]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e44db60) | patch
mm/vmalloc.c:__vmalloc_area_node(): avoid 32-bit overflow
authorAndrew Morton <akpm@linux-foundation.org>
Tue, 15 Dec 2020 03:08:43 +0000 (19:08 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Tue, 15 Dec 2020 20:13:41 +0000 (12:13 -0800)
commit6da6605d6badc7a953af715046ea0050bbf54402
tree53402bb0e2d5d266b9e1e76ef37133aa04c991e0tree | snapshot
parente44db60171cbef3f12b671cdcdfb862cd3e8d0dbcommit | diff
mm/vmalloc.c:__vmalloc_area_node(): avoid 32-bit overflow

With a machine with 3 TB (more than 2 TB memory).  If you use vmalloc to
allocate > 2 TB memory, the array_size below will be overflowed.

The array_size is an unsigned int and can only be used to allocate less
than 2 TB memory.  If you pass 2*1028*1028*1024*1024 = 2 * 2^40 in the
argument of vmalloc.  The array_size will become 2*2^31 = 2^32.  The 2^32
cannot be store with a 32 bit integer.

The fix is to change the type of array_size to unsigned long.

[akpm@linux-foundation.org: rework for current mainline]

Link: https://bugzilla.kernel.org/show_bug.cgi?id=210023
Reported-by: <hsinhuiwu@gmail.com>
Cc: Matthew Wilcox <willy@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
mm/vmalloc.c diff | blob | history
Linux Kernel Source Tree.