[boot-wrapper PATCH] fix array boundary check in find_logical_id
Andre Przywara
andre.przywara at arm.com
Tue Oct 4 07:49:20 PDT 2022
On Tue, 17 May 2022 14:43:05 +0100
Andre Przywara <andre.przywara at arm.com> wrote:
Hi,
any chance someone can please have a look at this?
Cheers,
Andre
> When we are trying to find the array index for a given MPIDR, we check
> that we don't overrun the array boundary, by comparing against NR_CPUS.
> However the resulting conditional branch should also fire when we reach
> the exact number of elements, since it's all 0 based.
>
> Change the comparison to be '>=' instead of just '>', to only allow
> array indicies 0 .. (NR_CPUS - 1).
>
> Signed-off-by: Andre Przywara <andre.przywara at arm.com>
> ---
> arch/aarch32/utils.S | 2 +-
> arch/aarch64/utils.S | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/aarch32/utils.S b/arch/aarch32/utils.S
> index 58279aa..d28ab19 100644
> --- a/arch/aarch32/utils.S
> +++ b/arch/aarch32/utils.S
> @@ -24,7 +24,7 @@ ASM_FUNC(find_logical_id)
> 1: mov r3, #NR_CPUS
>
> cmp r1, r3
> - bgt 3f
> + bge 3f
> ldr r3, [r2, r1, lsl #2]
> cmp r3, r0
> beq 2f
> diff --git a/arch/aarch64/utils.S b/arch/aarch64/utils.S
> index 32393cc..89aa124 100644
> --- a/arch/aarch64/utils.S
> +++ b/arch/aarch64/utils.S
> @@ -22,7 +22,7 @@ ASM_FUNC(find_logical_id)
> mov x1, xzr
> 1: mov x3, #NR_CPUS // check we haven't walked off the end of the array
> cmp x1, x3
> - b.gt 3f
> + b.ge 3f
> ldr x3, [x2, x1, lsl #3]
> cmp x3, x0
> b.eq 2f
More information about the linux-arm-kernel
mailing list