Hello,
(CC: +Tony Luck.
Original Patch: lore.kernel.org/r/20190626054011.30044-1-de...@etsukata.com )
On 26/06/2019 06:40, Eiichi Tsukata wrote:
> Commit 9da21b1509d8 ("EDAC: Poll timeout cannot be zero, p2") assumes
> edac_mc_poll_msec to be unsigned long, but the type of the variable still
> remained as int. Setting edac_mc_poll_msec can trigger out-of-bounds
> write.
Thanks for catching this!
> Fix it by changing the type of edac_mc_poll_msec to unsigned int.
This means reverting more of 9da21b1509d8, but it also fixes signed/unsigned
issues:
| root@debian-guest:/sys/module/edac_core/parameters# echo 4294967295 >
edac_mc_poll_msec
| root@debian-guest:/sys/module/edac_core/parameters# cat edac_mc_poll_msec
| -1
| root@debian-guest:/sys/module/edac_core/parameters# echo -1 >
edac_mc_poll_msec
| -bash: echo: write error: Invalid argument
> The reason why this patch adopts unsigned int rather than unsigned long
> is msecs_to_jiffies() assumes arg to be unsigned int.
Ah, so the range is limited anyway.
It looks like it was switched to long to be consistent with
edac_mc_workq_setup(), which
has since been removed in preference to msecs_to_jiffies().
Reviewed-by: James Morse <james.mo...@arm.com>
Thanks,
James
