x86-64: Calgary IOMMU: deobfuscate calgary_init From: Jon Mason calgary_init's for loop does not correspond to the actual device being checked, which makes its upperbound check for array overflow useless. Changing this to a do-while loop is the correct way of doing this. There should be no possibility of spinning forever in this loop, as pci_get_device states that it will go through all iterations, then return NULL (thus breaking the loop). Signed-off-by: Jon Mason Signed-off-by: Muli Ben-Yehuda Signed-off-by: Andi Kleen --- arch/x86_64/kernel/pci-calgary.c | 12 +++++++----- 1 files changed, 7 insertions(+), 5 deletions(-) Index: linux/arch/x86_64/kernel/pci-calgary.c =================================================================== --- linux.orig/arch/x86_64/kernel/pci-calgary.c +++ linux/arch/x86_64/kernel/pci-calgary.c @@ -817,6 +817,8 @@ static int __init calgary_init_one(struc void __iomem *bbar; int ret; + BUG_ON(dev->bus->number >= MAX_PHB_BUS_NUM); + address = locate_register_space(dev); /* map entire 1MB of Calgary config space */ bbar = ioremap_nocache(address, 1024 * 1024); @@ -843,10 +845,10 @@ done: static int __init calgary_init(void) { - int i, ret = -ENODEV; + int ret = -ENODEV; struct pci_dev *dev = NULL; - for (i = 0; i < MAX_PHB_BUS_NUM; i++) { + do { dev = pci_get_device(PCI_VENDOR_ID_IBM, PCI_DEVICE_ID_IBM_CALGARY, dev); @@ -862,12 +864,12 @@ static int __init calgary_init(void) ret = calgary_init_one(dev); if (ret) goto error; - } + } while (1); return ret; error: - for (i--; i >= 0; i--) { + do { dev = pci_find_device_reverse(PCI_VENDOR_ID_IBM, PCI_DEVICE_ID_IBM_CALGARY, dev); @@ -883,7 +885,7 @@ error: calgary_disable_translation(dev); calgary_free_bus(dev); pci_dev_put(dev); /* Undo calgary_init_one()'s pci_dev_get() */ - } + } while (1); return ret; }