All of lore.kernel.org
 help / color / mirror / Atom feed
From: Nicholas Piggin <npiggin@gmail.com>
To: linuxppc-dev@lists.ozlabs.org
Cc: Mahesh Salgaonkar <mahesh@linux.ibm.com>,
	Nicholas Piggin <npiggin@gmail.com>
Subject: [PATCH v4 06/16] powerpc/pseries/ras: FWNMI_VALID off by one
Date: Fri,  8 May 2020 14:33:58 +1000	[thread overview]
Message-ID: <20200508043408.886394-7-npiggin@gmail.com> (raw)
In-Reply-To: <20200508043408.886394-1-npiggin@gmail.com>

This was discovered developing qemu fwnmi sreset support. This
off-by-one bug means the last 16 bytes of the rtas area can not
be used for a 16 byte save area.

It's not a serious bug, and QEMU implementation has to retain a
workaround for old kernels, but it's good to tighten it.

Acked-by: Mahesh Salgaonkar <mahesh@linux.ibm.com>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
 arch/powerpc/platforms/pseries/ras.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/arch/powerpc/platforms/pseries/ras.c b/arch/powerpc/platforms/pseries/ras.c
index ac92f8687ea3..a5bd0f747bb1 100644
--- a/arch/powerpc/platforms/pseries/ras.c
+++ b/arch/powerpc/platforms/pseries/ras.c
@@ -395,10 +395,11 @@ static irqreturn_t ras_error_interrupt(int irq, void *dev_id)
 /*
  * Some versions of FWNMI place the buffer inside the 4kB page starting at
  * 0x7000. Other versions place it inside the rtas buffer. We check both.
+ * Minimum size of the buffer is 16 bytes.
  */
 #define VALID_FWNMI_BUFFER(A) \
-	((((A) >= 0x7000) && ((A) < 0x7ff0)) || \
-	(((A) >= rtas.base) && ((A) < (rtas.base + rtas.size - 16))))
+	((((A) >= 0x7000) && ((A) <= 0x8000 - 16)) || \
+	(((A) >= rtas.base) && ((A) <= (rtas.base + rtas.size - 16))))
 
 static inline struct rtas_error_log *fwnmi_get_errlog(void)
 {
-- 
2.23.0


  parent reply	other threads:[~2020-05-08  4:48 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-08  4:33 [PATCH v4 00/16] powerpc: machine check and system reset fixes Nicholas Piggin
2020-05-08  4:33 ` [PATCH v4 01/16] powerpc/64s/exception: Fix machine check no-loss idle wakeup Nicholas Piggin
2020-05-08  4:33 ` [PATCH v4 02/16] powerpc/64s/exceptions: Fix in_mce accounting in unrecoverable path Nicholas Piggin
2020-05-08  4:33 ` [PATCH v4 03/16] powerpc/64s/exceptions: Change irq reconcile for NMIs from reusing _DAR to RESULT Nicholas Piggin
2020-05-08  4:33 ` [PATCH v4 04/16] powerpc/64s/exceptions: machine check reconcile irq state Nicholas Piggin
2020-05-08 13:39   ` Michael Ellerman
2020-05-09  7:48     ` Nicholas Piggin
2020-05-08  4:33 ` [PATCH v4 05/16] powerpc/pseries/ras: avoid calling rtas_token in NMI paths Nicholas Piggin
2020-05-08  4:33 ` Nicholas Piggin [this message]
2020-05-08  4:33 ` [PATCH v4 07/16] powerpc/pseries/ras: fwnmi avoid modifying r3 in error case Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 08/16] powerpc/pseries/ras: fwnmi sreset should not interlock Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 09/16] powerpc/pseries: limit machine check stack to 4GB Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 10/16] powerpc/pseries: machine check use rtas_call_unlocked with args on stack Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 11/16] powerpc/64s: machine check interrupt update NMI accounting Nicholas Piggin
2020-05-09  3:13   ` kbuild test robot
2020-05-09  3:13     ` kbuild test robot
2020-05-09  7:50     ` Nicholas Piggin
2020-05-11  9:50       ` Michael Ellerman
2020-05-11  9:50         ` Michael Ellerman
2020-05-08  4:34 ` [PATCH v4 12/16] powerpc: implement ftrace_enabled helper Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 13/16] powerpc/64s: machine check do not trace real-mode handler Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 14/16] powerpc/traps: system reset do not trace Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 15/16] powerpc/traps: make unrecoverable NMIs die instead of panic Nicholas Piggin
2020-05-08  4:34 ` [PATCH v4 16/16] powerpc/traps: Machine check fix RI=0 recoverability check Nicholas Piggin
2020-05-20 11:00 ` [PATCH v4 00/16] powerpc: machine check and system reset fixes Michael Ellerman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200508043408.886394-7-npiggin@gmail.com \
    --to=npiggin@gmail.com \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=mahesh@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.