* [PATCH] kernel/dma: Fix panic caused by passing cma to command line @ 2018-09-17 3:24 ` zhe.he 2018-09-18 9:28 ` Marek Szyprowski 0 siblings, 1 reply; 3+ messages in thread From: zhe.he @ 2018-09-17 3:24 UTC (permalink / raw) To: hch, m.szyprowski, robin.murphy, iommu, linux-kernel; +Cc: zhe.he From: He Zhe <zhe.he@windriver.com> early_cma does not check input argument before passing it to simple_strtoull. The argument would be a NULL pointer if "cma", without its value, is set in command line and thus causes the following panic. PANIC: early exception 0xe3 IP 10:ffffffffa3e9db8d error 0 cr2 0x0 [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc3-yocto-standard+ #7 [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 ... [ 0.000000] Call Trace: [ 0.000000] simple_strtoull+0x29/0x70 [ 0.000000] memparse+0x26/0x90 [ 0.000000] early_cma+0x17/0x6a [ 0.000000] do_early_param+0x57/0x8e [ 0.000000] parse_args+0x208/0x320 [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_options+0x29/0x2d [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_param+0x36/0x4d [ 0.000000] setup_arch+0x336/0x99e [ 0.000000] start_kernel+0x6f/0x4e6 [ 0.000000] x86_64_start_reservations+0x24/0x26 [ 0.000000] x86_64_start_kernel+0x6f/0x72 [ 0.000000] secondary_startup_64+0xa4/0xb0 This patch adds a check to prevent the panic. Signed-off-by: He Zhe <zhe.he@windriver.com> Cc: stable@vger.kernel.org Cc: hch@lst.de Cc: m.szyprowski@samsung.com Cc: robin.murphy@arm.com --- kernel/dma/contiguous.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/dma/contiguous.c b/kernel/dma/contiguous.c index 286d823..b2a8790 100644 --- a/kernel/dma/contiguous.c +++ b/kernel/dma/contiguous.c @@ -49,7 +49,11 @@ static phys_addr_t limit_cmdline; static int __init early_cma(char *p) { - pr_debug("%s(%s)\n", __func__, p); + if (!p) { + pr_err("Config string not provided\n"); + return -EINVAL; + } + size_cmdline = memparse(p, &p); if (*p != '@') return 0; -- 2.7.4 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] kernel/dma: Fix panic caused by passing cma to command line 2018-09-17 3:24 ` [PATCH] kernel/dma: Fix panic caused by passing cma to command line zhe.he @ 2018-09-18 9:28 ` Marek Szyprowski [not found] ` <20180918092834eucas1p1ebdbc3051a7ca8bbacec26b955689784~VdHnT_5yZ0331203312eucas1p1U-MHMrYXj8g+pqW5MlFJXMulaTQe2KTcn/@public.gmane.org> 0 siblings, 1 reply; 3+ messages in thread From: Marek Szyprowski @ 2018-09-18 9:28 UTC (permalink / raw) To: zhe.he, hch, robin.murphy, iommu, linux-kernel Hi On 2018-09-17 05:24, zhe.he@windriver.com wrote: > From: He Zhe <zhe.he@windriver.com> > > early_cma does not check input argument before passing it to > simple_strtoull. The argument would be a NULL pointer if "cma", without > its value, is set in command line and thus causes the following panic. > > PANIC: early exception 0xe3 IP 10:ffffffffa3e9db8d error 0 cr2 0x0 > [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc3-yocto-standard+ #7 > [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 > ... > [ 0.000000] Call Trace: > [ 0.000000] simple_strtoull+0x29/0x70 > [ 0.000000] memparse+0x26/0x90 > [ 0.000000] early_cma+0x17/0x6a > [ 0.000000] do_early_param+0x57/0x8e > [ 0.000000] parse_args+0x208/0x320 > [ 0.000000] ? rdinit_setup+0x30/0x30 > [ 0.000000] parse_early_options+0x29/0x2d > [ 0.000000] ? rdinit_setup+0x30/0x30 > [ 0.000000] parse_early_param+0x36/0x4d > [ 0.000000] setup_arch+0x336/0x99e > [ 0.000000] start_kernel+0x6f/0x4e6 > [ 0.000000] x86_64_start_reservations+0x24/0x26 > [ 0.000000] x86_64_start_kernel+0x6f/0x72 > [ 0.000000] secondary_startup_64+0xa4/0xb0 > > This patch adds a check to prevent the panic. > > Signed-off-by: He Zhe <zhe.he@windriver.com> > Cc: stable@vger.kernel.org > Cc: hch@lst.de > Cc: m.szyprowski@samsung.com > Cc: robin.murphy@arm.com Thanks for the fix. Reviewed-by: Marek Szyprowski <m.szyprowski@samsung.com> > --- > kernel/dma/contiguous.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/kernel/dma/contiguous.c b/kernel/dma/contiguous.c > index 286d823..b2a8790 100644 > --- a/kernel/dma/contiguous.c > +++ b/kernel/dma/contiguous.c > @@ -49,7 +49,11 @@ static phys_addr_t limit_cmdline; > > static int __init early_cma(char *p) > { > - pr_debug("%s(%s)\n", __func__, p); > + if (!p) { > + pr_err("Config string not provided\n"); > + return -EINVAL; > + } > + > size_cmdline = memparse(p, &p); > if (*p != '@') > return 0; Best regards -- Marek Szyprowski, PhD Samsung R&D Institute Poland ^ permalink raw reply [flat|nested] 3+ messages in thread
[parent not found: <20180918092834eucas1p1ebdbc3051a7ca8bbacec26b955689784~VdHnT_5yZ0331203312eucas1p1U-MHMrYXj8g+pqW5MlFJXMulaTQe2KTcn/@public.gmane.org>]
* Re: [PATCH] kernel/dma: Fix panic caused by passing cma to command line [not found] ` <20180918092834eucas1p1ebdbc3051a7ca8bbacec26b955689784~VdHnT_5yZ0331203312eucas1p1U-MHMrYXj8g+pqW5MlFJXMulaTQe2KTcn/@public.gmane.org> @ 2018-09-20 6:54 ` Christoph Hellwig 0 siblings, 0 replies; 3+ messages in thread From: Christoph Hellwig @ 2018-09-20 6:54 UTC (permalink / raw) To: Marek Szyprowski Cc: iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA, zhe.he-CWA4WttNNZF54TAoqtyWWQ, robin.murphy-5wv7dgnIgG8, hch-jcswGhMUV9g, linux-kernel-u79uwXL29TY76Z2rM5mHXA On Tue, Sep 18, 2018 at 11:28:33AM +0200, Marek Szyprowski wrote: > Hi > > On 2018-09-17 05:24, zhe.he-CWA4WttNNZF54TAoqtyWWQ@public.gmane.org wrote: > > From: He Zhe <zhe.he-CWA4WttNNZF54TAoqtyWWQ@public.gmane.org> > > > > early_cma does not check input argument before passing it to > > simple_strtoull. The argument would be a NULL pointer if "cma", without > > its value, is set in command line and thus causes the following panic. > > > > PANIC: early exception 0xe3 IP 10:ffffffffa3e9db8d error 0 cr2 0x0 > > [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc3-yocto-standard+ #7 > > [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 > > ... > > [ 0.000000] Call Trace: > > [ 0.000000] simple_strtoull+0x29/0x70 > > [ 0.000000] memparse+0x26/0x90 > > [ 0.000000] early_cma+0x17/0x6a > > [ 0.000000] do_early_param+0x57/0x8e > > [ 0.000000] parse_args+0x208/0x320 > > [ 0.000000] ? rdinit_setup+0x30/0x30 > > [ 0.000000] parse_early_options+0x29/0x2d > > [ 0.000000] ? rdinit_setup+0x30/0x30 > > [ 0.000000] parse_early_param+0x36/0x4d > > [ 0.000000] setup_arch+0x336/0x99e > > [ 0.000000] start_kernel+0x6f/0x4e6 > > [ 0.000000] x86_64_start_reservations+0x24/0x26 > > [ 0.000000] x86_64_start_kernel+0x6f/0x72 > > [ 0.000000] secondary_startup_64+0xa4/0xb0 > > > > This patch adds a check to prevent the panic. > > > > Signed-off-by: He Zhe <zhe.he-CWA4WttNNZF54TAoqtyWWQ@public.gmane.org> > > Cc: stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org > > Cc: hch-jcswGhMUV9g@public.gmane.org > > Cc: m.szyprowski-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org > > Cc: robin.murphy-5wv7dgnIgG8@public.gmane.org > > Thanks for the fix. > > Reviewed-by: Marek Szyprowski <m.szyprowski-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org> Thanks, added to the dma-mapping tree. ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-09-20 6:54 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <CGME20180917032603epcas4p4da3674e558c4704622f58b133e7fe5ce@epcas4p4.samsung.com>
2018-09-17 3:24 ` [PATCH] kernel/dma: Fix panic caused by passing cma to command line zhe.he
2018-09-18 9:28 ` Marek Szyprowski
[not found] ` <20180918092834eucas1p1ebdbc3051a7ca8bbacec26b955689784~VdHnT_5yZ0331203312eucas1p1U-MHMrYXj8g+pqW5MlFJXMulaTQe2KTcn/@public.gmane.org>
2018-09-20 6:54 ` Christoph Hellwig
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).