[PATCH 4.9 02/33] MIPS: Fix off-by-one in pci_resource_to_user()

From: Greg Kroah-Hartman
Date: Fri Jul 27 2018 - 06:10:13 EST


4.9-stable review patch. If anyone has any objections, please let me know.

------------------

From: Paul Burton <paul.burton@xxxxxxxx>

commit 38c0a74fe06da3be133cae3fb7bde6a9438e698b upstream.

The MIPS implementation of pci_resource_to_user() introduced in v3.12 by
commit 4c2924b725fb ("MIPS: PCI: Use pci_resource_to_user to map pci
memory space properly") incorrectly sets *end to the address of the
byte after the resource, rather than the last byte of the resource.

This results in userland seeing resources as a byte larger than they
actually are, for example a 32 byte BAR will be reported by a tool such
as lspci as being 33 bytes in size:

Region 2: I/O ports at 1000 [disabled] [size=33]

Correct this by subtracting one from the calculated end address,
reporting the correct address to userland.

Signed-off-by: Paul Burton <paul.burton@xxxxxxxx>
Reported-by: Rui Wang <rui.wang@xxxxxxxxxxxxx>
Fixes: 4c2924b725fb ("MIPS: PCI: Use pci_resource_to_user to map pci memory space properly")
Cc: James Hogan <jhogan@xxxxxxxxxx>
Cc: Ralf Baechle <ralf@xxxxxxxxxxxxxx>
Cc: Wolfgang Grandegger <wg@xxxxxxxxxxxxxx>
Cc: linux-mips@xxxxxxxxxxxxxx
Cc: stable@xxxxxxxxxxxxxxx # v3.12+
Patchwork: https://patchwork.linux-mips.org/patch/19829/
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
arch/mips/pci/pci.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

--- a/arch/mips/pci/pci.c
+++ b/arch/mips/pci/pci.c
@@ -55,7 +55,7 @@ void pci_resource_to_user(const struct p
phys_addr_t size = resource_size(rsrc);

*start = fixup_bigphys_addr(rsrc->start, size);
- *end = rsrc->start + size;
+ *end = rsrc->start + size - 1;
}

int pci_mmap_page_range(struct pci_dev *dev, struct vm_area_struct *vma,