Merge tag 'bootconfig-fixes-v6.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Pull bootconfig fixes from Masami Hiramatsu:

- Fix potential static_command_line buffer overrun.

Currently we allocate the memory for static_command_line based on
"boot_command_line", but it will copy "command_line" into it. So we
use the length of "command_line" instead of "boot_command_line" (as
we previously did)

- Use memblock_free_late() in xbc_exit() instead of memblock_free()
after the buddy system is initialized

- Fix a kerneldoc warning

* tag 'bootconfig-fixes-v6.9-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:
bootconfig: Fix the kerneldoc of _xbc_exit()
bootconfig: use memblock_free_late to free xbc memory to buddy
init/main.c: Fix potential static_command_line memory overflow

Linus Torvalds 2 years ago 9c6e84e4 dbe0a7be

+21 -10

3 changed files

expand all

include

linux

bootconfig.h

init

main.c

lib

bootconfig.c

+6 -1

include/linux/bootconfig.h

··· 288 288 int __init xbc_get_info(int *node_size, size_t *data_size); 289 289 290 290 /* XBC cleanup data structures */ 291 - void __init xbc_exit(void); 291 + void __init _xbc_exit(bool early); 292 + 293 + static inline void xbc_exit(void) 294 + { 295 + _xbc_exit(false); 296 + } 292 297 293 298 /* XBC embedded bootconfig data in kernel */ 294 299 #ifdef CONFIG_BOOT_CONFIG_EMBED

init/main.c

··· 636 636 if (!saved_command_line) 637 637 panic("%s: Failed to allocate %zu bytes\n", __func__, len + ilen); 638 638 639 + len = xlen + strlen(command_line) + 1; 640 + 639 641 static_command_line = memblock_alloc(len, SMP_CACHE_BYTES); 640 642 if (!static_command_line) 641 643 panic("%s: Failed to allocate %zu bytes\n", __func__, len);

+13 -9

lib/bootconfig.c

··· 61 61 return memblock_alloc(size, SMP_CACHE_BYTES); 62 62 } 63 63 64 - static inline void __init xbc_free_mem(void *addr, size_t size) 64 + static inline void __init xbc_free_mem(void *addr, size_t size, bool early) 65 65 { 66 - memblock_free(addr, size); 66 + if (early) 67 + memblock_free(addr, size); 68 + else if (addr) 69 + memblock_free_late(__pa(addr), size); 67 70 } 68 71 69 72 #else /* !__KERNEL__ */ ··· 76 73 return malloc(size); 77 74 } 78 75 79 - static inline void xbc_free_mem(void *addr, size_t size) 76 + static inline void xbc_free_mem(void *addr, size_t size, bool early) 80 77 { 81 78 free(addr); 82 79 } ··· 901 898 } 902 899 903 900 /** 904 - * xbc_exit() - Clean up all parsed bootconfig 901 + * _xbc_exit() - Clean up all parsed bootconfig 902 + * @early: Set true if this is called before budy system is initialized. 905 903 * 906 904 * This clears all data structures of parsed bootconfig on memory. 907 905 * If you need to reuse xbc_init() with new boot config, you can 908 906 * use this. 909 907 */ 910 - void __init xbc_exit(void) 908 + void __init _xbc_exit(bool early) 911 909 { 912 - xbc_free_mem(xbc_data, xbc_data_size); 910 + xbc_free_mem(xbc_data, xbc_data_size, early); 913 911 xbc_data = NULL; 914 912 xbc_data_size = 0; 915 913 xbc_node_num = 0; 916 - xbc_free_mem(xbc_nodes, sizeof(struct xbc_node) * XBC_NODE_MAX); 914 + xbc_free_mem(xbc_nodes, sizeof(struct xbc_node) * XBC_NODE_MAX, early); 917 915 xbc_nodes = NULL; 918 916 brace_index = 0; 919 917 } ··· 967 963 if (!xbc_nodes) { 968 964 if (emsg) 969 965 *emsg = "Failed to allocate bootconfig nodes"; 970 - xbc_exit(); 966 + _xbc_exit(true); 971 967 return -ENOMEM; 972 968 } 973 969 memset(xbc_nodes, 0, sizeof(struct xbc_node) * XBC_NODE_MAX); ··· 981 977 *epos = xbc_err_pos; 982 978 if (emsg) 983 979 *emsg = xbc_err_msg; 984 - xbc_exit(); 980 + _xbc_exit(true); 985 981 } else 986 982 ret = xbc_node_num; 987 983