From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, He Zhe <zhe.he@windriver.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
kstewart@linuxfoundation.org, pombredanne@nexb.com,
Ingo Molnar <mingo@kernel.org>
Subject: [PATCH 3.18 05/90] x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided
Date: Mon, 19 Nov 2018 17:28:47 +0100 [thread overview]
Message-ID: <20181119162621.586624454@linuxfoundation.org> (raw)
In-Reply-To: <20181119162620.585061184@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: He Zhe <zhe.he@windriver.com>
commit ccde460b9ae5c2bd5e4742af0a7f623c2daad566 upstream.
memory_corruption_check[{_period|_size}]()'s handlers do not check input
argument before passing it to kstrtoul() or simple_strtoull(). The argument
would be a NULL pointer if each of the kernel parameters, without its
value, is set in command line and thus cause the following panic.
PANIC: early exception 0xe3 IP 10:ffffffff73587c22 error 0 cr2 0x0
[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.18-rc8+ #2
[ 0.000000] RIP: 0010:kstrtoull+0x2/0x10
...
[ 0.000000] Call Trace
[ 0.000000] ? set_corruption_check+0x21/0x49
[ 0.000000] ? do_early_param+0x4d/0x82
[ 0.000000] ? parse_args+0x212/0x330
[ 0.000000] ? rdinit_setup+0x26/0x26
[ 0.000000] ? parse_early_options+0x20/0x23
[ 0.000000] ? rdinit_setup+0x26/0x26
[ 0.000000] ? parse_early_param+0x2d/0x39
[ 0.000000] ? setup_arch+0x2f7/0xbf4
[ 0.000000] ? start_kernel+0x5e/0x4c2
[ 0.000000] ? load_ucode_bsp+0x113/0x12f
[ 0.000000] ? secondary_startup_64+0xa5/0xb0
This patch adds checks to prevent the panic.
Signed-off-by: He Zhe <zhe.he@windriver.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: gregkh@linuxfoundation.org
Cc: kstewart@linuxfoundation.org
Cc: pombredanne@nexb.com
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/1534260823-87917-1-git-send-email-zhe.he@windriver.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
arch/x86/kernel/check.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
--- a/arch/x86/kernel/check.c
+++ b/arch/x86/kernel/check.c
@@ -30,6 +30,11 @@ static __init int set_corruption_check(c
ssize_t ret;
unsigned long val;
+ if (!arg) {
+ pr_err("memory_corruption_check config string not provided\n");
+ return -EINVAL;
+ }
+
ret = kstrtoul(arg, 10, &val);
if (ret)
return ret;
@@ -44,6 +49,11 @@ static __init int set_corruption_check_p
ssize_t ret;
unsigned long val;
+ if (!arg) {
+ pr_err("memory_corruption_check_period config string not provided\n");
+ return -EINVAL;
+ }
+
ret = kstrtoul(arg, 10, &val);
if (ret)
return ret;
@@ -58,6 +68,11 @@ static __init int set_corruption_check_s
char *end;
unsigned size;
+ if (!arg) {
+ pr_err("memory_corruption_check_size config string not provided\n");
+ return -EINVAL;
+ }
+
size = memparse(arg, &end);
if (*end == '\0')
next prev parent reply other threads:[~2018-11-19 17:04 UTC|newest]
Thread overview: 103+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-19 16:28 [PATCH 3.18 00/90] 3.18.126-stable review Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 01/90] bcache: fix miss key refill->end in writeback Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 02/90] jffs2: free jffs2_sb_info through jffs2_kill_sb() Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 03/90] pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 04/90] ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops Greg Kroah-Hartman
2018-11-19 16:28 ` Greg Kroah-Hartman [this message]
2018-11-19 16:28 ` [PATCH 3.18 06/90] sparc: Fix single-pcr perf event counter management Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 07/90] sparc: Throttle perf events properly Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 08/90] net: qla3xxx: Remove overflowing shift statement Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 09/90] selftests: ftrace: Add synthetic event syntax testcase Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 10/90] locking/lockdep: Fix debug_locks off performance problem Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 11/90] ataflop: fix error handling during setup Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 12/90] swim: fix cleanup on setup error Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 13/90] tun: Consistently configure generic netdev params via rtnetlink Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 14/90] perf tools: Free temporary sys string in read_event_files() Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 15/90] perf tools: Cleanup trace-event-info tdata leak Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 16/90] cpupower: Fix coredump on VMWare Greg Kroah-Hartman
2018-11-19 18:11 ` Prarit Bhargava
2018-11-20 8:49 ` Greg Kroah-Hartman
2018-11-19 16:28 ` [PATCH 3.18 17/90] mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 18/90] x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 19/90] x86: boot: Fix EFI stub alignment Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 20/90] kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 21/90] ath10k: schedule hardware restart if WMI command times out Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 22/90] scsi: esp_scsi: Track residual for PIO transfers Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 23/90] ext4: fix argument checking in EXT4_IOC_MOVE_EXT Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 24/90] usb: chipidea: Prevent unbalanced IRQ disable Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 25/90] uio: ensure class is registered before devices Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 26/90] scsi: lpfc: Correct soft lockup when running mds diagnostics Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 27/90] signal: Always deliver the kernels SIGKILL and SIGSTOP to a pid namespace init Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 28/90] net/ipv4: defensive cipso option parsing Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 29/90] jbd2: fix use after free in jbd2_log_do_checkpoint() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 30/90] gfs2_meta: ->mount() can get NULL dev_name Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 31/90] ext4: initialize retries variable in ext4_da_write_inline_data_begin() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 32/90] signal/GenWQE: Fix sending of SIGKILL Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 33/90] crypto: lrw - Fix out-of bounds access on counter overflow Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 34/90] ima: fix showing large violations or runtime_measurements_count Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 35/90] kbuild: fix kernel/bounds.c W=1 warning Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 36/90] iio: adc: at91: fix acking DRDY irq on simple conversions Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 37/90] iio: adc: at91: fix wrong channel number in triggered buffer mode Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 38/90] w1: omap-hdq: fix missing bus unregister at removal Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 39/90] smb3: allow stats which track session and share reconnects to be reset Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 40/90] smb3: do not attempt cifs operation in smb3 query info error path Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 41/90] smb3: on kerberos mount if server doesnt specify auth type use krb5 Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 42/90] printk: Fix panic caused by passing log_buf_len to command line Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 43/90] NFSv4.1: Fix the r/wsize checking Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 44/90] nfsd: Fix an Oops in free_session() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 45/90] lockd: fix access beyond unterminated strings in prints Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 46/90] dm ioctl: harden copy_params()s copy_from_user() from malicious users Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 47/90] TC: Set DMA masks for devices Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 48/90] kgdboc: Passing ekgdboc to command line causes panic Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 49/90] media: em28xx: use a default format if TRY_FMT fails Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 50/90] media: em28xx: fix input name for Terratec AV 350 Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 51/90] media: em28xx: make v4l2-compliance happier by starting sequence on zero Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 52/90] Cramfs: fix abad comparison when wrap-arounds occur Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 53/90] dm: remove duplicate dm_get_live_table() in __dm_destroy() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 54/90] tty: check name length in tty_find_polling_driver() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 55/90] powerpc/nohash: fix undefined behaviour when testing page size support Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 56/90] drm/omap: fix memory barrier bug in DMM driver Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 57/90] media: pci: cx23885: handle adding to list failure Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 58/90] MIPS: kexec: Mark CPU offline before disabling local IRQ Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 59/90] powerpc/boot: Ensure _zimage_start is a weak symbol Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 60/90] media: tvp5150: fix width alignment during set_selection() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 61/90] 9p: clear dangling pointers in p9stat_free Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 62/90] cdrom: fix improper type cast, which can leat to information leak Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 63/90] xtensa: fix boot parameters address translation Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 64/90] clk: s2mps11: Fix matching when built as module and DT node contains compatible Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 65/90] libceph: bump CEPH_MSG_MAX_DATA_LEN Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 66/90] mach64: fix display corruption on big endian machines Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 67/90] mach64: fix image corruption due to reading accelerator registers Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 68/90] ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 69/90] mtd: docg3: dont set conflicting BCH_CONST_PARAMS option Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 70/90] termios, tty/tty_baudrate.c: fix buffer overrun Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 71/90] arch/alpha, termios: implement BOTHER, IBSHIFT and termios2 Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 72/90] ext4: add missing brelse() update_backups()s error path Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 73/90] ext4: add missing brelse() in set_flexbg_block_bitmap()s " Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 74/90] ext4: add missing brelse() add_new_gdb_meta_bg()s " Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 75/90] ext4: avoid potential extra brelse in setup_new_flex_group_blocks() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 76/90] ext4: fix possible inode leak in the retry loop of ext4_resize_fs() Greg Kroah-Hartman
2018-11-19 16:29 ` [PATCH 3.18 77/90] ext4: avoid buffer leak in ext4_orphan_add() after prior errors Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 78/90] ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 79/90] ext4: avoid possible double brelse() in add_new_gdb() on error path Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 80/90] ext4: fix possible leak of sbi->s_group_desc_leak in " Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 81/90] ext4: release bs.bh before re-using in ext4_xattr_block_find() Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 82/90] ext4: fix buffer leak in ext4_xattr_move_to_block() on error path Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 83/90] ext4: fix buffer leak in __ext4_read_dirblock() " Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 84/90] mount: Retest MNT_LOCKED in do_umount Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 85/90] mount: Dont allow copying MNT_UNBINDABLE|MNT_LOCKED mounts Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 86/90] mount: Prevent MNT_DETACH from disconnecting locked mounts Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 87/90] sunrpc: correct the computation for page_ptr when truncating Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 88/90] fuse: fix leaked notify reply Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 89/90] configfs: replace strncpy with memcpy Greg Kroah-Hartman
2018-11-19 16:30 ` [PATCH 3.18 90/90] hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! Greg Kroah-Hartman
2018-11-20 0:09 ` [PATCH 3.18 00/90] 3.18.126-stable review shuah
2018-11-20 7:49 ` Greg Kroah-Hartman
2018-11-20 10:39 ` Harsh Shandilya
2018-11-20 11:16 ` Greg Kroah-Hartman
[not found] ` <D161C16F-60D6-4C60-B065-C780BD3DCF55@prjkt.io>
2018-11-20 16:40 ` Greg Kroah-Hartman
2018-11-20 16:58 ` Guenter Roeck
2018-11-20 20:38 ` Guenter Roeck
2018-11-21 10:37 ` Greg Kroah-Hartman
2018-11-21 23:40 ` Guenter Roeck
2018-11-22 6:30 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181119162621.586624454@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=kstewart@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=pombredanne@nexb.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=zhe.he@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).