From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.5 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,URIBL_BLOCKED, USER_AGENT_MUTT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1E340C10F03 for ; Thu, 25 Apr 2019 08:05:10 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id DAC68217FA for ; Thu, 25 Apr 2019 08:05:09 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387486AbfDYIFI (ORCPT ); Thu, 25 Apr 2019 04:05:08 -0400 Received: from m97179.mail.qiye.163.com ([220.181.97.179]:28862 "EHLO m97179.mail.qiye.163.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2387425AbfDYIFI (ORCPT ); Thu, 25 Apr 2019 04:05:08 -0400 Received: from localhost (unknown [117.48.120.186]) by m97179.mail.qiye.163.com (Hmail) with ESMTPA id 52B7FE01784; Thu, 25 Apr 2019 16:05:05 +0800 (CST) Date: Thu, 25 Apr 2019 16:05:05 +0800 From: WANG Chao To: Borislav Petkov Cc: Tony Luck , linux-kernel@vger.kernel.org, linux-edac@vger.kernel.org Subject: Re: [PATCH 1/3] RAS/CEC: fix __find_elem Message-ID: <20190425080505.GB10363@WANG-Chaos-MacBook-Pro.local> References: <20190418034115.75954-1-chao.wang@ucloud.cn> <20190425075612.GA10363@WANG-Chaos-MacBook-Pro.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190425075612.GA10363@WANG-Chaos-MacBook-Pro.local> User-Agent: Mutt/1.11.4 (2019-03-13) X-HM-Spam-Status: e1kIGBQJHllBWUtVS1lXWShZQUlCN1dZLVlBSVdZCQ4XHghZQVkyNS06Nz I*QUtVS1kG X-HM-Sender-Digest: e1kMHhlZQR0aFwgeV1kSHx4VD1lBWUc6MU06Dzo6Cjg9UTUrATALSRku Ai4aFBpVSlVKTk5NSkxCTktOTk1PVTMWGhIXVRgTGhRVDBoVHDsOGBcUDh9VGBVFWVdZEgtZQVlK SkxVT0NVSklLVUpDTVlXWQgBWUFJS0hJNwY+ X-HM-Tid: 0a6a5386d0dc20bdkuqy52b7fe01784 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/25/19 at 03:56P, WANG Chao wrote: > On 04/18/19 at 11:41P, WANG Chao wrote: > > A left over pfn (because we don't clear) at ca->array[n] can be a match > > in __find_elem. Later it'd cause a memmove size overflow in del_elem. > > > > Signed-off-by: WANG Chao > > --- > > drivers/ras/cec.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/ras/cec.c b/drivers/ras/cec.c > > index 2d9ec378a8bc..2e0bf1269c31 100644 > > --- a/drivers/ras/cec.c > > +++ b/drivers/ras/cec.c > > @@ -206,7 +206,7 @@ static int __find_elem(struct ce_array *ca, u64 pfn, unsigned int *to) > > > > this_pfn = PFN(ca->array[min]); > > > > - if (this_pfn == pfn) > > + if (this_pfn == pfn && ca->n > min) > > return min; > > > > return -ENOKEY; > > Any thought on this one? Aha, I see there's another fix queued. Thanks. From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Subject: [1/3] RAS/CEC: fix __find_elem From: WANG Chao Message-Id: <20190425080505.GB10363@WANG-Chaos-MacBook-Pro.local> Date: Thu, 25 Apr 2019 16:05:05 +0800 To: Borislav Petkov Cc: Tony Luck , linux-kernel@vger.kernel.org, linux-edac@vger.kernel.org List-ID: T24gMDQvMjUvMTkgYXQgMDM6NTZQLCBXQU5HIENoYW8gd3JvdGU6Cj4gT24gMDQvMTgvMTkgYXQg MTE6NDFQLCBXQU5HIENoYW8gd3JvdGU6Cj4gPiBBIGxlZnQgb3ZlciBwZm4gKGJlY2F1c2Ugd2Ug ZG9uJ3QgY2xlYXIpIGF0IGNhLT5hcnJheVtuXSBjYW4gYmUgYSBtYXRjaAo+ID4gaW4gX19maW5k X2VsZW0uIExhdGVyIGl0J2QgY2F1c2UgYSBtZW1tb3ZlIHNpemUgb3ZlcmZsb3cgaW4gZGVsX2Vs ZW0uCj4gPiAKPiA+IFNpZ25lZC1vZmYtYnk6IFdBTkcgQ2hhbyA8Y2hhby53YW5nQHVjbG91ZC5j bj4KPiA+IC0tLQo+ID4gIGRyaXZlcnMvcmFzL2NlYy5jIHwgMiArLQo+ID4gIDEgZmlsZSBjaGFu Z2VkLCAxIGluc2VydGlvbigrKSwgMSBkZWxldGlvbigtKQo+ID4gCj4gPiBkaWZmIC0tZ2l0IGEv ZHJpdmVycy9yYXMvY2VjLmMgYi9kcml2ZXJzL3Jhcy9jZWMuYwo+ID4gaW5kZXggMmQ5ZWMzNzhh OGJjLi4yZTBiZjEyNjljMzEgMTAwNjQ0Cj4gPiAtLS0gYS9kcml2ZXJzL3Jhcy9jZWMuYwo+ID4g KysrIGIvZHJpdmVycy9yYXMvY2VjLmMKPiA+IEBAIC0yMDYsNyArMjA2LDcgQEAgc3RhdGljIGlu dCBfX2ZpbmRfZWxlbShzdHJ1Y3QgY2VfYXJyYXkgKmNhLCB1NjQgcGZuLCB1bnNpZ25lZCBpbnQg KnRvKQo+ID4gIAo+ID4gIAl0aGlzX3BmbiA9IFBGTihjYS0+YXJyYXlbbWluXSk7Cj4gPiAgCj4g PiAtCWlmICh0aGlzX3BmbiA9PSBwZm4pCj4gPiArCWlmICh0aGlzX3BmbiA9PSBwZm4gJiYgY2Et Pm4gPiBtaW4pCj4gPiAgCQlyZXR1cm4gbWluOwo+ID4gIAo+ID4gIAlyZXR1cm4gLUVOT0tFWTsK PiAKPiBBbnkgdGhvdWdodCBvbiB0aGlzIG9uZT8KCkFoYSwgSSBzZWUgdGhlcmUncyBhbm90aGVy IGZpeCBxdWV1ZWQuIFRoYW5rcy4K