port-arm/45371: pic_disestablish_source() might fail to block irq which is larger than or equal to 32.

[y7goto%gmail.com@localhost]

>Number:         45371
>Category:       port-arm
>Synopsis:       pic_disestablish_source() might fail to block irq which is 
>larger than or equal to 32.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    port-arm-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Sep 17 01:15:01 +0000 2011
>Originator:     Yuichiro Goto
>Release:        5.99.55
>Organization:
>Environment:
>Description:
As __BIT(irq) is passed to (*pic->pic_ops->pic_block_irqs)() in
pic_disestablish_source() in arch/arm/pic/pic.c, it might be greater
than the value which uint32_t is able to hold when irq >= 32.

Consequently a truncated irq mask is passed to
(*pic->pic_ops->pic_block_irqs)().
>How-To-Repeat:



>Fix:
See the diff below:

Index: pic.c
===================================================================
RCS file: /cvsroot/src/sys/arch/arm/pic/pic.c,v
retrieving revision 1.8
diff -u -r1.8 pic.c
--- pic.c       11 Mar 2011 03:16:14 -0000      1.8
+++ pic.c       17 Sep 2011 00:49:22 -0000
@@ -520,7 +520,7 @@
        struct pic_softc * const pic = is->is_pic;
        const int irq = is->is_irq;
 
-       (*pic->pic_ops->pic_block_irqs)(pic, irq & ~31, __BIT(irq));
+       (*pic->pic_ops->pic_block_irqs)(pic, irq & ~0x1f, __BIT(irq & 0x1f));
        pic->pic_sources[irq] = NULL;
        pic__iplsources[pic_ipl_offset[is->is_ipl] + is->is_iplidx] = NULL;
        evcnt_detach(&is->is_ev);