From dedc9937e876cb5430bca6a1dccfcc2ff22f8b7c Mon Sep 17 00:00:00 2001 From: Jon Mason Date: Thu, 5 Oct 2006 18:47:21 +0200 Subject: [PATCH] [PATCH] x86-64: Calgary IOMMU: deobfuscate calgary_init calgary_init's for loop does not correspond to the actual device being checked, which makes its upperbound check for array overflow useless. Changing this to a do-while loop is the correct way of doing this. There should be no possibility of spinning forever in this loop, as pci_get_device states that it will go through all iterations, then return NULL (thus breaking the loop). Signed-off-by: Jon Mason Signed-off-by: Muli Ben-Yehuda Signed-off-by: Andi Kleen --- arch/x86_64/kernel/pci-calgary.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/arch/x86_64/kernel/pci-calgary.c b/arch/x86_64/kernel/pci-calgary.c index f760045..1100031 100644 --- a/arch/x86_64/kernel/pci-calgary.c +++ b/arch/x86_64/kernel/pci-calgary.c @@ -816,6 +816,8 @@ static int __init calgary_init_one(struct pci_dev *dev) void __iomem *bbar; int ret; + BUG_ON(dev->bus->number >= MAX_PHB_BUS_NUM); + address = locate_register_space(dev); /* map entire 1MB of Calgary config space */ bbar = ioremap_nocache(address, 1024 * 1024); @@ -842,10 +844,10 @@ done: static int __init calgary_init(void) { - int i, ret = -ENODEV; + int ret = -ENODEV; struct pci_dev *dev = NULL; - for (i = 0; i < MAX_PHB_BUS_NUM; i++) { + do { dev = pci_get_device(PCI_VENDOR_ID_IBM, PCI_DEVICE_ID_IBM_CALGARY, dev); @@ -861,12 +863,12 @@ static int __init calgary_init(void) ret = calgary_init_one(dev); if (ret) goto error; - } + } while (1); return ret; error: - for (i--; i >= 0; i--) { + do { dev = pci_find_device_reverse(PCI_VENDOR_ID_IBM, PCI_DEVICE_ID_IBM_CALGARY, dev); @@ -882,7 +884,7 @@ error: calgary_disable_translation(dev); calgary_free_bus(dev); pci_dev_put(dev); /* Undo calgary_init_one()'s pci_dev_get() */ - } + } while (1); return ret; } -- 2.7.4