1. Patchew
  2. linux
  3. View series

[PATCH v1] PCI: Cadence: Avoid possible signed 64-bit truncation

Ian Rogers posted 1 patch 1 week, 1 day ago 
drivers/pci/controller/cadence/pcie-cadence-host.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
[PATCH v1] PCI: Cadence: Avoid possible signed 64-bit truncation
Posted by Ian Rogers 1 week, 1 day ago 
64-bit truncation to 32-bit can result in the sign of the truncated
value changing. The cdns_pcie_host_dma_ranges_cmp is used in list_sort
and so the truncation could result in an invalid sort order. This
would only happen were the resource_size values large.

Signed-off-by: Ian Rogers <irogers@google.com>
---
 drivers/pci/controller/cadence/pcie-cadence-host.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/drivers/pci/controller/cadence/pcie-cadence-host.c b/drivers/pci/controller/cadence/pcie-cadence-host.c
index fffd63d6665e..e5fd02305ab6 100644
--- a/drivers/pci/controller/cadence/pcie-cadence-host.c
+++ b/drivers/pci/controller/cadence/pcie-cadence-host.c
@@ -414,11 +414,19 @@ static int cdns_pcie_host_dma_ranges_cmp(void *priv, const struct list_head *a,
 					 const struct list_head *b)
 {
 	struct resource_entry *entry1, *entry2;
+	u64 size1, size2;
 
-        entry1 = container_of(a, struct resource_entry, node);
-        entry2 = container_of(b, struct resource_entry, node);
+	entry1 = container_of(a, struct resource_entry, node);
+	entry2 = container_of(b, struct resource_entry, node);
 
-        return resource_size(entry2->res) - resource_size(entry1->res);
+	size1 = resource_size(entry1->res);
+	size2 = resource_size(entry2->res);
+
+	if (size1 > size2)
+		return -1;
+	if (size1 < size2)
+		return 1;
+	return 0;
 }
 
 static void cdns_pcie_host_unmap_dma_ranges(struct cdns_pcie_rc *rc)
-- 
2.52.0.223.gf5cc29aaa4-goog

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.