From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>,
Vineet Gupta <vgupta@synopsys.com>,
Sasha Levin <sashal@kernel.org>,
linux-snps-arc@lists.infradead.org
Subject: [PATCH AUTOSEL 4.19 01/52] ARC: u-boot args: check that magic number is correct
Date: Fri, 29 Mar 2019 20:52:08 -0400 [thread overview]
Message-ID: <20190330005301.26868-1-sashal@kernel.org> (raw)
From: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
[ Upstream commit edb64bca50cd736c6894cc6081d5263c007ce005 ]
In case of devboards we really often disable bootloader and load
Linux image in memory via JTAG. Even if kernel tries to verify
uboot_tag and uboot_arg there is sill a chance that we treat some
garbage in registers as valid u-boot arguments in JTAG case.
E.g. it is enough to have '1' in r0 to treat any value in r2 as
a boot command line.
So check that magic number passed from u-boot is correct and drop
u-boot arguments otherwise. That helps to reduce the possibility
of using garbage as u-boot arguments in JTAG case.
We can safely check U-boot magic value (0x0) in linux passed via
r1 register as U-boot pass it from the beginning. So there is no
backward-compatibility issues.
Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev@synopsys.com>
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/arc/kernel/head.S | 1 +
arch/arc/kernel/setup.c | 8 ++++++++
2 files changed, 9 insertions(+)
diff --git a/arch/arc/kernel/head.S b/arch/arc/kernel/head.S
index 1f945d0f40da..208bf2c9e7b0 100644
--- a/arch/arc/kernel/head.S
+++ b/arch/arc/kernel/head.S
@@ -107,6 +107,7 @@ ENTRY(stext)
; r2 = pointer to uboot provided cmdline or external DTB in mem
; These are handled later in handle_uboot_args()
st r0, [@uboot_tag]
+ st r1, [@uboot_magic]
st r2, [@uboot_arg]
#endif
diff --git a/arch/arc/kernel/setup.c b/arch/arc/kernel/setup.c
index 3320ca2fe20f..a1218937abd6 100644
--- a/arch/arc/kernel/setup.c
+++ b/arch/arc/kernel/setup.c
@@ -35,6 +35,7 @@ unsigned int intr_to_DE_cnt;
/* Part of U-boot ABI: see head.S */
int __initdata uboot_tag;
+int __initdata uboot_magic;
char __initdata *uboot_arg;
const struct machine_desc *machine_desc;
@@ -484,6 +485,8 @@ static inline bool uboot_arg_invalid(unsigned long addr)
#define UBOOT_TAG_NONE 0
#define UBOOT_TAG_CMDLINE 1
#define UBOOT_TAG_DTB 2
+/* We always pass 0 as magic from U-boot */
+#define UBOOT_MAGIC_VALUE 0
void __init handle_uboot_args(void)
{
@@ -499,6 +502,11 @@ void __init handle_uboot_args(void)
goto ignore_uboot_args;
}
+ if (uboot_magic != UBOOT_MAGIC_VALUE) {
+ pr_warn(IGNORE_ARGS "non zero uboot magic\n");
+ goto ignore_uboot_args;
+ }
+
if (uboot_tag != UBOOT_TAG_NONE &&
uboot_arg_invalid((unsigned long)uboot_arg)) {
pr_warn(IGNORE_ARGS "invalid uboot arg: '%px'\n", uboot_arg);
--
2.19.1
next reply other threads:[~2019-03-30 1:08 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-30 0:52 Sasha Levin [this message]
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 02/52] arc: hsdk_defconfig: Enable CONFIG_BLK_DEV_RAM Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 03/52] inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 04/52] perf/core: Restore mmap record type correctly Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 05/52] perf data: Don't store auxtrace index for directory data file Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 06/52] ext4: avoid panic during forced reboot Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 07/52] ext4: add missing brelse() in add_new_gdb_meta_bg() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 08/52] ext4: report real fs size after failed resize Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 09/52] ALSA: echoaudio: add a check for ioremap_nocache Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 10/52] ALSA: sb8: add a check for request_region Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 11/52] auxdisplay: hd44780: Fix memory leak on ->remove() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 12/52] drm/udl: use drm_gem_object_put_unlocked Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 13/52] IB/mlx4: Fix race condition between catas error reset and aliasguid flows Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 14/52] i40iw: Avoid panic when handling the inetdev event Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 15/52] mmc: davinci: remove extraneous __init annotation Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 16/52] ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 17/52] thermal/intel_powerclamp: fix __percpu declaration of worker_data Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 18/52] thermal: samsung: Fix incorrect check after code merge Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 19/52] thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 20/52] thermal/int340x_thermal: Add additional UUIDs Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 21/52] thermal/int340x_thermal: fix mode setting Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 22/52] thermal/intel_powerclamp: fix truncated kthread name Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 23/52] scsi: iscsi: flush running unbind operations when removing a session Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 24/52] sched/cpufreq: Fix 32-bit math overflow Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 25/52] sched/core: Fix buffer overflow in cgroup2 property cpu.max Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 26/52] x86/mm: Don't leak kernel addresses Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 27/52] tools/power turbostat: return the exit status of a command Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 28/52] perf list: Don't forget to drop the reference to the allocated thread_map Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 29/52] perf config: Fix an error in the config template documentation Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 30/52] perf config: Fix a memory leak in collect_config() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 31/52] perf build-id: Fix memory leak in print_sdt_events() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 32/52] perf top: Fix error handling in cmd_top() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 33/52] perf hist: Add missing map__put() in error case Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 34/52] perf evsel: Free evsel->counts in perf_evsel__exit() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 35/52] perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 36/52] perf tests: Fix memory leak by expr__find_other() in test__expr() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 37/52] perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 38/52] ACPI / utils: Drop reference in test for device presence Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 39/52] PM / Domains: Avoid a potential deadlock Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 40/52] blk-iolatency: #include "blk.h" Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 41/52] drm/exynos/mixer: fix MIXER shadow registry synchronisation code Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 42/52] irqchip/stm32: Don't clear rising/falling config registers at init Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 43/52] irqchip/mbigen: Don't clear eventid when freeing an MSI Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 44/52] x86/hpet: Prevent potential NULL pointer dereference Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 45/52] x86/hyperv: " Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 46/52] x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 47/52] drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 48/52] iommu/vt-d: Check capability before disabling protected memory Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 49/52] x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 50/52] fix incorrect error code mapping for OBJECTID_NOT_FOUND Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 51/52] x86/gart: Exclude GART aperture from kcore Sasha Levin
2019-03-30 0:52 ` [PATCH AUTOSEL 4.19 52/52] ext4: prohibit fstrim in norecovery mode Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190330005301.26868-1-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=Eugeniy.Paltsev@synopsys.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-snps-arc@lists.infradead.org \
--cc=stable@vger.kernel.org \
--cc=vgupta@synopsys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).