From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Vishal Verma <vishal.l.verma@intel.com>,
Grzegorz Burzynski <grzegorz.burzynski@intel.com>,
Jeff Moyer <jmoyer@redhat.com>,
Dan Williams <dan.j.williams@intel.com>
Subject: [PATCH 4.14 32/38] acpi/nfit: Fix bus command validation
Date: Sat, 11 Apr 2020 14:09:16 +0200 [thread overview]
Message-ID: <20200411115440.974333990@linuxfoundation.org> (raw)
In-Reply-To: <20200411115437.795556138@linuxfoundation.org>
From: Dan Williams <dan.j.williams@intel.com>
commit ebe9f6f19d80d8978d16078dff3d5bd93ad8d102 upstream.
Commit 11189c1089da "acpi/nfit: Fix command-supported detection" broke
ND_CMD_CALL for bus-level commands. The "func = cmd" assumption is only
valid for:
ND_CMD_ARS_CAP
ND_CMD_ARS_START
ND_CMD_ARS_STATUS
ND_CMD_CLEAR_ERROR
The function number otherwise needs to be pulled from the command
payload for:
NFIT_CMD_TRANSLATE_SPA
NFIT_CMD_ARS_INJECT_SET
NFIT_CMD_ARS_INJECT_CLEAR
NFIT_CMD_ARS_INJECT_GET
Update cmd_to_func() for the bus case and call it in the common path.
Fixes: 11189c1089da ("acpi/nfit: Fix command-supported detection")
Cc: <stable@vger.kernel.org>
Reviewed-by: Vishal Verma <vishal.l.verma@intel.com>
Reported-by: Grzegorz Burzynski <grzegorz.burzynski@intel.com>
Tested-by: Jeff Moyer <jmoyer@redhat.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/acpi/nfit/core.c | 24 +++++++++++++-----------
1 file changed, 13 insertions(+), 11 deletions(-)
--- a/drivers/acpi/nfit/core.c
+++ b/drivers/acpi/nfit/core.c
@@ -214,7 +214,7 @@ static int cmd_to_func(struct nfit_mem *
if (call_pkg) {
int i;
- if (nfit_mem->family != call_pkg->nd_family)
+ if (nfit_mem && nfit_mem->family != call_pkg->nd_family)
return -ENOTTY;
for (i = 0; i < ARRAY_SIZE(call_pkg->nd_reserved2); i++)
@@ -223,6 +223,10 @@ static int cmd_to_func(struct nfit_mem *
return call_pkg->nd_command;
}
+ /* In the !call_pkg case, bus commands == bus functions */
+ if (!nfit_mem)
+ return cmd;
+
/* Linux ND commands == NVDIMM_FAMILY_INTEL function numbers */
if (nfit_mem->family == NVDIMM_FAMILY_INTEL)
return cmd;
@@ -238,6 +242,7 @@ int acpi_nfit_ctl(struct nvdimm_bus_desc
unsigned int cmd, void *buf, unsigned int buf_len, int *cmd_rc)
{
struct acpi_nfit_desc *acpi_desc = to_acpi_nfit_desc(nd_desc);
+ struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
union acpi_object in_obj, in_buf, *out_obj;
const struct nd_cmd_desc *desc = NULL;
struct device *dev = acpi_desc->dev;
@@ -252,18 +257,18 @@ int acpi_nfit_ctl(struct nvdimm_bus_desc
if (cmd_rc)
*cmd_rc = -EINVAL;
+ if (cmd == ND_CMD_CALL)
+ call_pkg = buf;
+ func = cmd_to_func(nfit_mem, cmd, call_pkg);
+ if (func < 0)
+ return func;
+
if (nvdimm) {
- struct nfit_mem *nfit_mem = nvdimm_provider_data(nvdimm);
struct acpi_device *adev = nfit_mem->adev;
if (!adev)
return -ENOTTY;
- if (cmd == ND_CMD_CALL)
- call_pkg = buf;
- func = cmd_to_func(nfit_mem, cmd, call_pkg);
- if (func < 0)
- return func;
dimm_name = nvdimm_name(nvdimm);
cmd_name = nvdimm_cmd_name(cmd);
cmd_mask = nvdimm_cmd_mask(nvdimm);
@@ -274,12 +279,9 @@ int acpi_nfit_ctl(struct nvdimm_bus_desc
} else {
struct acpi_device *adev = to_acpi_dev(acpi_desc);
- func = cmd;
cmd_name = nvdimm_bus_cmd_name(cmd);
cmd_mask = nd_desc->cmd_mask;
- dsm_mask = cmd_mask;
- if (cmd == ND_CMD_CALL)
- dsm_mask = nd_desc->bus_dsm_mask;
+ dsm_mask = nd_desc->bus_dsm_mask;
desc = nd_cmd_bus_desc(cmd);
guid = to_nfit_uuid(NFIT_DEV_BUS);
handle = adev->handle;
next prev parent reply other threads:[~2020-04-11 12:14 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-11 12:08 [PATCH 4.14 00/38] 4.14.176-rc1 review Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 01/38] ipv4: fix a RCU-list lock in fib_triestat_seq_show Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 02/38] net, ip_tunnel: fix interface lookup with no key Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 03/38] sctp: fix refcount bug in sctp_wfree Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 04/38] sctp: fix possibly using a bad saddr with a given dst Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 05/38] drm/bochs: downgrade pci_request_region failure from error to warning Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 06/38] initramfs: restore default compression behavior Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 07/38] tools/power turbostat: Fix gcc build warnings Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 08/38] drm/etnaviv: replace MMU flush marker with flush sequence Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 09/38] blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 10/38] blk-mq: Allow blocking queue tag iter callbacks Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 11/38] misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 12/38] coresight: do not use the BIT() macro in the UAPI header Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 13/38] padata: always acquire cpu_hotplug_lock before pinst->lock Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 14/38] mm: mempolicy: require at least one nodeid for MPOL_PREFERRED Greg Kroah-Hartman
2020-04-11 12:08 ` [PATCH 4.14 15/38] ipv6: dont auto-add link-local address to lag ports Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 16/38] net: dsa: bcm_sf2: Ensure correct sub-node is parsed Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 17/38] net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 18/38] net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 19/38] slcan: Dont transmit uninitialized stack data in padding Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 20/38] mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 21/38] random: always use batched entropy for get_random_u{32,64} Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 22/38] tools/accounting/getdelays.c: fix netlink attribute length Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 23/38] hwrng: imx-rngc - fix an error path Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 24/38] ASoC: jz4740-i2s: Fix divider written at incorrect offset in register Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 25/38] IB/hfi1: Call kobject_put() when kobject_init_and_add() fails Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 26/38] IB/hfi1: Fix memory leaks in sysfs registration and unregistration Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 27/38] ceph: remove the extra slashes in the server path Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 28/38] ceph: canonicalize server path in place Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 29/38] Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 30/38] RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 31/38] fbcon: fix null-ptr-deref in fbcon_switch Greg Kroah-Hartman
2020-04-11 12:09 ` Greg Kroah-Hartman [this message]
2020-04-11 12:09 ` [PATCH 4.14 33/38] clk: qcom: rcg: Return failure for RCG update Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 34/38] drm/msm: stop abusing dma_map/unmap for cache Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 35/38] arm64: Fix size of __early_cpu_boot_status Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 36/38] rpmsg: glink: Remove chunk size word align warning Greg Kroah-Hartman
2020-04-13 5:16 ` nobuhiro1.iwamatsu
2020-04-13 8:20 ` Greg KH
2020-04-11 12:09 ` [PATCH 4.14 37/38] usb: dwc3: dont set gadget->is_otg flag Greg Kroah-Hartman
2020-04-11 12:09 ` [PATCH 4.14 38/38] drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read() Greg Kroah-Hartman
2020-04-11 20:38 ` [PATCH 4.14 00/38] 4.14.176-rc1 review Guenter Roeck
2020-04-12 8:51 ` Naresh Kamboju
2020-04-14 10:36 ` Jon Hunter
2020-04-14 10:36 ` Jon Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200411115440.974333990@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=dan.j.williams@intel.com \
--cc=grzegorz.burzynski@intel.com \
--cc=jmoyer@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=vishal.l.verma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.