* [PATCH] kernel/dma: Fix panic caused by passing cma to command line @ 2018-09-17 3:24 ` zhe.he 2018-09-18 9:28 ` Marek Szyprowski 0 siblings, 1 reply; 3+ messages in thread From: zhe.he @ 2018-09-17 3:24 UTC (permalink / raw) To: hch, m.szyprowski, robin.murphy, iommu, linux-kernel; +Cc: zhe.he From: He Zhe <zhe.he@windriver.com> early_cma does not check input argument before passing it to simple_strtoull. The argument would be a NULL pointer if "cma", without its value, is set in command line and thus causes the following panic. PANIC: early exception 0xe3 IP 10:ffffffffa3e9db8d error 0 cr2 0x0 [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc3-yocto-standard+ #7 [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 ... [ 0.000000] Call Trace: [ 0.000000] simple_strtoull+0x29/0x70 [ 0.000000] memparse+0x26/0x90 [ 0.000000] early_cma+0x17/0x6a [ 0.000000] do_early_param+0x57/0x8e [ 0.000000] parse_args+0x208/0x320 [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_options+0x29/0x2d [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_param+0x36/0x4d [ 0.000000] setup_arch+0x336/0x99e [ 0.000000] start_kernel+0x6f/0x4e6 [ 0.000000] x86_64_start_reservations+0x24/0x26 [ 0.000000] x86_64_start_kernel+0x6f/0x72 [ 0.000000] secondary_startup_64+0xa4/0xb0 This patch adds a check to prevent the panic. Signed-off-by: He Zhe <zhe.he@windriver.com> Cc: stable@vger.kernel.org Cc: hch@lst.de Cc: m.szyprowski@samsung.com Cc: robin.murphy@arm.com --- kernel/dma/contiguous.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/dma/contiguous.c b/kernel/dma/contiguous.c index 286d823..b2a8790 100644 --- a/kernel/dma/contiguous.c +++ b/kernel/dma/contiguous.c @@ -49,7 +49,11 @@ static phys_addr_t limit_cmdline; static int __init early_cma(char *p) { - pr_debug("%s(%s)\n", __func__, p); + if (!p) { + pr_err("Config string not provided\n"); + return -EINVAL; + } + size_cmdline = memparse(p, &p); if (*p != '@') return 0; -- 2.7.4 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] kernel/dma: Fix panic caused by passing cma to command line 2018-09-17 3:24 ` [PATCH] kernel/dma: Fix panic caused by passing cma to command line zhe.he @ 2018-09-18 9:28 ` Marek Szyprowski 2018-09-20 6:54 ` Christoph Hellwig 0 siblings, 1 reply; 3+ messages in thread From: Marek Szyprowski @ 2018-09-18 9:28 UTC (permalink / raw) To: zhe.he, hch, robin.murphy, iommu, linux-kernel Hi On 2018-09-17 05:24, zhe.he@windriver.com wrote: > From: He Zhe <zhe.he@windriver.com> > > early_cma does not check input argument before passing it to > simple_strtoull. The argument would be a NULL pointer if "cma", without > its value, is set in command line and thus causes the following panic. > > PANIC: early exception 0xe3 IP 10:ffffffffa3e9db8d error 0 cr2 0x0 > [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc3-yocto-standard+ #7 > [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 > ... > [ 0.000000] Call Trace: > [ 0.000000] simple_strtoull+0x29/0x70 > [ 0.000000] memparse+0x26/0x90 > [ 0.000000] early_cma+0x17/0x6a > [ 0.000000] do_early_param+0x57/0x8e > [ 0.000000] parse_args+0x208/0x320 > [ 0.000000] ? rdinit_setup+0x30/0x30 > [ 0.000000] parse_early_options+0x29/0x2d > [ 0.000000] ? rdinit_setup+0x30/0x30 > [ 0.000000] parse_early_param+0x36/0x4d > [ 0.000000] setup_arch+0x336/0x99e > [ 0.000000] start_kernel+0x6f/0x4e6 > [ 0.000000] x86_64_start_reservations+0x24/0x26 > [ 0.000000] x86_64_start_kernel+0x6f/0x72 > [ 0.000000] secondary_startup_64+0xa4/0xb0 > > This patch adds a check to prevent the panic. > > Signed-off-by: He Zhe <zhe.he@windriver.com> > Cc: stable@vger.kernel.org > Cc: hch@lst.de > Cc: m.szyprowski@samsung.com > Cc: robin.murphy@arm.com Thanks for the fix. Reviewed-by: Marek Szyprowski <m.szyprowski@samsung.com> > --- > kernel/dma/contiguous.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/kernel/dma/contiguous.c b/kernel/dma/contiguous.c > index 286d823..b2a8790 100644 > --- a/kernel/dma/contiguous.c > +++ b/kernel/dma/contiguous.c > @@ -49,7 +49,11 @@ static phys_addr_t limit_cmdline; > > static int __init early_cma(char *p) > { > - pr_debug("%s(%s)\n", __func__, p); > + if (!p) { > + pr_err("Config string not provided\n"); > + return -EINVAL; > + } > + > size_cmdline = memparse(p, &p); > if (*p != '@') > return 0; Best regards -- Marek Szyprowski, PhD Samsung R&D Institute Poland ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] kernel/dma: Fix panic caused by passing cma to command line 2018-09-18 9:28 ` Marek Szyprowski @ 2018-09-20 6:54 ` Christoph Hellwig 0 siblings, 0 replies; 3+ messages in thread From: Christoph Hellwig @ 2018-09-20 6:54 UTC (permalink / raw) To: Marek Szyprowski; +Cc: zhe.he, hch, robin.murphy, iommu, linux-kernel On Tue, Sep 18, 2018 at 11:28:33AM +0200, Marek Szyprowski wrote: > Hi > > On 2018-09-17 05:24, zhe.he@windriver.com wrote: > > From: He Zhe <zhe.he@windriver.com> > > > > early_cma does not check input argument before passing it to > > simple_strtoull. The argument would be a NULL pointer if "cma", without > > its value, is set in command line and thus causes the following panic. > > > > PANIC: early exception 0xe3 IP 10:ffffffffa3e9db8d error 0 cr2 0x0 > > [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc3-yocto-standard+ #7 > > [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 > > ... > > [ 0.000000] Call Trace: > > [ 0.000000] simple_strtoull+0x29/0x70 > > [ 0.000000] memparse+0x26/0x90 > > [ 0.000000] early_cma+0x17/0x6a > > [ 0.000000] do_early_param+0x57/0x8e > > [ 0.000000] parse_args+0x208/0x320 > > [ 0.000000] ? rdinit_setup+0x30/0x30 > > [ 0.000000] parse_early_options+0x29/0x2d > > [ 0.000000] ? rdinit_setup+0x30/0x30 > > [ 0.000000] parse_early_param+0x36/0x4d > > [ 0.000000] setup_arch+0x336/0x99e > > [ 0.000000] start_kernel+0x6f/0x4e6 > > [ 0.000000] x86_64_start_reservations+0x24/0x26 > > [ 0.000000] x86_64_start_kernel+0x6f/0x72 > > [ 0.000000] secondary_startup_64+0xa4/0xb0 > > > > This patch adds a check to prevent the panic. > > > > Signed-off-by: He Zhe <zhe.he@windriver.com> > > Cc: stable@vger.kernel.org > > Cc: hch@lst.de > > Cc: m.szyprowski@samsung.com > > Cc: robin.murphy@arm.com > > Thanks for the fix. > > Reviewed-by: Marek Szyprowski <m.szyprowski@samsung.com> Thanks, added to the dma-mapping tree. ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-09-20 6:54 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <CGME20180917032603epcas4p4da3674e558c4704622f58b133e7fe5ce@epcas4p4.samsung.com> 2018-09-17 3:24 ` [PATCH] kernel/dma: Fix panic caused by passing cma to command line zhe.he 2018-09-18 9:28 ` Marek Szyprowski 2018-09-20 6:54 ` Christoph Hellwig
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).