lmb: do not panic in lmb_print_region_flags
Commit c3cf0dc64f1c ("lmb: add a check to prevent memory overrun")
addressed a possible buffer overrun using assert_noisy().
Resetting via panic() in lmb_print_region() while allowing invalid
lmb flags elsewhere is not reasonable.
Instead of panicking print a message indicating the problem.
fls() returns an int. Using a u64 for bitpos does not match.
Use int instead.
fls() takes an int as argument. Using 1ull << bitpos generates a u64.
Use 1u << bitpos instead.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Acked-by: Sughosh Ganu <sughosh.ganu@linaro.org>
diff --git a/lib/lmb.c b/lib/lmb.c
index 74ffa9f..3dfd8f4 100644
--- a/lib/lmb.c
+++ b/lib/lmb.c
@@ -481,16 +481,22 @@
static void lmb_print_region_flags(enum lmb_flags flags)
{
- u64 bitpos;
const char *flag_str[] = { "none", "no-map", "no-overwrite", "no-notify" };
+ unsigned int pflags = flags &
+ (LMB_NOMAP | LMB_NOOVERWRITE | LMB_NONOTIFY);
+
+ if (flags != pflags) {
+ printf("invalid %#x\n", flags);
+ return;
+ }
do {
- bitpos = flags ? fls(flags) - 1 : 0;
- assert_noisy(bitpos < ARRAY_SIZE(flag_str));
+ int bitpos = pflags ? fls(pflags) - 1 : 0;
+
printf("%s", flag_str[bitpos]);
- flags &= ~(1ull << bitpos);
- puts(flags ? ", " : "\n");
- } while (flags);
+ pflags &= ~(1u << bitpos);
+ puts(pflags ? ", " : "\n");
+ } while (pflags);
}
static void lmb_dump_region(struct alist *lmb_rgn_lst, char *name)