2020-06-04 07:38:35

by Herbert Xu

Subject: [PATCH] crypto: hisilicon - Cap block size at 2^31

The function hisi_acc_create_sg_pool may allocate a block of
memory of size PAGE_SIZE * 2^(MAX_ORDER - 1). This value may
exceed 2^31 on ia64, which would overflow the u32.

This patch caps it at 2^31.

Reported-by: kernel test robot <[email protected]>
Fixes: d8ac7b85236b ("crypto: hisilicon - fix large sgl memory...")
Signed-off-by: Herbert Xu <[email protected]>

diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c
index 0e8c7e324fb4..725a739800b0 100644
--- a/drivers/crypto/hisilicon/sgl.c
+++ b/drivers/crypto/hisilicon/sgl.c
@@ -66,7 +66,8 @@ struct hisi_acc_sgl_pool *hisi_acc_create_sgl_pool(struct device *dev,

sgl_size = sizeof(struct acc_hw_sge) * sge_nr +
sizeof(struct hisi_acc_hw_sgl);
- block_size = PAGE_SIZE * (1 << (MAX_ORDER - 1));
+ block_size = 1 << (PAGE_SHIFT + MAX_ORDER <= 32 ?
+ PAGE_SHIFT + MAX_ORDER - 1 : 31);
sgl_num_per_block = block_size / sgl_size;
block_num = count / sgl_num_per_block;
remain_sgl = count % sgl_num_per_block;
--
Email: Herbert Xu <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

2020-06-04 13:57:53

by Zhou Wang

Subject: Re: [PATCH] crypto: hisilicon - Cap block size at 2^31

On 2020/6/4 15:37, Herbert Xu wrote:
> The function hisi_acc_create_sg_pool may allocate a block of
> memory of size PAGE_SIZE * 2^(MAX_ORDER - 1). This value may
> exceed 2^31 on ia64, which would overflow the u32.
>
> This patch caps it at 2^31.
>
> Reported-by: kernel test robot <[email protected]>
> Fixes: d8ac7b85236b ("crypto: hisilicon - fix large sgl memory...")
> Signed-off-by: Herbert Xu <[email protected]>

Fine to me, Thanks!

>
> diff --git a/drivers/crypto/hisilicon/sgl.c b/drivers/crypto/hisilicon/sgl.c
> index 0e8c7e324fb4..725a739800b0 100644
> --- a/drivers/crypto/hisilicon/sgl.c
> +++ b/drivers/crypto/hisilicon/sgl.c
> @@ -66,7 +66,8 @@ struct hisi_acc_sgl_pool *hisi_acc_create_sgl_pool(struct device *dev,
>
> sgl_size = sizeof(struct acc_hw_sge) * sge_nr +
> sizeof(struct hisi_acc_hw_sgl);
> - block_size = PAGE_SIZE * (1 << (MAX_ORDER - 1));
> + block_size = 1 << (PAGE_SHIFT + MAX_ORDER <= 32 ?
> + PAGE_SHIFT + MAX_ORDER - 1 : 31);
> sgl_num_per_block = block_size / sgl_size;
> block_num = count / sgl_num_per_block;
> remain_sgl = count % sgl_num_per_block;
>