From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S933081AbcBCLga (ORCPT <rfc822;w@1wt.eu>);
	Wed, 3 Feb 2016 06:36:30 -0500
Received: from terminus.zytor.com ([198.137.202.10]:55782 "EHLO
	terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753437AbcBCLg0 (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 3 Feb 2016 06:36:26 -0500
Date: Wed, 3 Feb 2016 03:35:20 -0800
From: tip-bot for Dave Hansen <tipbot@zytor.com>
Message-ID: <tip-abcdc1c694fa4055323cbec1cde4c2cb6b68398c@git.kernel.org>
Cc: linux-kernel@vger.kernel.org, tglx@linutronix.de, luto@amacapital.net,
        bp@alien8.de, hpa@zytor.com, dvlasenk@redhat.com,
        dave.hansen@linux.intel.com, brgerst@gmail.com,
        torvalds@linux-foundation.org, mingo@kernel.org, peterz@infradead.org,
        bp@suse.de
Reply-To: linux-kernel@vger.kernel.org, tglx@linutronix.de,
        luto@amacapital.net, bp@alien8.de, hpa@zytor.com, dvlasenk@redhat.com,
        dave.hansen@linux.intel.com, brgerst@gmail.com,
        torvalds@linux-foundation.org, mingo@kernel.org, peterz@infradead.org,
        bp@suse.de
In-Reply-To: <20151222225239.8E1DCA58@viggo.jf.intel.com>
References: <20151222225239.8E1DCA58@viggo.jf.intel.com>
To: linux-tip-commits@vger.kernel.org
Subject: [tip:x86/boot] x86/boot:
  Fix early command-line parsing when partial word matches
Git-Commit-ID: abcdc1c694fa4055323cbec1cde4c2cb6b68398c
X-Mailer: tip-git-log-daemon
Robot-ID: <tip-bot.git.kernel.org>
Robot-Unsubscribe: Contact <mailto:hpa@kernel.org>
  to get blacklisted from these emails
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
Content-Disposition: inline
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Commit-ID:  abcdc1c694fa4055323cbec1cde4c2cb6b68398c
Gitweb:     http://git.kernel.org/tip/abcdc1c694fa4055323cbec1cde4c2cb6b68398c
Author:     Dave Hansen <dave.hansen@linux.intel.com>
AuthorDate: Tue, 22 Dec 2015 14:52:39 -0800
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Wed, 3 Feb 2016 12:03:16 +0100

x86/boot: Fix early command-line parsing when partial word matches

cmdline_find_option_bool() keeps track of position in two strings:

 1. the command-line
 2. the option we are searchign for in the command-line

We plow through each character in the command-line one at a time, always
moving forward. We move forward in the option ('opptr') when we match
characters in 'cmdline'. We reset the 'opptr' only when we go in to the
'st_wordstart' state.

But, if we fail to match an option because we see a space
(state=st_wordcmp, *opptr='\0',c=' '), we set state='st_wordskip' and
'break', moving to the next character. But, that move to the next
character is the one *after* the ' '. This means that we will miss a
'st_wordstart' state.

For instance, if we have

  cmdline = "foo fool";

and are searching for "fool", we have:

	  "fool"
  opptr = ----^

           "foo fool"
   c = --------^

We see that 'l' != ' ', set state=st_wordskip, break, and then move 'c', so:

          "foo fool"
  c = ---------^

and are still in state=st_wordskip. We will stay in wordskip until we
have skipped "fool", thus missing the option we were looking for. This
*only* happens when you have a partially- matching word followed by a
matching one.

To fix this, we always fall *into* the 'st_wordskip' state when we set
it.

Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: fenghua.yu@intel.com
Cc: yu-cheng.yu@intel.com
Link: http://lkml.kernel.org/r/20151222225239.8E1DCA58@viggo.jf.intel.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 arch/x86/lib/cmdline.c | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/arch/x86/lib/cmdline.c b/arch/x86/lib/cmdline.c
index 49548be..ff8d1be 100644
--- a/arch/x86/lib/cmdline.c
+++ b/arch/x86/lib/cmdline.c
@@ -72,18 +72,26 @@ int cmdline_find_option_bool(const char *cmdline, const char *option)
 				 */
 				if (!c || myisspace(c))
 					return wstart;
-				else
-					state = st_wordskip;
+				/*
+				 * We hit the end of the option, but _not_
+				 * the end of a word on the cmdline.  Not
+				 * a match.
+				 */
 			} else if (!c) {
 				/*
 				 * Hit the NULL terminator on the end of
 				 * cmdline.
 				 */
 				return 0;
-			} else if (c != *opptr++) {
-				state = st_wordskip;
+			} else if (c == *opptr++) {
+				/*
+				 * We are currently matching, so continue
+				 * to the next character on the cmdline.
+				 */
+				break;
 			}
-			break;
+			state = st_wordskip;
+			/* fall through */
 
 		case st_wordskip:
 			if (!c)