From: Borislav Petkov <bp@alien8.de>
To: Vit Kabele <vit@kabele.me>
Cc: platform-driver-x86@vger.kernel.org, r.marek@assembler.cz,
x86@kernel.org, linux-kernel@vger.kernel.org, rafael@kernel.org,
mingo@redhat.com
Subject: Re: [PATCH v2] arch/x86: Check validity of EBDA pointer in mpparse.c
Date: Tue, 3 May 2022 19:36:35 +0200 [thread overview]
Message-ID: <YnFoIzmt1qJSucAd@zn.tnic> (raw)
In-Reply-To: <Yk/2dh4kDobivStp@czspare1-lap.sysgo.cz>
On Fri, Apr 08, 2022 at 10:46:46AM +0200, Vit Kabele wrote:
> The pointer to EBDA area is retrieved from a word at 0x40e in BDA.
> In case that the memory there is not initialized and contains garbage,
> it might happen that the kernel touches memory above 640K.
This is where I'm missing the "why do this" at all. Grepping back in
my mbox, I see another thread from you where you say something about
"testing custom virtualization platform".
So I'd like to see why this fix is needed so feel free to elaborate in the
commit message what the situation is and why you're doing this.
> This may cause unwanted reads from VGA memory which may not be decoded,
> or even present when running under virtualization.
>
> This patch adds sanity check for the EBDA pointer retrieved from the memory
Avoid having "This patch" or "This commit" in the commit message. It is
tautologically useless.
IOW,
s/This patch adds/Add/
> diff --git a/arch/x86/kernel/mpparse.c b/arch/x86/kernel/mpparse.c
> index fed721f90116..9e0b4820f33b 100644
> --- a/arch/x86/kernel/mpparse.c
> +++ b/arch/x86/kernel/mpparse.c
> @@ -633,8 +633,18 @@ void __init default_find_smp_config(void)
> */
>
> address = get_bios_ebda();
> - if (address)
> - smp_scan_config(address, 0x400);
> +
> + /*
> + * Check that the EBDA address is sane and the get_bios_ebda() did not
> + * return just garbage from memory.
> + * The upper bound is considered valid if it points below 1K before
> + * end of the lower memory (i.e. 639K). The EBDA can be smaller
> + * than 1K in which case the pointer will point above 639K but that
> + * case is handled in step 2) above, and we don't need to adjust scan
> + * size to not bump into the memory above 640K.
> + */
> + if (address >= BIOS_START_MIN && address < (BIOS_START_MAX - 1024))
> + smp_scan_config(address, 1024);
> }
I guess but looking at reserve_bios_regions(), that function is already
doing kinda the same along with being a bit more careful to figure out
bios_start so you could unify the code into a common helper and use it
at both places?
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
next prev parent reply other threads:[~2022-05-03 17:36 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CAJZ5v0gBbdzUO9MRxbKESEnaeaNAu-+3oP6ADMretch=iHPNJA@mail.gmail.com>
2022-04-08 8:46 ` [PATCH v2] arch/x86: Check validity of EBDA pointer in mpparse.c Vit Kabele
2022-05-03 17:36 ` Borislav Petkov [this message]
2022-05-16 9:43 ` Vit Kabele
2022-05-17 19:21 ` Borislav Petkov
2022-07-21 15:38 ` Vit Kabele
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YnFoIzmt1qJSucAd@zn.tnic \
--to=bp@alien8.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=r.marek@assembler.cz \
--cc=rafael@kernel.org \
--cc=vit@kabele.me \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox