Eliminate the possibility of 32-bit arithmetic overflow in the calculation

of vm_kmem_size that may occur if the system administrator has specified a vm.vm_kmem_size tunable value that exceeds the hard cap. PR: 162741 Submitted by: Adam McDougall Reviewed by: bde@ MFC after: 3 weeks
2011-12-07 07:03:14 +00:00 · 2011-12-07 07:03:14 +00:00 · c749c003b8
commit c749c003b8
parent f769e5b0fa
1 changed files with 4 additions and 4 deletions
--- a/sys/kern/kern_malloc.c
+++ b/sys/kern/kern_malloc.c
@ -740,11 +740,11 @@ kmeminit(void *dummy)
 	/*
 	 * Limit kmem virtual size to twice the physical memory.
 	 * This allows for kmem map sparseness, but limits the size
-	 * to something sane. Be careful to not overflow the 32bit
-	 * ints while doing the check.
+	 * to something sane.  Be careful to not overflow the 32bit
+	 * ints while doing the check or the adjustment.
 	 */
-	if (((vm_kmem_size / 2) / PAGE_SIZE) > cnt.v_page_count)
-		vm_kmem_size = 2 * cnt.v_page_count * PAGE_SIZE;
+	if (vm_kmem_size / 2 / PAGE_SIZE > mem_size)
+		vm_kmem_size = 2 * mem_size * PAGE_SIZE;

 #ifdef DEBUG_MEMGUARD
 	tmp = memguard_fudge(vm_kmem_size, vm_kmem_size_max);