linux-acpi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 2/4] [Patch-next] ACPI, APEI, EINJ Fix the wrong checking of Injection Header's length
@ 2010-08-17  0:56 Jin Dongming
  2010-08-17  1:35 ` Huang Ying
  0 siblings, 1 reply; 3+ messages in thread
From: Jin Dongming @ 2010-08-17  0:56 UTC (permalink / raw)
  To: Huang Ying
  Cc: Randy Dunlap, Stephen Rothwell, Andi Kleen, Hidetoshi Seto, ACPI,
	LKLM

header_length in struct acpi_table_einj is not the length of struct
acpi_table_einj, but the length of Injection Header.

In einj_check_table(), header_length is used for checking the length
of struct acpi_table_einj. So I think it is wrong.

This patch fixed it and I confirmed it on x86_64 next-tree.

Signed-off-by: Jin Dongming <jin.dongming@np.css.fujitsu.com>
---
 drivers/acpi/apei/einj.c |   15 +++++++++------
 include/acpi/actbl1.h    |   17 ++++++++++++-----
 2 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/drivers/acpi/apei/einj.c b/drivers/acpi/apei/einj.c
index 465c885..5fe876c 100644
--- a/drivers/acpi/apei/einj.c
+++ b/drivers/acpi/apei/einj.c
@@ -104,7 +104,8 @@ static struct einj_parameter *einj_param;
 static void einj_exec_ctx_init(struct apei_exec_context *ctx)
 {
 	apei_exec_ctx_init(ctx, einj_ins_type, ARRAY_SIZE(einj_ins_type),
-			   EINJ_TAB_ENTRY(einj_tab), einj_tab->entries);
+			   EINJ_TAB_ENTRY(einj_tab),
+			   einj_tab->inje_header.entries);
 }
 
 static int __einj_get_available_error_type(u32 *type)
@@ -153,7 +154,7 @@ static u64 einj_get_parameter_address(void)
 	struct acpi_whea_header *entry;
 
 	entry = EINJ_TAB_ENTRY(einj_tab);
-	for (i = 0; i < einj_tab->entries; i++) {
+	for (i = 0; i < einj_tab->inje_header.entries; i++) {
 		if (entry->action == ACPI_EINJ_SET_ERROR_TYPE &&
 		    entry->instruction == ACPI_EINJ_WRITE_REGISTER &&
 		    entry->register_region.space_id ==
@@ -426,12 +427,14 @@ DEFINE_SIMPLE_ATTRIBUTE(error_inject_fops, NULL,
 
 static int einj_check_table(struct acpi_table_einj *einj_tab)
 {
-	if (einj_tab->header_length != sizeof(struct acpi_table_einj))
+	if (einj_tab->common_header.length < sizeof(struct acpi_table_einj))
 		return -EINVAL;
-	if (einj_tab->header.length < sizeof(struct acpi_table_einj))
+
+	if (einj_tab->inje_header.length != sizeof(struct acpi_einj_header))
 		return -EINVAL;
-	if (einj_tab->entries !=
-	    (einj_tab->header.length - sizeof(struct acpi_table_einj)) /
+
+	if (einj_tab->inje_header.entries !=
+	    (einj_tab->common_header.length - sizeof(struct acpi_table_einj)) /
 	    sizeof(struct acpi_einj_entry))
 		return -EINVAL;
 
diff --git a/include/acpi/actbl1.h b/include/acpi/actbl1.h
index 821f8ac..e586c30 100644
--- a/include/acpi/actbl1.h
+++ b/include/acpi/actbl1.h
@@ -199,14 +199,21 @@ struct acpi_table_ecdt {
  *
  ******************************************************************************/
 
-struct acpi_table_einj {
-	struct acpi_table_header header;	/* Common ACPI table header */
-	u32 header_length;
-	u8 flags;
-	u8 reserved[3];
+/* EINJ Injection Header */
+struct acpi_einj_header {
+	u32 length;
+	u8  flags;
+	u8  reserved[3];
 	u32 entries;
 };
 
+/* EINJ Header */
+
+struct acpi_table_einj {
+	struct acpi_table_header common_header;	/* Common ACPI table header */
+	struct acpi_einj_header inje_header;	/* Injection Header */
+};
+
 /* EINJ Injection Instruction Entries (actions) */
 
 struct acpi_einj_entry {
-- 
1.7.1.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-08-17  2:15 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-08-17  0:56 [PATCH 2/4] [Patch-next] ACPI, APEI, EINJ Fix the wrong checking of Injection Header's length Jin Dongming
2010-08-17  1:35 ` Huang Ying
2010-08-17  2:15   ` Jin Dongming

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).