From dbd32b909700db4a4d46014e368baf38a610195d Mon Sep 17 00:00:00 2001
From: Tammy Leino <tammy_leino@mentor.com>
Date: Mon, 3 Oct 2022 13:33:51 -0700
Subject: [PATCH] Potential overflow of notifyid on 64-bit architectures

handle_vdev_rsc sets end to RSC_NOTIFY_ID_ANY in case of wildcard notifyid
Signed-off-by: Tammy Leino <tammy_leino@mentor.com>
---
 lib/include/openamp/remoteproc.h  | 2 +-
 lib/remoteproc/remoteproc.c       | 2 +-
 lib/remoteproc/rsc_table_parser.c | 7 +++++--
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/lib/include/openamp/remoteproc.h b/lib/include/openamp/remoteproc.h
index 41f5d5741..d0588d403 100644
--- a/lib/include/openamp/remoteproc.h
+++ b/lib/include/openamp/remoteproc.h
@@ -20,7 +20,7 @@
 extern "C" {
 #endif
 
-#define RSC_NOTIFY_ID_ANY 0xFFFFFFFFUL
+#define RSC_NOTIFY_ID_ANY 0xFFFFFFFFU
 
 #define RPROC_MAX_NAME_LEN 32
 
diff --git a/lib/remoteproc/remoteproc.c b/lib/remoteproc/remoteproc.c
index 9a0cf3e01..b68398157 100644
--- a/lib/remoteproc/remoteproc.c
+++ b/lib/remoteproc/remoteproc.c
@@ -857,7 +857,7 @@ unsigned int remoteproc_allocate_id(struct remoteproc *rproc,
 
 	if (start == RSC_NOTIFY_ID_ANY)
 		start = 0;
-	if (end == 0)
+	if (end == RSC_NOTIFY_ID_ANY)
 		end = METAL_BITS_PER_ULONG;
 
 	notifyid = metal_bitmap_next_clear_bit(&rproc->bitmap,
diff --git a/lib/remoteproc/rsc_table_parser.c b/lib/remoteproc/rsc_table_parser.c
index 6ee7db6e9..2d3449649 100644
--- a/lib/remoteproc/rsc_table_parser.c
+++ b/lib/remoteproc/rsc_table_parser.c
@@ -131,7 +131,9 @@ int handle_vdev_rsc(struct remoteproc *rproc, void *rsc)
 	/* only assign notification IDs but do not initialize vdev */
 	notifyid = vdev_rsc->notifyid;
 	notifyid = remoteproc_allocate_id(rproc,
-					  notifyid, notifyid + 1);
+					  notifyid,
+					  notifyid == RSC_NOTIFY_ID_ANY ?
+					  RSC_NOTIFY_ID_ANY : notifyid + 1);
 	if (notifyid != RSC_NOTIFY_ID_ANY)
 		vdev_rsc->notifyid = notifyid;
 
@@ -143,7 +145,8 @@ int handle_vdev_rsc(struct remoteproc *rproc, void *rsc)
 		notifyid = vring_rsc->notifyid;
 		notifyid = remoteproc_allocate_id(rproc,
 						  notifyid,
-						  notifyid + 1);
+						  notifyid == RSC_NOTIFY_ID_ANY ?
+						  RSC_NOTIFY_ID_ANY : notifyid + 1);
 		if (notifyid != RSC_NOTIFY_ID_ANY)
 			vring_rsc->notifyid = notifyid;
 	}