mm/vmalloc.c:__vmalloc_area_node(): avoid 32-bit overflow - linux - Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/

diff options

author	Andrew Morton <akpm@linux-foundation.org>	2020-12-14 19:08:43 -0800
committer	Linus Torvalds <torvalds@linux-foundation.org>	2020-12-15 12:13:41 -0800
commit	34fe653716b0d340bc26dd4823d2dbe00c57f849 (patch)
tree	53402bb0e2d5d266b9e1e76ef37133aa04c991e0 /kernel/workqueue.c
parent	locking/selftests: add testcases for fs_reclaim (diff)
download	linux-34fe653716b0d340bc26dd4823d2dbe00c57f849.tar.gz linux-34fe653716b0d340bc26dd4823d2dbe00c57f849.zip

mm/vmalloc.c:__vmalloc_area_node(): avoid 32-bit overflow

With a machine with 3 TB (more than 2 TB memory). If you use vmalloc to allocate > 2 TB memory, the array_size below will be overflowed. The array_size is an unsigned int and can only be used to allocate less than 2 TB memory. If you pass 2*1028*1028*1024*1024 = 2 * 2^40 in the argument of vmalloc. The array_size will become 2*2^31 = 2^32. The 2^32 cannot be store with a 32 bit integer. The fix is to change the type of array_size to unsigned long. [akpm@linux-foundation.org: rework for current mainline] Link: https://bugzilla.kernel.org/show_bug.cgi?id=210023 Reported-by: <hsinhuiwu@gmail.com> Cc: Matthew Wilcox <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Diffstat (limited to 'kernel/workqueue.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: