alpha/PCI: Fix __pci_mmap_fits() overflow for zero-length BARs

Currently, __pci_mmap_fits() computes the BAR size using
"pci_resource_len() - 1", which wraps to a large value when the BAR length
is zero, causing the bounds check to incorrectly succeed.

Add an early return for empty resources.

Fixes: 10a0ef39fbd1 ("PCI/alpha: pci sysfs resources")
Signed-off-by: Krzysztof Wilczyński <kwilczynski@kernel.org>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Tested-by: Magnus Lindholm <linmag7@gmail.com>
Tested-by: Shivaprasad G Bhat <sbhat@linux.ibm.com>
Reviewed-by: Ilpo Järvinen <ilpo.jarvinen@linux.intel.com>
Acked-by: Magnus Lindholm <linmag7@gmail.com>
Link: https://patch.msgid.link/20260508043543.217179-15-kwilczynski@kernel.org

diff --git a/arch/alpha/kernel/pci-sysfs.c b/arch/alpha/kernel/pci-sysfs.c
index 5c29f1d2821caeb49b5cd24b82fb25699997736a..8802f955256ead679f958523635aebd4687b96c0 100644 (file)
--- a/arch/alpha/kernel/pci-sysfs.c
+++ b/arch/alpha/kernel/pci-sysfs.c
@@ -37,12 +37,16 @@ static int hose_mmap_page_range(struct pci_controller *hose,
 static int __pci_mmap_fits(struct pci_dev *pdev, int num,
                           struct vm_area_struct *vma, int sparse)
 {
+       resource_size_t len = pci_resource_len(pdev, num);
        unsigned long nr, start, size;
        int shift = sparse ? 5 : 0;
 
+       if (!len)
+               return 0;
+
        nr = vma_pages(vma);
        start = vma->vm_pgoff;
-       size = ((pci_resource_len(pdev, num) - 1) >> (PAGE_SHIFT - shift)) + 1;
+       size = ((len - 1) >> (PAGE_SHIFT - shift)) + 1;
 
        if (start < size && size - start >= nr)
                return 1;