| Message ID | 20160929175725.14157-1-colin.king@canonical.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
On Thu, 2016-09-29 at 18:57 +0100, Colin King wrote: > Currently U300_DMA_CHANNELS is set to 40, meaning that the shift of 1 can > be more than 32 places, which leads to a 32 bit integer overflow. Fix this > by casting 1 to a u64 (the same type as started_channels) before shifting > it. trivia: > diff --git a/drivers/dma/coh901318.c b/drivers/dma/coh901318.c [] > @@ -1353,7 +1353,7 @@ static ssize_t coh901318_debugfs_read(struct file *file, char __user *buf, > tmp += sprintf(tmp, "DMA -- enabled dma channels\n"); > > for (i = 0; i < U300_DMA_CHANNELS; i++) > - if (started_channels & (1 << i)) > + if (started_channels & ((u64)1 << i)) Using if (started_channels & (1ULL << i)) would be more common. It's also how started_channel bits are set and cleared later in the file. And maybe the for loop should use braces. -- To unsubscribe from this list: send the line "unsubscribe dmaengine" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, Sep 29, 2016 at 8:06 PM, Joe Perches <joe@perches.com> wrote: > On Thu, 2016-09-29 at 18:57 +0100, Colin King wrote: >> Currently U300_DMA_CHANNELS is set to 40, meaning that the shift of 1 can >> be more than 32 places, which leads to a 32 bit integer overflow. Fix this >> by casting 1 to a u64 (the same type as started_channels) before shifting >> it. > > trivia: > >> diff --git a/drivers/dma/coh901318.c b/drivers/dma/coh901318.c > [] >> @@ -1353,7 +1353,7 @@ static ssize_t coh901318_debugfs_read(struct file *file, char __user *buf, >> tmp += sprintf(tmp, "DMA -- enabled dma channels\n"); >> >> for (i = 0; i < U300_DMA_CHANNELS; i++) >> - if (started_channels & (1 << i)) >> + if (started_channels & ((u64)1 << i)) > > Using > > if (started_channels & (1ULL << i)) > > would be more common. Even better (IMO): #include <linux/bitops.h> if (started_channels & BIT(i)) Apparently code is there to avoid the bit 31 problem, mea culpa. Yours, Linus Walleij -- To unsubscribe from this list: send the line "unsubscribe dmaengine" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Oct 04, 2016 at 02:23:51PM +0200, Linus Walleij wrote: > On Thu, Sep 29, 2016 at 8:06 PM, Joe Perches <joe@perches.com> wrote: > > On Thu, 2016-09-29 at 18:57 +0100, Colin King wrote: > >> Currently U300_DMA_CHANNELS is set to 40, meaning that the shift of 1 can > >> be more than 32 places, which leads to a 32 bit integer overflow. Fix this > >> by casting 1 to a u64 (the same type as started_channels) before shifting > >> it. > > > > trivia: > > > >> diff --git a/drivers/dma/coh901318.c b/drivers/dma/coh901318.c > > [] > >> @@ -1353,7 +1353,7 @@ static ssize_t coh901318_debugfs_read(struct file *file, char __user *buf, > >> tmp += sprintf(tmp, "DMA -- enabled dma channels\n"); > >> > >> for (i = 0; i < U300_DMA_CHANNELS; i++) > >> - if (started_channels & (1 << i)) > >> + if (started_channels & ((u64)1 << i)) > > > > Using > > > > if (started_channels & (1ULL << i)) > > > > would be more common. > > Even better (IMO): > > #include <linux/bitops.h> > > if (started_channels & BIT(i)) > > Apparently code is there to avoid the bit 31 problem, mea culpa. I have already applied this one, so feel free to send this as an update :)
On Tue, 2016-10-04 at 21:06 +0530, Vinod Koul wrote: > On Tue, Oct 04, 2016 at 02:23:51PM +0200, Linus Walleij wrote: > > On Thu, Sep 29, 2016 at 8:06 PM, Joe Perches <joe@perches.com> wrote: > > > On Thu, 2016-09-29 at 18:57 +0100, Colin King wrote: > > > > Currently U300_DMA_CHANNELS is set to 40, meaning that the shift of 1 can > > > > be more than 32 places, which leads to a 32 bit integer overflow. Fix this > > > > by casting 1 to a u64 (the same type as started_channels) before shifting > > > > it. > > > trivia: > > > > diff --git a/drivers/dma/coh901318.c b/drivers/dma/coh901318.c > > > [] > > > > @@ -1353,7 +1353,7 @@ static ssize_t coh901318_debugfs_read(struct file *file, char __user *buf, > > > > tmp += sprintf(tmp, "DMA -- enabled dma channels\n"); > > > > > > > > for (i = 0; i < U300_DMA_CHANNELS; i++) > > > > - if (started_channels & (1 << i)) > > > > + if (started_channels & ((u64)1 << i)) > > > Using > > > if (started_channels & (1ULL << i)) > > > would be more common. > > Even better (IMO): > > #include <linux/bitops.h> > > if (started_channels & BIT(i)) > > Apparently code is there to avoid the bit 31 problem, mea culpa. > I have already applied this one, so feel free to send this as an update :) BIT_ULL as it still needs to be u64 not unsigned long. But if a change is really desired, please use it consistently in the entire file and not just this instance. -- To unsubscribe from this list: send the line "unsubscribe dmaengine" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/dma/coh901318.c b/drivers/dma/coh901318.c index 2835f3e..98611e3 100644 --- a/drivers/dma/coh901318.c +++ b/drivers/dma/coh901318.c @@ -1353,7 +1353,7 @@ static ssize_t coh901318_debugfs_read(struct file *file, char __user *buf, tmp += sprintf(tmp, "DMA -- enabled dma channels\n"); for (i = 0; i < U300_DMA_CHANNELS; i++) - if (started_channels & (1 << i)) + if (started_channels & ((u64)1 << i)) tmp += sprintf(tmp, "channel %d\n", i); tmp += sprintf(tmp, "Pool alloc nbr %d\n", pool_count);