Fix a number of free'd resources in init_resources() Petr Pavlu
@ 2021-08-07 22:54 ` Nick Kossifidis
2021-08-08 10:35 ` Sunil V L
2021-08-20 17:33 ` Palmer Dabbelt
2 siblings, 0 replies; 4+ messages in thread
From: Nick Kossifidis @ 2021-08-07 22:54 UTC (permalink / raw)
To: Petr Pavlu; +Cc: palmer, paul.walmsley, aou, mick, linux-riscv
Στις 2021-08-07 20:54, Petr Pavlu έγραψε:
> Function init_resources() allocates a boot memory block to hold an
> array of
> resources which it adds to iomem_resource. The array is filled in from
> its
> end and the function then attempts to free any unused memory at the
> beginning. The problem is that size of the unused memory is incorrectly
> calculated and this can result in releasing memory which is in use by
> active resources. Their data then gets corrupted later when the memory
> is
> reused by a different part of the system.
>
> Fix the size of the released memory to correctly match the number of
> unused
> resource entries.
>
> Fixes: ffe0e5261268 ("RISC-V: Improve init_resources()")
> Signed-off-by: Petr Pavlu <petr.pavlu@suse.com>
> ---
> arch/riscv/kernel/setup.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
> index 18bd0e4bc36c..120b2f6f71bc 100644
> --- a/arch/riscv/kernel/setup.c
> +++ b/arch/riscv/kernel/setup.c
> @@ -229,8 +229,8 @@ static void __init init_resources(void)
> }
>
> /* Clean-up any unused pre-allocated resources */
> - mem_res_sz = (num_resources - res_idx + 1) * sizeof(*mem_res);
> - memblock_free(__pa(mem_res), mem_res_sz);
> + if (res_idx >= 0)
> + memblock_free(__pa(mem_res), (res_idx + 1) * sizeof(*mem_res));
> return;
>
> error:
Ouch! Thanks for the fix.
Acked-by: Nick Kossifidis <mick@ics.forth.gr>
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] riscv: Fix a number of free'd resources in init_resources()
2021-08-07 17:54 [PATCH] riscv: Fix a number of free'd resources in init_resources() Petr Pavlu
2021-08-07 22:54 ` Nick Kossifidis
@ 2021-08-08 10:35 ` Sunil V L
2021-08-20 17:33 ` Palmer Dabbelt
2 siblings, 0 replies; 4+ messages in thread
From: Sunil V L @ 2021-08-08 10:35 UTC (permalink / raw)
To: Petr Pavlu; +Cc: palmer, paul.walmsley, aou, mick, linux-riscv
On Sat, Aug 07, 2021 at 07:54:50PM +0200, Petr Pavlu wrote:
> Function init_resources() allocates a boot memory block to hold an array of
> resources which it adds to iomem_resource. The array is filled in from its
> end and the function then attempts to free any unused memory at the
> beginning. The problem is that size of the unused memory is incorrectly
> calculated and this can result in releasing memory which is in use by
> active resources. Their data then gets corrupted later when the memory is
> reused by a different part of the system.
>
> Fix the size of the released memory to correctly match the number of unused
> resource entries.
>
> Fixes: ffe0e5261268 ("RISC-V: Improve init_resources()")
> Signed-off-by: Petr Pavlu <petr.pavlu@suse.com>
> ---
> arch/riscv/kernel/setup.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
> index 18bd0e4bc36c..120b2f6f71bc 100644
> --- a/arch/riscv/kernel/setup.c
> +++ b/arch/riscv/kernel/setup.c
> @@ -229,8 +229,8 @@ static void __init init_resources(void)
> }
>
> /* Clean-up any unused pre-allocated resources */
> - mem_res_sz = (num_resources - res_idx + 1) * sizeof(*mem_res);
> - memblock_free(__pa(mem_res), mem_res_sz);
> + if (res_idx >= 0)
> + memblock_free(__pa(mem_res), (res_idx + 1) * sizeof(*mem_res));
> return;
>
> error:
I encountered this corruption and your patch came in time.
Thank you very much!
Reviewed-by: Sunil V L <sunilvl@ventanamicro.com>
Tested-by: Sunil V L <sunilvl@ventanamicro.com>
> --
> 2.32.0
>
>
> _______________________________________________
> linux-riscv mailing list
> linux-riscv@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-riscv
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] riscv: Fix a number of free'd resources in init_resources()
2021-08-07 17:54 [PATCH] riscv: Fix a number of free'd resources in init_resources() Petr Pavlu
2021-08-07 22:54 ` Nick Kossifidis
2021-08-08 10:35 ` Sunil V L
@ 2021-08-20 17:33 ` Palmer Dabbelt
2 siblings, 0 replies; 4+ messages in thread
From: Palmer Dabbelt @ 2021-08-20 17:33 UTC (permalink / raw)
To: petr.pavlu; +Cc: Paul Walmsley, aou, mick, linux-riscv, petr.pavlu
On Sat, 07 Aug 2021 10:54:50 PDT (-0700), petr.pavlu@suse.com wrote:
> Function init_resources() allocates a boot memory block to hold an array of
> resources which it adds to iomem_resource. The array is filled in from its
> end and the function then attempts to free any unused memory at the
> beginning. The problem is that size of the unused memory is incorrectly
> calculated and this can result in releasing memory which is in use by
> active resources. Their data then gets corrupted later when the memory is
> reused by a different part of the system.
>
> Fix the size of the released memory to correctly match the number of unused
> resource entries.
>
> Fixes: ffe0e5261268 ("RISC-V: Improve init_resources()")
> Signed-off-by: Petr Pavlu <petr.pavlu@suse.com>
> ---
> arch/riscv/kernel/setup.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/riscv/kernel/setup.c b/arch/riscv/kernel/setup.c
> index 18bd0e4bc36c..120b2f6f71bc 100644
> --- a/arch/riscv/kernel/setup.c
> +++ b/arch/riscv/kernel/setup.c
> @@ -229,8 +229,8 @@ static void __init init_resources(void)
> }
>
> /* Clean-up any unused pre-allocated resources */
> - mem_res_sz = (num_resources - res_idx + 1) * sizeof(*mem_res);
> - memblock_free(__pa(mem_res), mem_res_sz);
> + if (res_idx >= 0)
> + memblock_free(__pa(mem_res), (res_idx + 1) * sizeof(*mem_res));
> return;
>
> error:
Thanks, this is on fixes.
_______________________________________________
linux-riscv mailing list
linux-riscv@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-riscv
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-08-20 17:34 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-07 17:54 [PATCH] riscv: Fix a number of free'd resources in init_resources() Petr Pavlu
2021-08-07 22:54 ` Nick Kossifidis
2021-08-08 10:35 ` Sunil V L
2021-08-20 17:33 ` Palmer Dabbelt
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.