1. Patchew
  2. linux
  3. View series

[PATCH v1] PCI: Cadence: Avoid possible signed 64-bit truncation

Ian Rogers posted 1 patch 1 month, 4 weeks ago 
drivers/pci/controller/cadence/pcie-cadence-host.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
[PATCH v1] PCI: Cadence: Avoid possible signed 64-bit truncation
Posted by Ian Rogers 1 month, 4 weeks ago 
64-bit truncation to 32-bit can result in the sign of the truncated
value changing. The cdns_pcie_host_dma_ranges_cmp is used in list_sort
and so the truncation could result in an invalid sort order. This
would only happen were the resource_size values large.

Signed-off-by: Ian Rogers <irogers@google.com>
---
 drivers/pci/controller/cadence/pcie-cadence-host.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/drivers/pci/controller/cadence/pcie-cadence-host.c b/drivers/pci/controller/cadence/pcie-cadence-host.c
index fffd63d6665e..e5fd02305ab6 100644
--- a/drivers/pci/controller/cadence/pcie-cadence-host.c
+++ b/drivers/pci/controller/cadence/pcie-cadence-host.c
@@ -414,11 +414,19 @@ static int cdns_pcie_host_dma_ranges_cmp(void *priv, const struct list_head *a,
 					 const struct list_head *b)
 {
 	struct resource_entry *entry1, *entry2;
+	u64 size1, size2;
 
-        entry1 = container_of(a, struct resource_entry, node);
-        entry2 = container_of(b, struct resource_entry, node);
+	entry1 = container_of(a, struct resource_entry, node);
+	entry2 = container_of(b, struct resource_entry, node);
 
-        return resource_size(entry2->res) - resource_size(entry1->res);
+	size1 = resource_size(entry1->res);
+	size2 = resource_size(entry2->res);
+
+	if (size1 > size2)
+		return -1;
+	if (size1 < size2)
+		return 1;
+	return 0;
 }
 
 static void cdns_pcie_host_unmap_dma_ranges(struct cdns_pcie_rc *rc)
-- 
2.52.0.223.gf5cc29aaa4-goog
Re: [PATCH v1] PCI: Cadence: Avoid possible signed 64-bit truncation
Posted by Manivannan Sadhasivam 1 month, 2 weeks ago 
On Tue, Dec 09, 2025 at 02:37:56PM -0800, Ian Rogers wrote:
> 64-bit truncation to 32-bit can result in the sign of the truncated
> value changing. The cdns_pcie_host_dma_ranges_cmp is used in list_sort
> and so the truncation could result in an invalid sort order. This
> would only happen were the resource_size values large.
> 
> Signed-off-by: Ian Rogers <irogers@google.com>

Applied to pci/controller/cadence!

- Mani

> ---
>  drivers/pci/controller/cadence/pcie-cadence-host.c | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/pci/controller/cadence/pcie-cadence-host.c b/drivers/pci/controller/cadence/pcie-cadence-host.c
> index fffd63d6665e..e5fd02305ab6 100644
> --- a/drivers/pci/controller/cadence/pcie-cadence-host.c
> +++ b/drivers/pci/controller/cadence/pcie-cadence-host.c
> @@ -414,11 +414,19 @@ static int cdns_pcie_host_dma_ranges_cmp(void *priv, const struct list_head *a,
>  					 const struct list_head *b)
>  {
>  	struct resource_entry *entry1, *entry2;
> +	u64 size1, size2;
>  
> -        entry1 = container_of(a, struct resource_entry, node);
> -        entry2 = container_of(b, struct resource_entry, node);
> +	entry1 = container_of(a, struct resource_entry, node);
> +	entry2 = container_of(b, struct resource_entry, node);
>  
> -        return resource_size(entry2->res) - resource_size(entry1->res);
> +	size1 = resource_size(entry1->res);
> +	size2 = resource_size(entry2->res);
> +
> +	if (size1 > size2)
> +		return -1;
> +	if (size1 < size2)
> +		return 1;
> +	return 0;
>  }
>  
>  static void cdns_pcie_host_unmap_dma_ranges(struct cdns_pcie_rc *rc)
> -- 
> 2.52.0.223.gf5cc29aaa4-goog
> 

-- 
மணிவண்ணன் சதாசிவம்

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.