When the cmdline of "nr_cpus" is not valid, the @nr_cpu_ids is assigned a stale value. The nr_cpus is only valid when get_option() return 1. So check the return value to prevent this.
Signed-off-by: Muchun Song <[email protected]> --- changelog in v3: 1) Return -EINVAL when the parameter is bogus. changelog in v2: 1) Rework the commit log. 2) Rework the return value check. kernel/smp.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/smp.c b/kernel/smp.c index a5a66fc28f4e..0dacfcfcf00b 100644 --- a/kernel/smp.c +++ b/kernel/smp.c @@ -772,9 +772,13 @@ static int __init nrcpus(char *str) { int nr_cpus; - get_option(&str, &nr_cpus); + if (get_option(&str, &nr_cpus) != 1) + return -EINVAL; + if (nr_cpus > 0 && nr_cpus < nr_cpu_ids) nr_cpu_ids = nr_cpus; + else + return -EINVAL; return 0; } -- 2.11.0
