1
linux/lib
Paul Mackerras d9024df02f [LMB] Restructure allocation loops to avoid unsigned underflow
There is a potential bug in __lmb_alloc_base where we subtract `size'
from the base address of a reserved region without checking whether
the subtraction could wrap around and produce a very large unsigned
value.  In fact it probably isn't possible to hit the bug in practice
since it would only occur in the situation where we can't satisfy the
allocation request and there is a reserved region starting at 0.

This fixes the potential bug by breaking out of the loop when we get
to the point where the base of the reserved region is less than the
size requested.  This also restructures the loop to be a bit easier to
follow.

The same logic got copied into lmb_alloc_nid_unreserved, so this makes
a similar change there.  Here the bug is more likely to be hit because
the outer loop  (in lmb_alloc_nid) goes through the memory regions in
increasing order rather than decreasing order as __lmb_alloc_base
does, and we are therefore more likely to hit the case where we are
testing against a reserved region with a base address of 0.

Signed-off-by: Paul Mackerras <paulus@samba.org>
2008-04-15 21:22:17 +10:00
..
lzo lzo: fix typo in decompressor 2008-04-10 15:34:05 -07:00
reed_solomon [MTD] [NAND] Replace -1 with -EBADMSG in nand error correction code 2007-10-20 22:30:54 +01:00
zlib_deflate lib/: Spelling fixes 2008-02-03 17:48:52 +02:00
zlib_inflate [ZLIB]: Fix external builds of zlib_inflate code. 2007-10-11 22:17:20 -07:00
.gitignore
argv_split.c LIB: Replace inappropriate include of <linux/bug.h> 2007-10-20 00:26:10 +02:00
audit.c
bitmap.c Fix bitmap_scnlistprintf for empty masks 2007-11-05 15:12:32 -08:00
bitrev.c
bug.c
bust_spinlocks.c handle recursive calls to bust_spinlocks() 2007-10-17 08:42:56 -07:00
check_signature.c
cmdline.c
cpumask.c
crc7.c
crc16.c
crc32.c lib/: Spelling fixes 2008-02-03 17:48:52 +02:00
crc32defs.h
crc-ccitt.c
crc-itu-t.c
ctype.c
debug_locks.c
dec_and_lock.c
devres.c devres: implement pcim_iomap_regions_request_all() 2008-03-17 08:26:44 -04:00
div64.c
dump_stack.c
extable.c lib/extable.c: remove an expensive integer divide in search_extable() 2008-02-06 10:41:08 -08:00
fault-inject.c libfs: allow error return from simple attributes 2008-02-08 09:22:34 -08:00
find_next_bit.c ext4: Add ext4_find_next_bit() 2008-01-28 23:58:27 -05:00
gen_crc32table.c
genalloc.c
halfmd4.c
hexdump.c hexdump: don't print bytes with bit 7 set 2007-11-29 09:24:53 -08:00
hweight.c remove asm/bitops.h includes 2007-10-19 11:53:41 -07:00
idr.c Slab API: remove useless ctor parameter and reorder parameters 2007-10-17 08:42:45 -07:00
inflate.c
int_sqrt.c
iomap_copy.c
iomap.c x86-32: Pass the full resource data to ioremap() 2008-03-24 11:22:39 -07:00
iommu-helper.c iommu: export iommu_is_span_boundary helper function 2008-03-04 16:35:17 -08:00
ioremap.c lib/ioremap.c should #include <linux/io.h> 2007-10-17 08:42:50 -07:00
irq_regs.c
kasprintf.c
Kconfig [LIB]: Make PowerPC LMB code generic so sparc64 can use it too. 2008-02-13 16:56:49 -08:00
Kconfig.debug make LKDTM depend on BLOCK 2008-02-23 17:12:13 -08:00
kernel_lock.c sched: remove the !PREEMPT_BKL code 2008-01-25 21:08:33 +01:00
klist.c
kobject_uevent.c fix uevent action-string regression 2008-03-30 14:55:49 -07:00
kobject.c kobject: properly initialize ksets 2008-03-04 14:47:05 -08:00
kref.c kref: add kref_set() 2008-01-24 20:40:05 -08:00
libcrc32c.c [LIB] crc32c: Keep intermediate crc state in cpu order 2007-11-08 21:34:09 +08:00
list_debug.c
lmb.c [LMB] Restructure allocation loops to avoid unsigned underflow 2008-04-15 21:22:17 +10:00
locking-selftest-hardirq.h
locking-selftest-mutex.h
locking-selftest-rlock-hardirq.h
locking-selftest-rlock-softirq.h
locking-selftest-rlock.h
locking-selftest-rsem.h
locking-selftest-softirq.h
locking-selftest-spin-hardirq.h
locking-selftest-spin-softirq.h
locking-selftest-spin.h
locking-selftest-wlock-hardirq.h
locking-selftest-wlock-softirq.h
locking-selftest-wlock.h
locking-selftest-wsem.h
locking-selftest.c
Makefile [LIB]: Make PowerPC LMB code generic so sparc64 can use it too. 2008-02-13 16:56:49 -08:00
parser.c
pcounter.c [LIB] pcounter : unline too big functions 2008-01-28 15:00:35 -08:00
percpu_counter.c Add irq protection in the percpu-counters cpu-hotplug-callback path 2007-10-19 11:53:44 -07:00
plist.c
prio_heap.c Fix cpusets update_cpumask 2007-10-19 11:53:41 -07:00
prio_tree.c
proportions.c lib: proportion: fix underflow in prop_norm_percpu() 2007-12-23 12:54:37 -08:00
radix-tree.c radix-tree: avoid atomic allocations for preloaded insertions 2008-02-05 09:44:17 -08:00
random32.c [NET]: srandom32 fixes for networking v2 2008-04-03 14:07:02 -07:00
rbtree.c
reciprocal_div.c
rwsem-spinlock.c lib: remove fastcall from lib/* 2008-02-08 09:22:31 -08:00
rwsem.c x86: fix UML and -regparm=3 2008-01-30 13:33:00 +01:00
scatterlist.c SG: work with the SCSI fixed maximum allocations. 2008-01-28 10:54:49 +01:00
semaphore-sleepers.c lib: remove fastcall from lib/* 2008-02-08 09:22:31 -08:00
sha1.c
smp_processor_id.c debug_smp_processor_id() fixlets 2008-02-06 10:41:09 -08:00
sort.c lib/sort.c optimization 2007-10-17 08:42:52 -07:00
spinlock_debug.c Use helpers to obtain task pid in printks 2007-10-19 11:53:43 -07:00
string.c
swiotlb.c avoid endless loops in lib/swiotlb.c 2008-03-13 13:15:52 -07:00
textsearch.c [TEXTSEARCH]: Do not allow zero length patterns in the textsearch infrastructure 2007-12-01 00:03:52 +11:00
ts_bm.c
ts_fsm.c
ts_kmp.c
vsprintf.c lib/vsprintf.c: fix bug omitting minus sign of numbers (module_param) 2008-02-23 17:12:14 -08:00