797f88c987
balloon_wrk.num_pages is __u32 and it comes from host in struct dm_balloon where it is also __u32. We, however, use 'int' in balloon_up() and in case we happen to receive num_pages>INT_MAX request we'll end up allocating zero pages as 'num_pages < alloc_unit' check in alloc_balloon_pages() will pass. Change num_pages type to unsigned int. In real life ballooning request come with num_pages in [512, 32768] range so this is more a future-proof/cleanup. Reported-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|---|---|---|
| .. | ||
| channel.c | ||
| channel_mgmt.c | ||
| connection.c | ||
| hv.c | ||
| hv_balloon.c | ||
| hv_fcopy.c | ||
| hv_kvp.c | ||
| hv_snapshot.c | ||
| hv_util.c | ||
| hyperv_vmbus.h | ||
| Kconfig | ||
| Makefile | ||
| ring_buffer.c | ||
| vmbus_drv.c | ||