projects
/
cascardo
/
linux.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
powerpc/powernv: fix construction of opal PRD messages
[cascardo/linux.git]
/
arch
/
powerpc
/
platforms
/
powernv
/
opal-prd.c
diff --git
a/arch/powerpc/platforms/powernv/opal-prd.c
b/arch/powerpc/platforms/powernv/opal-prd.c
index
d9e72bd
..
46cb3fe
100644
(file)
--- a/
arch/powerpc/platforms/powernv/opal-prd.c
+++ b/
arch/powerpc/platforms/powernv/opal-prd.c
@@
-32,9
+32,13
@@
#include <asm/uaccess.h>
#include <asm/uaccess.h>
+/**
+ * The msg member must be at the end of the struct, as it's followed by the
+ * message data.
+ */
struct opal_prd_msg_queue_item {
struct opal_prd_msg_queue_item {
- struct opal_prd_msg_header msg;
struct list_head list;
struct list_head list;
+ struct opal_prd_msg_header msg;
};
static struct device_node *prd_node;
};
static struct device_node *prd_node;
@@
-351,22
+355,23
@@
static int opal_prd_msg_notifier(struct notifier_block *nb,
struct opal_prd_msg_queue_item *item;
struct opal_prd_msg_header *hdr;
struct opal_msg *msg = _msg;
struct opal_prd_msg_queue_item *item;
struct opal_prd_msg_header *hdr;
struct opal_msg *msg = _msg;
+ int msg_size, item_size;
unsigned long flags;
unsigned long flags;
- int size;
if (msg_type != OPAL_MSG_PRD)
return 0;
if (msg_type != OPAL_MSG_PRD)
return 0;
- /* Calculate total size of the
item we need to store. The 'size' field
- * in the header includes the header itself. */
+ /* Calculate total size of the
message and item we need to store. The
+ *
'size' field
in the header includes the header itself. */
hdr = (void *)msg->params;
hdr = (void *)msg->params;
- size = (sizeof(*item) - sizeof(item->msg)) + be16_to_cpu(hdr->size);
+ msg_size = be16_to_cpu(hdr->size);
+ item_size = msg_size + sizeof(*item) - sizeof(item->msg);
- item = kzalloc(size, GFP_ATOMIC);
+ item = kzalloc(
item_
size, GFP_ATOMIC);
if (!item)
return -ENOMEM;
if (!item)
return -ENOMEM;
- memcpy(&item->msg, msg->params, size);
+ memcpy(&item->msg, msg->params,
msg_
size);
spin_lock_irqsave(&opal_prd_msg_queue_lock, flags);
list_add_tail(&item->list, &opal_prd_msg_queue);
spin_lock_irqsave(&opal_prd_msg_queue_lock, flags);
list_add_tail(&item->list, &opal_prd_msg_queue);