Re: [PATCH 4.19 41/88] net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()
From: Pavel Machek
Date: Tue Sep 08 2020 - 15:53:39 EST
Hi!
> On machines with much memory (> 2 TByte) and log_mtts_per_seg == 0, a
> max_order of 31 will be passed to mlx_buddy_init(), which results in
> s = BITS_TO_LONGS(1 << 31) becoming a negative value, leading to
> kvmalloc_array() failure when it is converted to size_t.
>
> mlx4_core 0000:b1:00.0: Failed to initialize memory region table, aborting
> mlx4_core: probe of 0000:b1:00.0 failed with error -12
>
> Fix this issue by changing the left shifting operand from a signed literal to
> an unsigned one.
Will we still have problems with > 4 TByte machines? Should the
computation be done in u64?
Best regards,
Pavel
> Fixes: 225c7b1feef1 ("IB/mlx4: Add a driver Mellanox ConnectX InfiniBand adapters")
> Signed-off-by: Shung-Hsi Yu <shung-hsi.yu@xxxxxxxx>
> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
> Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
> +++ b/drivers/net/ethernet/mellanox/mlx4/mr.c
> @@ -114,7 +114,7 @@ static int mlx4_buddy_init(struct mlx4_buddy *buddy, int max_order)
> goto err_out;
>
> for (i = 0; i <= buddy->max_order; ++i) {
> - s = BITS_TO_LONGS(1 << (buddy->max_order - i));
> + s = BITS_TO_LONGS(1UL << (buddy->max_order - i));
> buddy->bits[i] = kvmalloc_array(s, sizeof(long), GFP_KERNEL | __GFP_ZERO);
> if (!buddy->bits[i])
> goto err_out_free;
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: PGP signature