Re: [PATCH V4 1/4] genirq/affinity: store interrupt sets size in 'struct irq_affinity'

From: Thomas Gleixner
Date: Thu Feb 14 2019 - 09:04:38 EST

Next message: Steven Rostedt: "Re: [PATCH V4 7/9] x86/alternative: Batch of patch operations"
Previous message: Marc Zyngier: "Re: [PATCH 01/10] irqchip/csky: Support csky,dh7k SOC intc driver"
In reply to: Ming Lei: "[PATCH V4 1/4] genirq/affinity: store interrupt sets size in 'struct irq_affinity'"
Next in thread: Thomas Gleixner: "Re: [PATCH V4 1/4] genirq/affinity: store interrupt sets size in 'struct irq_affinity'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 14 Feb 2019, Ming Lei wrote:
> /**
> * struct irq_affinity - Description for automatic irq affinity assignements
> * @pre_vectors: Don't apply affinity to @pre_vectors at beginning of
> @@ -266,13 +268,13 @@ struct irq_affinity_notify {
> * @post_vectors: Don't apply affinity to @post_vectors at end of
> * the MSI(-X) vector space
> * @nr_sets: Length of passed in *sets array
> - * @sets: Number of affinitized sets
> + * @set_size: Number of affinitized sets

Both nr_sets and set_size comments are wrong ...

> nr_sets = affd->nr_sets;
> - if (!nr_sets)
> + if (!nr_sets) {
> nr_sets = 1;
> + set_size[0] = affvecs;
> + } else {
> + memcpy(set_size, affd->set_size,
> + IRQ_AFFINITY_MAX_SETS * sizeof(int));

Uuurgh. No. This needs to be nr_sets * sizeof(int) otherwise you copy
beyond the size of the source. nr_sets is already verified to be less than
IRQ_AFFINITY_MAX_SETS.

Fixed it up.

Thanks,

tglx

Next message: Steven Rostedt: "Re: [PATCH V4 7/9] x86/alternative: Batch of patch operations"
Previous message: Marc Zyngier: "Re: [PATCH 01/10] irqchip/csky: Support csky,dh7k SOC intc driver"
In reply to: Ming Lei: "[PATCH V4 1/4] genirq/affinity: store interrupt sets size in 'struct irq_affinity'"
Next in thread: Thomas Gleixner: "Re: [PATCH V4 1/4] genirq/affinity: store interrupt sets size in 'struct irq_affinity'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]