From: Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> To: Michael Ellerman <mpe@ellerman.id.au>, Nicholas Piggin <npiggin@gmail.com>, Christophe Leroy <christophe.leroy@csgroup.eu> Cc: Nathan Lynch <nathanl@linux.ibm.com>, Tyrel Datwyler <tyreld@linux.ibm.com>, Nick Child <nnac123@linux.ibm.com>, Andrew Donnellan <ajd@linux.ibm.com>, Scott Cheloha <cheloha@linux.ibm.com>, Laurent Dufour <ldufour@linux.ibm.com>, linuxppc-dev@lists.ozlabs.org Subject: [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() Date: Mon, 06 Mar 2023 15:33:46 -0600 [thread overview] Message-ID: <20230220-rtas-queue-for-6-4-v1-7-010e4416f13f@linux.ibm.com> (raw) In-Reply-To: <20230220-rtas-queue-for-6-4-v1-0-010e4416f13f@linux.ibm.com> From: Nathan Lynch <nathanl@linux.ibm.com> Any caller of rtas_call_unlocked() must provide an rtas_args parameter block distinct from the core rtas_args buffer used by the rtas_call() path. It's an unlikely error to make, but the potential consequences are grim, and it's trivial to check. Signed-off-by: Nathan Lynch <nathanl@linux.ibm.com> --- arch/powerpc/kernel/rtas.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/powerpc/kernel/rtas.c b/arch/powerpc/kernel/rtas.c index 633c925164e7..47a2aa43d7d4 100644 --- a/arch/powerpc/kernel/rtas.c +++ b/arch/powerpc/kernel/rtas.c @@ -1042,6 +1042,13 @@ void rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret, { va_list list; + /* + * Callers must not use rtas_args; otherwise they risk + * corrupting the state of the rtas_call() path, which is + * serialized by rtas_lock. + */ + WARN_ON(args == &rtas_args); + va_start(list, nret); va_rtas_call(args, token, nargs, nret, list); va_end(list); -- 2.39.1
WARNING: multiple messages have this Message-ID (diff)
From: Nathan Lynch <nathanl@linux.ibm.com> To: Michael Ellerman <mpe@ellerman.id.au>, Nicholas Piggin <npiggin@gmail.com>, Christophe Leroy <christophe.leroy@csgroup.eu> Cc: linuxppc-dev@lists.ozlabs.org, Tyrel Datwyler <tyreld@linux.ibm.com>, Scott Cheloha <cheloha@linux.ibm.com>, Andrew Donnellan <ajd@linux.ibm.com>, Nick Child <nnac123@linux.ibm.com>, Laurent Dufour <ldufour@linux.ibm.com>, Nathan Lynch <nathanl@linux.ibm.com> Subject: [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() Date: Mon, 06 Mar 2023 15:33:46 -0600 [thread overview] Message-ID: <20230220-rtas-queue-for-6-4-v1-7-010e4416f13f@linux.ibm.com> (raw) In-Reply-To: <20230220-rtas-queue-for-6-4-v1-0-010e4416f13f@linux.ibm.com> Any caller of rtas_call_unlocked() must provide an rtas_args parameter block distinct from the core rtas_args buffer used by the rtas_call() path. It's an unlikely error to make, but the potential consequences are grim, and it's trivial to check. Signed-off-by: Nathan Lynch <nathanl@linux.ibm.com> --- arch/powerpc/kernel/rtas.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/powerpc/kernel/rtas.c b/arch/powerpc/kernel/rtas.c index 633c925164e7..47a2aa43d7d4 100644 --- a/arch/powerpc/kernel/rtas.c +++ b/arch/powerpc/kernel/rtas.c @@ -1042,6 +1042,13 @@ void rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret, { va_list list; + /* + * Callers must not use rtas_args; otherwise they risk + * corrupting the state of the rtas_call() path, which is + * serialized by rtas_lock. + */ + WARN_ON(args == &rtas_args); + va_start(list, nret); va_rtas_call(args, token, nargs, nret, list); va_end(list); -- 2.39.1
next prev parent reply other threads:[~2023-03-06 21:36 UTC|newest] Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top 2023-03-06 21:33 [PATCH 0/8] RTAS changes for 6.4 Nathan Lynch via B4 Relay 2023-03-06 21:33 ` Nathan Lynch 2023-03-06 21:33 ` [PATCH 1/8] powerpc/rtas: ensure 8-byte alignment for struct rtas_args Nathan Lynch 2023-03-06 21:33 ` Nathan Lynch via B4 Relay 2023-03-23 4:00 ` Andrew Donnellan 2023-03-06 21:33 ` [PATCH 2/8] powerpc/rtas: use memmove for potentially overlapping buffer copy Nathan Lynch 2023-03-06 21:33 ` Nathan Lynch via B4 Relay 2023-03-23 4:09 ` Andrew Donnellan 2023-03-06 21:33 ` [PATCH 3/8] powerpc/rtas: rtas_call_unlocked() kerneldoc Nathan Lynch via B4 Relay 2023-03-06 21:33 ` Nathan Lynch 2023-03-23 4:15 ` Andrew Donnellan 2023-03-06 21:33 ` [PATCH 4/8] powerpc/rtas: fix miswording in rtas_function kerneldoc Nathan Lynch via B4 Relay 2023-03-06 21:33 ` Nathan Lynch 2023-03-23 0:17 ` Andrew Donnellan 2023-03-06 21:33 ` [PATCH 5/8] powerpc/rtas: rename va_rtas_call_unlocked() to va_rtas_call() Nathan Lynch 2023-03-06 21:33 ` Nathan Lynch via B4 Relay 2023-03-23 4:17 ` Andrew Donnellan 2023-03-23 16:11 ` Nathan Lynch 2023-03-29 12:24 ` Michael Ellerman 2023-03-06 21:33 ` [PATCH 6/8] powerpc/rtas: lockdep annotations Nathan Lynch 2023-03-06 21:33 ` Nathan Lynch via B4 Relay 2023-03-23 6:01 ` Andrew Donnellan 2023-03-06 21:33 ` Nathan Lynch via B4 Relay [this message] 2023-03-06 21:33 ` [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() Nathan Lynch 2023-03-23 4:25 ` Andrew Donnellan 2023-03-23 12:17 ` Nathan Lynch 2023-03-24 0:56 ` Nathan Lynch 2023-03-29 12:20 ` Michael Ellerman 2023-03-29 16:23 ` Nathan Lynch 2023-03-06 21:33 ` [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() Nathan Lynch via B4 Relay 2023-03-06 21:33 ` Nathan Lynch 2023-03-23 6:26 ` Andrew Donnellan 2023-03-23 19:39 ` Nathan Lynch 2023-03-23 9:44 ` Michael Ellerman 2023-03-23 13:40 ` Nathan Lynch 2024-01-25 15:55 ` Christophe Leroy 2024-01-25 16:33 ` Nathan Lynch 2024-01-25 16:46 ` Christophe Leroy 2024-01-25 17:23 ` Nathan Lynch 2023-04-06 1:09 ` (subset) [PATCH 0/8] RTAS changes for 6.4 Michael Ellerman 2023-04-26 12:12 ` Michael Ellerman
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20230220-rtas-queue-for-6-4-v1-7-010e4416f13f@linux.ibm.com \ --to=devnull+nathanl.linux.ibm.com@kernel.org \ --cc=ajd@linux.ibm.com \ --cc=cheloha@linux.ibm.com \ --cc=christophe.leroy@csgroup.eu \ --cc=ldufour@linux.ibm.com \ --cc=linuxppc-dev@lists.ozlabs.org \ --cc=mpe@ellerman.id.au \ --cc=nathanl@linux.ibm.com \ --cc=nnac123@linux.ibm.com \ --cc=npiggin@gmail.com \ --cc=tyreld@linux.ibm.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.