When the CONFIG_ARM_LPAE is enabled on arm32, the physical address may exceed 32 bits. In the devmem_is_allowed function, the physical address is obtained through displacement of the physical page number.Without explicit translation, the physical address may overflow and be truncated. Use the PFN_PHYS macro to fix this bug.
This bug was initially introduced in v2.6.37 with commit:087aaffcdf9c91. In v5.10, this code has been modified by commit:527701eda5f196.
Fixes: 527701eda5f196 ("lib: Add a generic version of devmem_is_allowed") Fixes: 087aaffcdf9c91 ("ARM: implement CONFIG_STRICT_DEVMEM by disabling access to RAM via /dev/mem") Cc: stable@vger.kernel.org # v2.6.37 Signed-off-by: Liang Wang wangliang101@huawei.com --- lib/devmem_is_allowed.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/devmem_is_allowed.c b/lib/devmem_is_allowed.c index c0d67c541849..60be9e24bd57 100644 --- a/lib/devmem_is_allowed.c +++ b/lib/devmem_is_allowed.c @@ -19,7 +19,7 @@ */ int devmem_is_allowed(unsigned long pfn) { - if (iomem_is_exclusive(pfn << PAGE_SHIFT)) + if (iomem_is_exclusive(PFN_PHYS(pfn))) return 0; if (!page_is_ram(pfn)) return 1;