From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Arvind Sankar <nivedita@alum.mit.edu>,
Ard Biesheuvel <ardb@kernel.org>, Ingo Molnar <mingo@kernel.org>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 4.19 18/32] x86/boot: Use unsigned comparison for addresses
Date: Thu, 9 Apr 2020 23:49:51 -0400 [thread overview]
Message-ID: <20200410035005.9371-18-sashal@kernel.org> (raw)
In-Reply-To: <20200410035005.9371-1-sashal@kernel.org>
From: Arvind Sankar <nivedita@alum.mit.edu>
[ Upstream commit 81a34892c2c7c809f9c4e22c5ac936ae673fb9a2 ]
The load address is compared with LOAD_PHYSICAL_ADDR using a signed
comparison currently (using jge instruction).
When loading a 64-bit kernel using the new efi32_pe_entry() point added by:
97aa276579b2 ("efi/x86: Add true mixed mode entry point into .compat section")
using Qemu with -m 3072, the firmware actually loads us above 2Gb,
resulting in a very early crash.
Use the JAE instruction to perform a unsigned comparison instead, as physical
addresses should be considered unsigned.
Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Link: https://lore.kernel.org/r/20200301230436.2246909-6-nivedita@alum.mit.edu
Link: https://lore.kernel.org/r/20200308080859.21568-14-ardb@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/x86/boot/compressed/head_32.S | 2 +-
arch/x86/boot/compressed/head_64.S | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S
index 37380c0d59996..01d628ea34024 100644
--- a/arch/x86/boot/compressed/head_32.S
+++ b/arch/x86/boot/compressed/head_32.S
@@ -106,7 +106,7 @@ ENTRY(startup_32)
notl %eax
andl %eax, %ebx
cmpl $LOAD_PHYSICAL_ADDR, %ebx
- jge 1f
+ jae 1f
#endif
movl $LOAD_PHYSICAL_ADDR, %ebx
1:
diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S
index 4eaa724afce34..9fa644c62839f 100644
--- a/arch/x86/boot/compressed/head_64.S
+++ b/arch/x86/boot/compressed/head_64.S
@@ -106,7 +106,7 @@ ENTRY(startup_32)
notl %eax
andl %eax, %ebx
cmpl $LOAD_PHYSICAL_ADDR, %ebx
- jge 1f
+ jae 1f
#endif
movl $LOAD_PHYSICAL_ADDR, %ebx
1:
@@ -297,7 +297,7 @@ ENTRY(startup_64)
notq %rax
andq %rax, %rbp
cmpq $LOAD_PHYSICAL_ADDR, %rbp
- jge 1f
+ jae 1f
#endif
movq $LOAD_PHYSICAL_ADDR, %rbp
1:
--
2.20.1
next prev parent reply other threads:[~2020-04-10 3:54 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-10 3:49 [PATCH AUTOSEL 4.19 01/32] cpufreq: imx6q: Fixes unwanted cpu overclocking on i.MX6ULL Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 02/32] media: venus: hfi_parser: Ignore HEVC encoding for V1 Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 03/32] firmware: arm_sdei: fix double-lock on hibernate with shared events Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 04/32] null_blk: Fix the null_add_dev() error path Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 05/32] null_blk: Handle null_add_dev() failures properly Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 06/32] null_blk: fix spurious IO errors after failed past-wp access Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 07/32] xhci: bail out early if driver can't accress host in resume Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 08/32] x86: Don't let pgprot_modify() change the page encryption bit Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 09/32] block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 10/32] irqchip/versatile-fpga: Handle chained IRQs properly Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 11/32] sched: Avoid scale real weight down to zero Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 12/32] selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 13/32] PCI/switchtec: Fix init_completion race condition with poll_wait() Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 14/32] media: i2c: video-i2c: fix build errors due to 'imply hwmon' Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 15/32] libata: Remove extra scsi_host_put() in ata_scsi_add_hosts() Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 16/32] pstore/platform: fix potential mem leak if pstore_init_fs failed Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 17/32] gfs2: Don't demote a glock until its revokes are written Sasha Levin
2020-04-10 3:49 ` Sasha Levin [this message]
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 19/32] efi/x86: Ignore the memory attributes table on i386 Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 20/32] genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 21/32] block: Fix use-after-free issue accessing struct io_cq Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 22/32] media: i2c: ov5695: Fix power on and off sequences Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 23/32] usb: dwc3: core: add support for disabling SS instances in park mode Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 24/32] irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 25/32] md: check arrays is suspended in mddev_detach before call quiesce operations Sasha Levin
2020-04-10 3:49 ` [PATCH AUTOSEL 4.19 26/32] firmware: fix a double abort case with fw_load_sysfs_fallback Sasha Levin
2020-04-10 3:50 ` [PATCH AUTOSEL 4.19 27/32] locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps() Sasha Levin
2020-04-10 3:50 ` [PATCH AUTOSEL 4.19 28/32] block, bfq: fix use-after-free in bfq_idle_slice_timer_body Sasha Levin
2020-04-10 3:50 ` [PATCH AUTOSEL 4.19 29/32] btrfs: hold a ref on the root in btrfs_recover_relocation Sasha Levin
2020-04-10 3:50 ` [PATCH AUTOSEL 4.19 30/32] btrfs: qgroup: ensure qgroup_rescan_running is only set when the worker is at least queued Sasha Levin
2020-04-10 3:50 ` [PATCH AUTOSEL 4.19 31/32] btrfs: remove a BUG_ON() from merge_reloc_roots() Sasha Levin
2020-04-10 3:50 ` [PATCH AUTOSEL 4.19 32/32] btrfs: track reloc roots based on their commit root bytenr Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200410035005.9371-18-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=ardb@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=nivedita@alum.mit.edu \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).