pci/dmar: correct off-by-one error in dmar_fault()

DMAR faults are recorded into a ring of "fault recording registers". fault_index is a 0-based index into the ring. The code allows the 0-based fault_index to be equal to the total number of fault registers available from the cap_num_fault_regs() macro, which causes access beyond the last available register. Signed-off-by Troy Heber <troy.heber@hp.com> Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
git-mirror · Aug 30, 2009 · 8211a7b · 8211a7b
1 parent 2ff729f
commit 8211a7b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/drivers/pci/dmar.c b/drivers/pci/dmar.c
@@ -1226,7 +1226,7 @@ irqreturn_t dmar_fault(int irq, void *dev_id)
 				source_id, guest_addr);
 
 		fault_index++;
-		if (fault_index > cap_num_fault_regs(iommu->cap))
+		if (fault_index >= cap_num_fault_regs(iommu->cap))
 			fault_index = 0;
 		spin_lock_irqsave(&iommu->register_lock, flag);
 	}