From: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
To: Ulf Hansson <ulf.hansson@linaro.org>
Cc: "Rafael J . Wysocki" <rjw@rjwysocki.net>,
Daniel Lezcano <daniel.lezcano@linaro.org>,
Sudeep Holla <sudeep.holla@arm.com>,
Mark Rutland <mark.rutland@arm.com>,
Lina Iyer <ilina@codeaurora.org>,
linux-pm@vger.kernel.org, Rob Herring <robh+dt@kernel.org>,
Vincent Guittot <vincent.guittot@linaro.org>,
Stephen Boyd <sboyd@kernel.org>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
Kevin Hilman <khilman@kernel.org>,
linux-arm-kernel@lists.infradead.org,
linux-arm-msm@vger.kernel.org
Subject: Re: [PATCH 01/13] cpuidle: psci: Fix potential access to unmapped memory
Date: Fri, 18 Oct 2019 10:38:39 +0100 [thread overview]
Message-ID: <20191018093839.GB25918@e121166-lin.cambridge.arm.com> (raw)
In-Reply-To: <20191010113937.15962-2-ulf.hansson@linaro.org>
On Thu, Oct 10, 2019 at 01:39:25PM +0200, Ulf Hansson wrote:
> When the WFI state have been selected, the in-parameter idx to
> psci_enter_idle_state() is zero. In this case, we must not index the state
> array as "state[idx - 1]", as it means accessing data outside the array.
> Fix the bug by pre-checking if idx is zero.
>
> Fixes: 9ffeb6d08c3a ("PSCI: cpuidle: Refactor CPU suspend power_state parameter handling")
> Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
> ---
> drivers/cpuidle/cpuidle-psci.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/cpuidle/cpuidle-psci.c b/drivers/cpuidle/cpuidle-psci.c
> index f3c1a2396f98..2e91c8d6c211 100644
> --- a/drivers/cpuidle/cpuidle-psci.c
> +++ b/drivers/cpuidle/cpuidle-psci.c
> @@ -27,10 +27,10 @@ static DEFINE_PER_CPU_READ_MOSTLY(u32 *, psci_power_state);
> static int psci_enter_idle_state(struct cpuidle_device *dev,
> struct cpuidle_driver *drv, int idx)
> {
> - u32 *state = __this_cpu_read(psci_power_state);
> + u32 *states = __this_cpu_read(psci_power_state);
> + u32 state = idx ? states[idx - 1] : 0;
>
> - return CPU_PM_CPU_IDLE_ENTER_PARAM(psci_cpu_suspend_enter,
> - idx, state[idx - 1]);
> + return CPU_PM_CPU_IDLE_ENTER_PARAM(psci_cpu_suspend_enter, idx, state);
Technically we don't dereference that array entry but I agree this
is ugly and potentially broken.
My preference is aligning it with ACPI code and allocate one more
entry in the psci_power_state array (useless for wfi, agreed but
at least we remove this (-1) handling from the code).
Thanks,
Lorenzo
> }
>
> static struct cpuidle_driver psci_idle_driver __initdata = {
> --
> 2.17.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Lorenzo Pieralisi <lorenzo.pieralisi@arm.com>
To: Ulf Hansson <ulf.hansson@linaro.org>
Cc: Mark Rutland <mark.rutland@arm.com>,
linux-pm@vger.kernel.org, Stephen Boyd <sboyd@kernel.org>,
linux-arm-msm@vger.kernel.org,
Daniel Lezcano <daniel.lezcano@linaro.org>,
"Rafael J . Wysocki" <rjw@rjwysocki.net>,
Lina Iyer <ilina@codeaurora.org>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
Kevin Hilman <khilman@kernel.org>,
Rob Herring <robh+dt@kernel.org>,
Sudeep Holla <sudeep.holla@arm.com>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH 01/13] cpuidle: psci: Fix potential access to unmapped memory
Date: Fri, 18 Oct 2019 10:38:39 +0100 [thread overview]
Message-ID: <20191018093839.GB25918@e121166-lin.cambridge.arm.com> (raw)
In-Reply-To: <20191010113937.15962-2-ulf.hansson@linaro.org>
On Thu, Oct 10, 2019 at 01:39:25PM +0200, Ulf Hansson wrote:
> When the WFI state have been selected, the in-parameter idx to
> psci_enter_idle_state() is zero. In this case, we must not index the state
> array as "state[idx - 1]", as it means accessing data outside the array.
> Fix the bug by pre-checking if idx is zero.
>
> Fixes: 9ffeb6d08c3a ("PSCI: cpuidle: Refactor CPU suspend power_state parameter handling")
> Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
> ---
> drivers/cpuidle/cpuidle-psci.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/cpuidle/cpuidle-psci.c b/drivers/cpuidle/cpuidle-psci.c
> index f3c1a2396f98..2e91c8d6c211 100644
> --- a/drivers/cpuidle/cpuidle-psci.c
> +++ b/drivers/cpuidle/cpuidle-psci.c
> @@ -27,10 +27,10 @@ static DEFINE_PER_CPU_READ_MOSTLY(u32 *, psci_power_state);
> static int psci_enter_idle_state(struct cpuidle_device *dev,
> struct cpuidle_driver *drv, int idx)
> {
> - u32 *state = __this_cpu_read(psci_power_state);
> + u32 *states = __this_cpu_read(psci_power_state);
> + u32 state = idx ? states[idx - 1] : 0;
>
> - return CPU_PM_CPU_IDLE_ENTER_PARAM(psci_cpu_suspend_enter,
> - idx, state[idx - 1]);
> + return CPU_PM_CPU_IDLE_ENTER_PARAM(psci_cpu_suspend_enter, idx, state);
Technically we don't dereference that array entry but I agree this
is ugly and potentially broken.
My preference is aligning it with ACPI code and allocate one more
entry in the psci_power_state array (useless for wfi, agreed but
at least we remove this (-1) handling from the code).
Thanks,
Lorenzo
> }
>
> static struct cpuidle_driver psci_idle_driver __initdata = {
> --
> 2.17.1
>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-10-18 9:39 UTC|newest]
Thread overview: 110+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-10 11:39 [PATCH 00/13] cpuidle: psci: Support hierarchical CPU arrangement Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-10 11:39 ` [PATCH 01/13] cpuidle: psci: Fix potential access to unmapped memory Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-18 9:38 ` Lorenzo Pieralisi [this message]
2019-10-18 9:38 ` Lorenzo Pieralisi
2019-10-18 9:51 ` Ulf Hansson
2019-10-18 9:51 ` Ulf Hansson
2019-10-18 10:03 ` Lorenzo Pieralisi
2019-10-18 10:03 ` Lorenzo Pieralisi
2019-10-18 10:29 ` Ulf Hansson
2019-10-18 10:29 ` Ulf Hansson
2019-10-18 16:47 ` Lorenzo Pieralisi
2019-10-18 16:47 ` Lorenzo Pieralisi
2019-10-24 15:18 ` [PATCH] cpuidle: psci: Align psci_power_state count with idle state count Sudeep Holla
2019-10-24 15:18 ` Sudeep Holla
2019-10-24 16:10 ` Ulf Hansson
2019-10-24 16:10 ` Ulf Hansson
2019-10-27 2:20 ` Sudeep Holla
2019-10-27 2:20 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 02/13] dt: psci: Update DT bindings to support hierarchical PSCI states Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:26 ` Sudeep Holla
2019-10-24 15:26 ` Sudeep Holla
2019-10-24 16:23 ` Ulf Hansson
2019-10-24 16:23 ` Ulf Hansson
2019-10-10 11:39 ` [PATCH 03/13] firmware: psci: Export functions to manage the OSI mode Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:27 ` Sudeep Holla
2019-10-24 15:27 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 04/13] of: base: Add of_get_cpu_state_node() to get idle states for a CPU node Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:28 ` Sudeep Holla
2019-10-24 15:28 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 05/13] cpuidle: dt: Support hierarchical CPU idle states Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:30 ` Sudeep Holla
2019-10-24 15:30 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 06/13] cpuidle: psci: Simplify OF parsing of CPU idle state nodes Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:36 ` Sudeep Holla
2019-10-24 15:36 ` Sudeep Holla
2019-10-24 16:33 ` Ulf Hansson
2019-10-24 16:33 ` Ulf Hansson
2019-10-27 2:24 ` Sudeep Holla
2019-10-27 2:24 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 07/13] cpuidle: psci: Support hierarchical CPU idle states Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:39 ` Sudeep Holla
2019-10-24 15:39 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 08/13] cpuidle: psci: Prepare to use OS initiated suspend mode via PM domains Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:42 ` Sudeep Holla
2019-10-24 15:42 ` Sudeep Holla
2019-10-24 17:01 ` Ulf Hansson
2019-10-24 17:01 ` Ulf Hansson
2019-10-10 11:39 ` [PATCH 09/13] cpuidle: psci: Add support for PM domains by using genpd Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 15:46 ` Sudeep Holla
2019-10-24 15:46 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 10/13] cpuidle: psci: Add a helper to attach a CPU to its PM domain Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 16:31 ` Sudeep Holla
2019-10-24 16:31 ` Sudeep Holla
2019-10-24 16:47 ` Ulf Hansson
2019-10-24 16:47 ` Ulf Hansson
2019-10-27 2:30 ` Sudeep Holla
2019-10-27 2:30 ` Sudeep Holla
2019-10-28 7:35 ` Ulf Hansson
2019-10-28 7:35 ` Ulf Hansson
2019-10-28 7:49 ` Sudeep Holla
2019-10-28 7:49 ` Sudeep Holla
2019-10-28 9:45 ` Ulf Hansson
2019-10-28 9:45 ` Ulf Hansson
2019-10-29 5:34 ` Sudeep Holla
2019-10-29 5:34 ` Sudeep Holla
2019-10-29 9:44 ` Niklas Cassel
2019-10-29 9:44 ` Niklas Cassel
2019-10-30 0:50 ` Sudeep Holla
2019-10-30 0:50 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 11/13] cpuidle: psci: Attach CPU devices to their PM domains Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 16:35 ` Sudeep Holla
2019-10-24 16:35 ` Sudeep Holla
2019-10-24 16:55 ` Ulf Hansson
2019-10-24 16:55 ` Ulf Hansson
2019-10-27 2:32 ` Sudeep Holla
2019-10-27 2:32 ` Sudeep Holla
2019-10-10 11:39 ` [PATCH 12/13] cpuidle: psci: Manage runtime PM in the idle path Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 16:32 ` Sudeep Holla
2019-10-24 16:32 ` Sudeep Holla
2019-10-24 17:00 ` Ulf Hansson
2019-10-24 17:00 ` Ulf Hansson
2019-10-25 8:28 ` Lorenzo Pieralisi
2019-10-25 8:28 ` Lorenzo Pieralisi
2019-10-25 14:13 ` Ulf Hansson
2019-10-25 14:13 ` Ulf Hansson
2019-10-27 2:34 ` Sudeep Holla
2019-10-27 2:34 ` Sudeep Holla
2019-10-28 22:40 ` Ulf Hansson
2019-10-28 22:40 ` Ulf Hansson
2019-10-10 11:39 ` [PATCH 13/13] arm64: dts: Convert to the hierarchical CPU topology layout for MSM8916 Ulf Hansson
2019-10-10 11:39 ` Ulf Hansson
2019-10-24 16:41 ` Sudeep Holla
2019-10-24 16:41 ` Sudeep Holla
2019-10-24 17:03 ` Ulf Hansson
2019-10-24 17:03 ` Ulf Hansson
2019-10-18 8:10 ` [PATCH 00/13] cpuidle: psci: Support hierarchical CPU arrangement Ulf Hansson
2019-10-18 8:10 ` Ulf Hansson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191018093839.GB25918@e121166-lin.cambridge.arm.com \
--to=lorenzo.pieralisi@arm.com \
--cc=bjorn.andersson@linaro.org \
--cc=daniel.lezcano@linaro.org \
--cc=ilina@codeaurora.org \
--cc=khilman@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=rjw@rjwysocki.net \
--cc=robh+dt@kernel.org \
--cc=sboyd@kernel.org \
--cc=sudeep.holla@arm.com \
--cc=ulf.hansson@linaro.org \
--cc=vincent.guittot@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.