Tang Chen 7bc35fdde6 arch/x86/mm/numa.c: fix array index overflow when synchronizing nid to memblock.reserved. ... The following path will cause array out of bound. memblock_add_region() will always set nid in memblock.reserved to MAX_NUMNODES. In numa_register_memblks(), after we set all nid to correct valus in memblock.reserved, we called setup_node_data(), and used memblock_alloc_nid() to allocate memory, with nid set to MAX_NUMNODES. The nodemask_t type can be seen as a bit array. And the index is 0 ~ MAX_NUMNODES-1. After that, when we call node_set() in numa_clear_kernel_node_hotplug(), the nodemask_t got an index of value MAX_NUMNODES, which is out of [0 ~ MAX_NUMNODES-1]. See below: numa_init() |---> numa_register_memblks() | |---> memblock_set_node(memory) set correct nid in memblock.memory | |---> memblock_set_node(reserved) set correct nid in memblock.reserved | |...... | |---> setup_node_data() | |---> memblock_alloc_nid() here, nid is set to MAX_NUMNODES (1024) |...... |---> numa_clear_kernel_node_hotplug() |---> node_set() here, we have an index 1024, and overflowed This patch moves nid setting to numa_clear_kernel_node_hotplug() to fix this problem. Reported-by: Dave Jones <davej@redhat.com> Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com> Tested-by: Gu Zheng <guz.fnst@cn.fujitsu.com> Reported-by: Dave Jones <davej@redhat.com> Cc: David Rientjes <rientjes@google.com> Tested-by: Dave Jones <davej@redhat.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: "H. Peter Anvin" <hpa@zytor.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>		2014-02-06 13:48:51 -08:00
..
boot	x86, boot: Fix word-size assumptions in has_eflag() inline asm	2014-01-30 08:04:32 -08:00
configs	x86, defconfig: Add DEVTMPFS and DEVTMPFS_MOUNT to *86*_defconfig	2013-11-04 20:01:55 -08:00
crypto	crypto: aesni - fix build on x86 (32bit)	2014-01-15 11:36:34 +08:00
ia32	constify copy_siginfo_to_user{,32}()	2013-11-09 00:16:29 -05:00
include	Bug-fixes:	2014-02-05 16:01:11 -08:00
kernel	Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	2014-01-31 08:59:46 -08:00
kvm	kvm: x86: move KVM_CAP_HYPERV_TIME outside #ifdef	2014-01-29 18:10:45 +01:00
lguest	x86, asmlinkage, lguest: Fix C functions used by inline assembler	2014-01-29 22:17:17 -08:00
lib	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next	2014-01-25 11:17:34 -08:00
math-emu	x86: math-emu: Drop already-disabled print of build date	2014-01-27 23:14:12 +01:00
mm	arch/x86/mm/numa.c: fix array index overflow when synchronizing nid to memblock.reserved.	2014-02-06 13:48:51 -08:00
net	bpf: do not use reciprocal divide	2014-01-15 17:02:08 -08:00
oprofile	perf: Fix arch_perf_out_copy_user default	2013-11-06 12:34:25 +01:00
pci	ACPI and power management updates for 3.14-rc1	2014-01-24 15:51:02 -08:00
platform	Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	2014-01-31 08:59:46 -08:00
power	x86, asmlinkage, power: Make various symbols used by the suspend asm code visible	2013-08-06 14:21:03 -07:00
realmode	Merge commit 'f4bcd8ccddb02833340652e9f46f5127828eb79d' into x86/build	2014-01-29 09:07:00 -08:00
syscalls	sched: Add new scheduler syscalls to support an extended scheduling parameters ABI	2014-01-13 13:41:04 +01:00
tools	Merge commit 'f4bcd8ccddb02833340652e9f46f5127828eb79d' into x86/build	2014-01-29 09:07:00 -08:00
um	um, x86: Fix vDSO build	2014-01-12 16:47:31 +01:00
vdso	Merge branch 'x86-cleanups-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	2014-01-20 12:03:57 -08:00
video
xen	Bug-fixes:	2014-02-05 16:01:11 -08:00
.gitignore
Kbuild
Kconfig	Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input	2014-01-24 17:17:30 -08:00
Kconfig.cpu
Kconfig.debug	x86: Disable CONFIG_X86_DECODER_SELFTEST in allmod/allyesconfigs	2014-02-05 14:10:30 -08:00
Makefile	x86, build: Build 16-bit code with -m16 where possible	2014-01-30 08:05:36 -08:00
Makefile_32.cpu
Makefile.um