leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

x86/boot: Fix memremap of setup_indirect structures

Browse Source 
As documented, the setup_indirect structure is nested inside
the setup_data structures in the setup_data list. The code currently
accesses the fields inside the setup_indirect structure but only
the sizeof(struct setup_data) is being memremapped. No crash
occurred but this is just due to how the area is remapped under the
covers.

Properly memremap both the setup_data and setup_indirect structures
in these cases before accessing them.

Fixes: b3c72fc9a7 ("x86/boot: Introduce setup_indirect")
Signed-off-by: Ross Philipson <ross.philipson@oracle.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/1645668456-22036-2-git-send-email-ross.philipson@oracle.com
This commit is contained in:
Ross Philipson
2022-02-23 21:07:35 -05:00
committed by Borislav Petkov
parent 5adf349439
commit 7228918b34
5 changed files with 165 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
arch/x86/kernel/kdebugfs.c
View File

@@ -88,11 +88,13 @@ create_setup_data_node(struct dentry *parent, int no,
static int __init create_setup_data_nodes(struct dentry *parent)
{
struct setup_indirect *indirect;
struct setup_data_node *node;
struct setup_data *data;
int error;
u64 pa_data, pa_next;
struct dentry *d;
u64 pa_data;
int error;
u32 len;
int no = 0;
d = debugfs_create_dir("setup_data", parent);
@@ -112,12 +114,29 @@ static int __init create_setup_data_nodes(struct dentry *parent)
error = -ENOMEM;
goto err_dir;
}
pa_next = data->next;
if (data->type == SETUP_INDIRECT &&
((struct setup_indirect *)data->data)->type != SETUP_INDIRECT) {
node->paddr = ((struct setup_indirect *)data->data)->addr;
node->type = ((struct setup_indirect *)data->data)->type;
node->len = ((struct setup_indirect *)data->data)->len;
if (data->type == SETUP_INDIRECT) {
len = sizeof(*data) + data->len;
memunmap(data);
data = memremap(pa_data, len, MEMREMAP_WB);
if (!data) {
kfree(node);
error = -ENOMEM;
goto err_dir;
}
indirect = (struct setup_indirect *)data->data;
if (indirect->type != SETUP_INDIRECT) {
node->paddr = indirect->addr;
node->type = indirect->type;
node->len = indirect->len;
} else {
node->paddr = pa_data;
node->type = data->type;
node->len = data->len;
}
} else {
node->paddr = pa_data;
node->type = data->type;
@@ -125,7 +144,7 @@ static int __init create_setup_data_nodes(struct dentry *parent)
}
create_setup_data_node(d, no, node);
pa_data = data->next;
pa_data = pa_next;
memunmap(data);
no++;