diff options
author | Jan Beulich <JBeulich@suse.com> | 2012-09-07 07:54:52 +0100 |
---|---|---|
committer | Ingo Molnar <mingo@kernel.org> | 2012-09-07 10:56:02 +0200 |
commit | d4c9dbc61fe0ca042b835c6f234af12fa5f18310 (patch) | |
tree | ea2e11e59de9492a7984fc9681da99b1e4239881 | |
parent | 057237bb35a605d795fd787868a1088705f26ee5 (diff) | |
download | op-kernel-dev-d4c9dbc61fe0ca042b835c6f234af12fa5f18310.zip op-kernel-dev-d4c9dbc61fe0ca042b835c6f234af12fa5f18310.tar.gz |
x86/mm: Fix range check in tlbflush debugfs interface
Since the shift count settable there is used for shifting values
of type "unsigned long", its value must not match or exceed
BITS_PER_LONG (otherwise the shift operations are undefined).
Similarly, the value must not be negative (but -1 must be
permitted, as that's the value used to distinguish the case of
the fine grained flushing being disabled).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Cc: Alex Shi <alex.shi@intel.com>
Link: http://lkml.kernel.org/r/5049B65C020000780009990C@nat28.tlf.novell.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
-rw-r--r-- | arch/x86/mm/tlb.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c index 613cd83..a085c56 100644 --- a/arch/x86/mm/tlb.c +++ b/arch/x86/mm/tlb.c @@ -320,7 +320,7 @@ static ssize_t tlbflush_write_file(struct file *file, if (kstrtos8(buf, 0, &shift)) return -EINVAL; - if (shift > 64) + if (shift < -1 || shift >= BITS_PER_LONG) return -EINVAL; tlb_flushall_shift = shift; |