ACPI, APEI, EINJ, Refine the fix of resource conflict

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Current fix for resource conflict is to remove the address region <param1 &
param2, ~param2+1> from trigger resource, which is highly relies on valid user
input. This patch is trying to avoid such potential issues by fetching the
exact address region from trigger action table entry.

Signed-off-by: Xiao, Hui <hui.xiao@linux.intel.com>
Signed-off-by: Huang Ying <ying.huang@intel.com>
Signed-off-by: Len Brown <len.brown@intel.com>

authored by

Xiao, Hui and committed by

Len Brown 14 years ago b4e008dc fdea163d

+32 -6

1 changed file

expand all

drivers

acpi

apei

einj.c

+32 -6

drivers/acpi/apei/einj.c

··· 194 194 return 0; 195 195 } 196 196 197 + static struct acpi_generic_address *einj_get_trigger_parameter_region( 198 + struct acpi_einj_trigger *trigger_tab, u64 param1, u64 param2) 199 + { 200 + int i; 201 + struct acpi_whea_header *entry; 202 + 203 + entry = (struct acpi_whea_header *) 204 + ((char *)trigger_tab + sizeof(struct acpi_einj_trigger)); 205 + for (i = 0; i < trigger_tab->entry_count; i++) { 206 + if (entry->action == ACPI_EINJ_TRIGGER_ERROR && 207 + entry->instruction == ACPI_EINJ_WRITE_REGISTER_VALUE && 208 + entry->register_region.space_id == 209 + ACPI_ADR_SPACE_SYSTEM_MEMORY && 210 + (entry->register_region.address & param2) == (param1 & param2)) 211 + return &entry->register_region; 212 + entry++; 213 + } 214 + 215 + return NULL; 216 + } 197 217 /* Execute instructions in trigger error action table */ 198 218 static int __einj_error_trigger(u64 trigger_paddr, u32 type, 199 219 u64 param1, u64 param2) ··· 225 205 struct resource *r; 226 206 u32 table_size; 227 207 int rc = -EIO; 208 + struct acpi_generic_address *trigger_param_region = NULL; 228 209 229 210 r = request_mem_region(trigger_paddr, sizeof(*trigger_tab), 230 211 "APEI EINJ Trigger Table"); ··· 287 266 if (param_extension && (type & 0x0038) && param2) { 288 267 struct apei_resources addr_resources; 289 268 apei_resources_init(&addr_resources); 290 - rc = apei_resources_add(&addr_resources, 291 - param1 & param2, 292 - ~param2 + 1, true); 293 - if (rc) 294 - goto out_fini; 295 - rc = apei_resources_sub(&trigger_resources, &addr_resources); 269 + trigger_param_region = einj_get_trigger_parameter_region( 270 + trigger_tab, param1, param2); 271 + if (trigger_param_region) { 272 + rc = apei_resources_add(&addr_resources, 273 + trigger_param_region->address, 274 + trigger_param_region->bit_width/8, true); 275 + if (rc) 276 + goto out_fini; 277 + rc = apei_resources_sub(&trigger_resources, 278 + &addr_resources); 279 + } 296 280 apei_resources_fini(&addr_resources); 297 281 if (rc) 298 282 goto out_fini;