Re: [PATCH] thermal: cpu_cooling: fix out of bounds access in time_in_idle

From: Viresh Kumar
Date: Sun Dec 20 2015 - 22:19:48 EST

Next message: Ming Lei: "Re: IO errors after "block: remove bio_get_nr_vecs()""
Previous message: MaJun: "[PATCH] IRQ/Platform-MSI:Increase the maximum MSIs the MSI framework can support."
In reply to: Javi Merino: "[PATCH] thermal: cpu_cooling: fix out of bounds access in time_in_idle"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 19-12-15, 12:54, Javi Merino wrote:
> In __cpufreq_cooling_register() we allocate the arrays for time_in_idle
> and time_in_idle_timestamp to be as big as the number of cpus in this
> cpufreq device. However, in get_load() we access this array using the
> cpu number as index, which can result in an out of bound access.
>
> Index time_in_idle{,_timestamp} using the index in the cpufreq_device's
> allowed_cpus mask, as we do for the load_cpu array in
> cpufreq_get_requested_power()
>
> Reported-by: Nicolas Boichat <drinkcat@xxxxxxxxxxxx>
> Cc: Amit Daniel Kachhap <amit.kachhap@xxxxxxxxx>
> Cc: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
> Cc: Zhang Rui <rui.zhang@xxxxxxxxx>
> Cc: Eduardo Valentin <edubezval@xxxxxxxxx>
> Signed-off-by: Javi Merino <javi.merino@xxxxxxx>
> ---
> drivers/thermal/cpu_cooling.c | 14 ++++++++------
> 1 file changed, 8 insertions(+), 6 deletions(-)

Acked-by: Viresh Kumar <viresh.kumar@xxxxxxxxxx>

--
viresh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ming Lei: "Re: IO errors after "block: remove bio_get_nr_vecs()""
Previous message: MaJun: "[PATCH] IRQ/Platform-MSI:Increase the maximum MSIs the MSI framework can support."
In reply to: Javi Merino: "[PATCH] thermal: cpu_cooling: fix out of bounds access in time_in_idle"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]