{"id":2222926,"url":"http://patchwork.ozlabs.org/api/1.1/patches/2222926/?format=json","web_url":"http://patchwork.ozlabs.org/project/linux-pci/patch/20260414024544.2975605-5-duziming2@huawei.com/","project":{"id":28,"url":"http://patchwork.ozlabs.org/api/1.1/projects/28/?format=json","name":"Linux PCI development","link_name":"linux-pci","list_id":"linux-pci.vger.kernel.org","list_email":"linux-pci@vger.kernel.org","web_url":null,"scm_url":null,"webscm_url":null},"msgid":"<20260414024544.2975605-5-duziming2@huawei.com>","date":"2026-04-14T02:45:44","name":"[4/4] PCI: Prevent overflow in proc_bus_pci_read()","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"c96b7842156f557c8ea780b1b594d4cc4815ab44","submitter":{"id":92271,"url":"http://patchwork.ozlabs.org/api/1.1/people/92271/?format=json","name":"Ziming Du","email":"duziming2@huawei.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/linux-pci/patch/20260414024544.2975605-5-duziming2@huawei.com/mbox/","series":[{"id":499767,"url":"http://patchwork.ozlabs.org/api/1.1/series/499767/?format=json","web_url":"http://patchwork.ozlabs.org/project/linux-pci/list/?series=499767","date":"2026-04-14T02:45:42","name":"PCI: Fix procfs PCI config access issues","version":1,"mbox":"http://patchwork.ozlabs.org/series/499767/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2222926/comments/","check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/2222926/checks/","tags":{},"headers":{"Return-Path":"\n <linux-pci+bounces-52463-incoming=patchwork.ozlabs.org@vger.kernel.org>","X-Original-To":["incoming@patchwork.ozlabs.org","linux-pci@vger.kernel.org"],"Delivered-To":"patchwork-incoming@legolas.ozlabs.org","Authentication-Results":["legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=huawei.com header.i=@huawei.com header.a=rsa-sha256\n header.s=dkim header.b=6XizOr64;\n\tdkim-atps=neutral","legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=172.105.105.114; helo=tor.lore.kernel.org;\n envelope-from=linux-pci+bounces-52463-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)","smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=huawei.com header.i=@huawei.com\n header.b=\"6XizOr64\"","smtp.subspace.kernel.org;\n arc=none smtp.client-ip=113.46.200.220","smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=huawei.com","smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=huawei.com"],"Received":["from tor.lore.kernel.org (tor.lore.kernel.org [172.105.105.114])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fvp3D0895z1y2d\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 14 Apr 2026 12:23:04 +1000 (AEST)","from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby tor.lore.kernel.org (Postfix) with ESMTP id 7E2DA302D977\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 14 Apr 2026 02:22:34 +0000 (UTC)","from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 58566289E13;\n\tTue, 14 Apr 2026 02:22:31 +0000 (UTC)","from canpmsgout05.his.huawei.com (canpmsgout05.his.huawei.com\n [113.46.200.220])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id 2512A30FF31;\n\tTue, 14 Apr 2026 02:22:28 +0000 (UTC)","from mail.maildlp.com (unknown [172.19.162.144])\n\tby canpmsgout05.his.huawei.com (SkyGuard) with ESMTPS id 4fvnvD18GQz12LCb;\n\tTue, 14 Apr 2026 10:16:08 +0800 (CST)","from kwepemr500012.china.huawei.com (unknown [7.202.195.23])\n\tby mail.maildlp.com (Postfix) with ESMTPS id D58AE40572;\n\tTue, 14 Apr 2026 10:22:26 +0800 (CST)","from localhost.localdomain (10.50.85.180) by\n kwepemr500012.china.huawei.com (7.202.195.23) with Microsoft SMTP Server\n (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id\n 15.2.1544.11; Tue, 14 Apr 2026 10:22:26 +0800"],"ARC-Seal":"i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1776133351; cv=none;\n b=Y4GseAtqhuwbccT4Cu3fDWR6ws821woaRvj+dTtBYP1xlG5wPNjQY3IhjzLvxZwMUR6hzqgV4i4bVcXZkMCJvLYB5NjQuJl0bfQYWa5IC16HKpvH79y44i7F8Lj3+tOxVqul2VF+9r9kgOoKQJ957Ykjw2z8a9thHpp1RJuqYHk=","ARC-Message-Signature":"i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1776133351; c=relaxed/simple;\n\tbh=FS1SeOowBA8gVevNxsZJHOuY/+0HP+CQiKPo21lhM/E=;\n\th=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:\n\t MIME-Version:Content-Type;\n b=R3xxB4Kh90h9tF7WHvQt3IEidiuMbWuO9pYbkvE3suvdnHchR40lgmklL2P2UyMftU9hr/rv3xv/1JRceakndEj4o4h77VBAX2BwqKMlan0cReNRUJbStL0AmfovqxDSzI0mRK0HpcWp4NJvI33fwt0/vHWjo2roPpRQ9PA+lrc=","ARC-Authentication-Results":"i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=huawei.com;\n spf=pass smtp.mailfrom=huawei.com;\n dkim=pass (1024-bit key) header.d=huawei.com header.i=@huawei.com\n header.b=6XizOr64; arc=none smtp.client-ip=113.46.200.220","dkim-signature":"v=1; a=rsa-sha256; d=huawei.com; s=dkim;\n\tc=relaxed/relaxed; q=dns/txt;\n\th=From;\n\tbh=qzl/k/41auKXeIJoyyj8kJiE746ZRuL8fpePAiVIFKA=;\n\tb=6XizOr64tVdveY4iAm9fCU/G8D5ioZ293uPIDR5NVwmM9mYeYpLmin2rN2ppXYZ/i6CE1B5lQ\n\tNDU1ddxR5YhsWFwcik9zSAC5JnKmeOVhYzwh8oj0D7yMkjXNvxRPhhlYVylolDL3sZ2jCjQTz7S\n\tqX0GFx5ihCanyPddXHMQmgE=","From":"Ziming Du <duziming2@huawei.com>","To":"<bhelgaas@google.com>","CC":"<linux-pci@vger.kernel.org>, <linux-kernel@vger.kernel.org>,\n\t<liuyongqiang13@huawei.com>, <duziming2@huawei.com>","Subject":"[PATCH 4/4] PCI: Prevent overflow in proc_bus_pci_read()","Date":"Tue, 14 Apr 2026 10:45:44 +0800","Message-ID":"<20260414024544.2975605-5-duziming2@huawei.com>","X-Mailer":"git-send-email 2.43.0","In-Reply-To":"<20260414024544.2975605-1-duziming2@huawei.com>","References":"<20260414024544.2975605-1-duziming2@huawei.com>","Precedence":"bulk","X-Mailing-List":"linux-pci@vger.kernel.org","List-Id":"<linux-pci.vger.kernel.org>","List-Subscribe":"<mailto:linux-pci+subscribe@vger.kernel.org>","List-Unsubscribe":"<mailto:linux-pci+unsubscribe@vger.kernel.org>","MIME-Version":"1.0","Content-Type":"text/plain; charset=\"UTF-8\"","Content-Transfer-Encoding":"8bit","X-ClientProxiedBy":"kwepems500002.china.huawei.com (7.221.188.17) To\n kwepemr500012.china.huawei.com (7.202.195.23)"},"content":"proc_bus_pci_read() assigns the 64-bit loff_t *ppos directly to a 32-bit\ninteger variable. For large offsets, such as 0x100000000, this\nimplicit conversion could truncate the value and incorrectly consider the\noffset as valid.\n\nFix this by changing the type of off to loff_t.\n\nFixes: 1da177e4c3f4 (\"Linux-2.6.12-rc2\")\nSigned-off-by: Ziming Du <duziming2@huawei.com>\nSuggested-by: Ilpo Järvinen <ilpo.jarvinen@linux.intel.com>\n---\n drivers/pci/proc.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)","diff":"diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c\nindex a5db7d23353a..f11f48becf52 100644\n--- a/drivers/pci/proc.c\n+++ b/drivers/pci/proc.c\n@@ -29,7 +29,7 @@ static ssize_t proc_bus_pci_read(struct file *file, char __user *buf,\n \t\t\t\t size_t nbytes, loff_t *ppos)\n {\n \tstruct pci_dev *dev = pde_data(file_inode(file));\n-\tunsigned int off = *ppos;\n+\tloff_t off = *ppos;\n \tunsigned int count = nbytes;\n \tunsigned int size;\n \n","prefixes":["4/4"]}