From: Stephen Warren Date: Mon, 11 Aug 2014 22:09:28 +0000 (-0600) Subject: pci: fix overflow in __pci_hose_bus_to_phys w/ large RAM X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=d878c9a932eae626aced58128357fc6155f88739;p=project%2Fbcm63xx%2Fu-boot.git pci: fix overflow in __pci_hose_bus_to_phys w/ large RAM If a 32-bit system has 2GB of RAM, and the base address of that RAM is 2GB, then start+size will overflow a 32-bit value (to a value of 0). To avoid such an overflow, convert __pci_hose_bus_to_phys() to calculate the offset of a bus address into a PCI region, rather than comparing a bus address against the end of a PCI region. Signed-off-by: Stephen Warren --- diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c index ed113bf402..4fd9c532b3 100644 --- a/drivers/pci/pci.c +++ b/drivers/pci/pci.c @@ -323,7 +323,7 @@ int __pci_hose_bus_to_phys(struct pci_controller *hose, continue; if (bus_addr >= res->bus_start && - bus_addr < res->bus_start + res->size) { + (bus_addr - res->bus_start) < res->size) { *pa = (bus_addr - res->bus_start + res->phys_start); return 0; }