mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/drivers/acpi
History
Robert Richter c6c3187d66 lib/firmware_table: Provide buffer length argument to cdat_table_parse() 
There exist card implementations with a CDAT table using a fixed size
buffer, but with entries filled in that do not fill the whole table
length size. Then, the last entry in the CDAT table may not mark the
end of the CDAT table buffer specified by the length field in the CDAT
header. It can be shorter with trailing unused (zero'ed) data. The
actual table length is determined while reading all CDAT entries of
the table with DOE.

If the table is greater than expected (containing zero'ed trailing
data), the CDAT parser fails with:

 [   48.691717] Malformed DSMAS table length: (24:0)
 [   48.702084] [CDAT:0x00] Invalid zero length
 [   48.711460] cxl_port endpoint1: Failed to parse CDAT: -22

In addition, a check of the table buffer length is missing to prevent
an out-of-bound access then parsing the CDAT table.

Hardening code against device returning borked table. Fix that by
providing an optional buffer length argument to
acpi_parse_entries_array() that can be used by cdat_table_parse() to
propagate the buffer size down to its users to check the buffer
length. This also prevents a possible out-of-bound access mentioned.

Add a check to warn about a malformed CDAT table length.

Cc: Rafael J. Wysocki <rafael@kernel.org>
Cc: Len Brown <lenb@kernel.org>
Reviewed-by: Dave Jiang <dave.jiang@intel.com>
Signed-off-by: Robert Richter <rrichter@amd.com>
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Link: https://lore.kernel.org/r/ZdEnopFO0Tl3t2O1@rric.localdomain
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
 		2024-03-13 00:03:21 -07:00
..
acpica ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer 2023-07-10 18:49:16 +02:00
apei acpi/ghes: Remove CXL CPER notifications 2024-02-20 22:50:52 -08:00
arm64 ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() 2023-12-13 13:53:01 +01:00
dptf
nfit acpi/nfit: Use sysfs_emit() for all attributes 2024-01-03 12:21:37 -08:00
numa cxl for v6.8 2024-01-18 16:22:43 -08:00
pmic ACPI: PMIC: Add comments with DSDT power opregion field names 2023-01-30 16:47:13 +01:00
riscv RISC-V: ACPI: RHCT: Add function to get CBO block sizes 2023-10-26 09:40:33 -07:00
x86 Merge branches 'acpi-ec', 'acpi-sysfs', 'acpi-misc' and 'acpi-uid' 2023-10-26 14:59:52 +02:00
Kconfig Driver core changes for 6.8-rc1 2024-01-18 09:48:40 -08:00
Makefile Merge branch 'acpi-thermal' 2024-01-04 13:01:51 +01:00
ac.c ACPI: AC: Rename ACPI device from device to adev 2023-10-17 15:43:30 +02:00
acpi_adxl.c
acpi_apd.c ACPI: processor: Check for null return of devm_kzalloc() in fch_misc_setup() 2023-03-20 18:04:58 +01:00
acpi_cmos_rtc.c ACPI: TAD: Install SystemCMOS address space handler for ACPI000E 2023-08-17 20:01:24 +02:00
acpi_configfs.c
acpi_dbg.c
acpi_extlog.c ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error 2023-12-13 13:50:00 +01:00
acpi_ffh.c ACPI: FFH: Drop the inclusion of linux/arm-smccc.h 2023-06-12 19:28:20 +02:00
acpi_fpdt.c ACPI: FPDT: properly handle invalid FPDT subtables 2023-10-03 21:12:22 +02:00
acpi_ipmi.c
acpi_lpat.c
acpi_lpit.c ACPI: LPIT: Avoid u32 multiplication overflow 2023-11-22 20:55:20 +01:00
acpi_lpss.c Merge branches 'acpi-resource', 'acpi-numa', 'acpi-soc' and 'acpi-misc' 2024-01-04 13:23:31 +01:00
acpi_memhotplug.c mm/memory_hotplug: allow memmap on memory hotplug request to fallback 2023-08-21 13:37:48 -07:00
acpi_pad.c Many singleton patches against the MM code. The patch series which are 2023-11-02 19:38:47 -10:00
acpi_pcc.c
acpi_platform.c ACPI: platform: Move SMB0001 HID to the header and reuse 2023-07-04 19:28:20 +02:00
acpi_pnp.c ACPI: PNP: Introduce list of known non-PNP devices 2023-01-17 12:52:11 +01:00
acpi_processor.c ACPI: Move ACPI_HOTPLUG_CPU to be disabled on arm64 and riscv 2023-12-06 12:41:48 +09:00
acpi_tad.c ACPI: TAD: Install SystemCMOS address space handler for ACPI000E 2023-08-17 20:01:24 +02:00
acpi_video.c ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop 2023-12-06 20:59:49 +01:00
acpi_watchdog.c ACPI: watchdog: fix kernel-doc warnings 2023-12-12 20:27:20 +01:00
battery.c ACPI: bus: Add context argument to acpi_dev_install_notify_handler() 2023-10-06 17:32:51 +02:00
bgrt.c
blacklist.c
bus.c ACPI: Run USB4 _OSC() first with query bit set 2023-11-20 17:52:31 +01:00
button.c ACPI: button: trigger wakeup key events 2023-12-29 18:47:49 +01:00
container.c
cppc_acpi.c cpufreq/cppc: Move and rename cppc_cpufreq_{perf_to_khz|khz_to_perf}() 2023-12-23 15:52:35 +01:00
custom_method.c
debugfs.c
device_pm.c ACPI: PM: Add acpi_device_fix_up_power_children() function 2023-11-20 17:31:49 +01:00
device_sysfs.c Merge branches 'acpi-ec', 'acpi-sysfs', 'acpi-misc' and 'acpi-uid' 2023-10-26 14:59:52 +02:00
dock.c
ec.c ACPI: EC: Use a spin lock without disabing interrupts 2023-12-28 14:13:52 +01:00
ec_sys.c
event.c
evged.c
fan.h
fan_attr.c
fan_core.c
glue.c ACPI: Fix selecting wrong ACPI fwnode for the iGPU on some Dell laptops 2023-01-10 20:23:48 +01:00
hed.c ACPI: bus: Add context argument to acpi_dev_install_notify_handler() 2023-10-06 17:32:51 +02:00
internal.h Merge branch 'acpi-thermal' 2024-01-04 13:01:51 +01:00
ioapic.c ACPI: Silence missing prototype warnings 2022-12-30 19:12:30 +01:00
irq.c ACPI: irq: Fix incorrect return value in acpi_register_gsi() 2023-10-18 13:11:04 +02:00
mipi-disco-img.c ACPI: scan: Fix an error message in DisCo for Imaging support 2023-11-21 15:09:23 +01:00
nvs.c
osi.c ACPI: OSI: refactor deprecated strncpy() 2023-09-21 20:55:43 +02:00
osl.c ACPI: OSL: Use spin locks without disabling interrupts 2023-12-28 14:13:52 +01:00
pci_irq.c
pci_link.c
pci_mcfg.c
pci_root.c ACPI: PCI: Switch to use acpi_evaluate_dsm_typed() 2023-10-03 15:46:14 +02:00
pci_slot.c
pfr_telemetry.c mm: replace vma->vm_flags direct modifications with modifier calls 2023-02-09 16:51:39 -08:00
pfr_update.c
platform_profile.c
power.c ACPI: PM: Do not turn of unused power resources on the Toshiba Click Mini 2023-04-27 18:44:43 +02:00
pptt.c ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent 2023-03-14 20:34:38 +01:00
prmt.c ACPI: PRM: Annotate struct prm_module_info with __counted_by 2023-10-03 21:24:10 +02:00
proc.c
processor_core.c arm64, irqchip/gic-v3, ACPI: Move MADT GICC enabled check into a helper 2023-10-24 15:12:09 +01:00
processor_driver.c ACPI: processor: Reorder acpi_processor_driver_init() 2023-03-22 15:20:38 +01:00
processor_idle.c ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() 2023-11-20 17:26:20 +01:00
processor_pdc.c ACPI: processor: Fix uninitialized access of buf in acpi_set_pdc_bits() 2023-09-18 12:16:16 +02:00
processor_perflib.c ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily 2022-12-30 19:10:02 +01:00
processor_thermal.c ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 2023-12-06 20:52:47 +01:00
processor_throttling.c
property.c Driver core changes for 6.8-rc1 2024-01-18 09:48:40 -08:00
reboot.c
resource.c ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CGA 2024-01-09 15:20:48 +01:00
sbs.c ACPI: SBS: Fix handling of Smart Battery Selectors 2023-03-30 19:01:05 +02:00
sbshc.c
sbshc.h
scan.c IOMMU Updates for Linux v6.8 2024-01-18 15:16:57 -08:00
sleep.c Merge branches 'acpi-scan', 'acpi-pm', 'acpi-resource' and 'acpi-ec' 2023-06-26 16:54:10 +02:00
sleep.h
spcr.c ACPI: SPCR: Amend indentation 2023-03-27 20:50:28 +02:00
sysfs.c ACPI: sysfs: Enable ACPI sysfs support for CCEL records 2023-03-27 20:43:58 +02:00
tables.c lib/firmware_table: Provide buffer length argument to cdat_table_parse() 2024-03-13 00:03:21 -07:00
thermal.c Thermal control updates for 6.8-rc1 2024-01-09 16:20:17 -08:00
thermal_lib.c ACPI: thermal_lib: include "internal.h" for function prototypes 2023-11-24 19:26:49 +01:00
tiny-power-button.c ACPI: tiny-power-button: Eliminate the driver notify callback 2023-06-16 19:48:09 +02:00
utils.c ACPI: utils: Introduce helper for _DEP list lookup 2023-12-19 18:25:00 +01:00
video_detect.c ACPI: video: Add acpi_backlight=vendor quirk for Toshiba Portégé R100 2023-10-03 20:33:58 +02:00
viot.c ACPI: VIOT: Initialize the correct IOMMU fwspec 2023-03-30 19:20:42 +02:00
wakeup.c