Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-09 06:33:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e01d48c699
linux-stable/arch/riscv/kernel
History
Alexandre Ghiti e01d48c699
riscv: Fix out-of-bounds when accessing Andes per hart vendor extension array 
The out-of-bounds access is reported by UBSAN:

[    0.000000] UBSAN: array-index-out-of-bounds in ../arch/riscv/kernel/vendor_extensions.c:41:66
[    0.000000] index -1 is out of range for type 'riscv_isavendorinfo [32]'
[    0.000000] CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted 6.11.0-rc2ubuntu-defconfig #2
[    0.000000] Hardware name: riscv-virtio,qemu (DT)
[    0.000000] Call Trace:
[    0.000000] [<ffffffff94e078ba>] dump_backtrace+0x32/0x40
[    0.000000] [<ffffffff95c83c1a>] show_stack+0x38/0x44
[    0.000000] [<ffffffff95c94614>] dump_stack_lvl+0x70/0x9c
[    0.000000] [<ffffffff95c94658>] dump_stack+0x18/0x20
[    0.000000] [<ffffffff95c8bbb2>] ubsan_epilogue+0x10/0x46
[    0.000000] [<ffffffff95485a82>] __ubsan_handle_out_of_bounds+0x94/0x9c
[    0.000000] [<ffffffff94e09442>] __riscv_isa_vendor_extension_available+0x90/0x92
[    0.000000] [<ffffffff94e043b6>] riscv_cpufeature_patch_func+0xc4/0x148
[    0.000000] [<ffffffff94e035f8>] _apply_alternatives+0x42/0x50
[    0.000000] [<ffffffff95e04196>] apply_boot_alternatives+0x3c/0x100
[    0.000000] [<ffffffff95e05b52>] setup_arch+0x85a/0x8bc
[    0.000000] [<ffffffff95e00ca0>] start_kernel+0xa4/0xfb6

The dereferencing using cpu should actually not happen, so remove it.

Fixes: 23c996fc2b ("riscv: Extend cpufeature.c to detect vendor extensions")
Signed-off-by: Alexandre Ghiti <alexghiti@rivosinc.com>
Link: https://lore.kernel.org/r/20240814192619.276794-1-alexghiti@rivosinc.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
2024-08-15 13:12:16 -07:00
..
compat_vdso Makefile: remove redundant tool coverage variables 2024-05-14 23:35:48 +09:00
pi Makefile: remove redundant tool coverage variables 2024-05-14 23:35:48 +09:00
probes trace: riscv: Remove deprecated kprobe on ftrace support 2024-07-24 06:14:05 -07:00
tests treewide: replace or remove redundant def_bool in Kconfig files 2024-02-20 20:47:45 +09:00
vdso Makefile: remove redundant tool coverage variables 2024-05-14 23:35:48 +09:00
vendor_extensions riscv: Extend cpufeature.c to detect vendor extensions 2024-07-22 15:36:54 -07:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
acpi_numa.c RISC-V: ACPI: NUMA: initialize all values of acpi_early_node_map to NUMA_NO_NODE 2024-08-14 13:12:41 -07:00
acpi.c Merge patch "Enable SPCR table for console output on RISC-V" 2024-07-26 05:50:48 -07:00
alternative.c riscv: errata: Rename defines for Andes 2024-03-12 07:13:12 -07:00
asm-offsets.c ftrace: riscv: move from REGS to ARGS 2024-05-22 16:12:48 -07:00
cacheinfo.c riscv: cacheinfo: initialize cacheinfo's level and type from ACPI PPTT 2024-07-24 07:39:36 -07:00
cfi.c bpf, riscv64/cfi: Support kCFI + BPF on riscv64 2024-03-06 15:18:16 -08:00
compat_signal.c riscv: compat: signal: Add rt_frame implementation 2022-05-17 16:37:21 -07:00
compat_syscall_table.c riscv: convert to generic syscall table 2024-07-10 14:23:38 +02:00
copy-unaligned.h RISC-V: Probe for unaligned access speed 2023-09-01 09:06:25 -07:00
copy-unaligned.S riscv: Use SYM_*() assembly macros instead of deprecated ones 2023-11-06 09:42:47 -08:00
cpu_ops_sbi.c riscv: prevent pt_regs corruption for secondary idle threads 2024-05-30 09:42:51 -07:00
cpu_ops_spinwait.c riscv: prevent pt_regs corruption for secondary idle threads 2024-05-30 09:42:51 -07:00
cpu_ops.c riscv: Use the same CPU operations for all CPUs 2024-01-04 15:03:07 -08:00
cpu-hotplug.c riscv: Use the same CPU operations for all CPUs 2024-01-04 15:03:07 -08:00
cpu.c riscv: Add vendor extensions to /proc/cpuinfo 2024-07-22 15:36:55 -07:00
cpufeature.c riscv: cpufeature: Do not drop Linux-internal extensions 2024-07-31 09:53:13 -07:00
crash_dump.c vmcore: convert copy_oldmem_page() to take an iov_iter 2022-04-29 14:37:59 -07:00
crash_save_regs.S RISC-V: Fixup get incorrect user mode PC for kernel mode regs 2022-08-11 08:54:40 -07:00
efi-header.S riscv: Prepare EFI header for relocatable kernels 2023-04-19 07:46:28 -07:00
efi.c riscv: Use accessors to page table entries instead of direct dereference 2023-12-20 10:48:15 -08:00
elf_kexec.c fix missing vmalloc.h includes 2024-04-25 20:55:49 -07:00
entry.S riscv: enable HAVE_ARCH_STACKLEAK 2024-07-26 05:50:47 -07:00
fpu.S riscv: typo in comment for get_f64_reg 2024-05-22 16:12:53 -07:00
ftrace.c riscv: patch: Flush the icache right after patching to avoid illegal insns 2024-06-26 07:37:27 -07:00
head.h riscv: entry: Convert to generic entry 2023-03-23 08:47:00 -07:00
head.S riscv: set trap vector earlier 2024-07-12 08:55:31 -07:00
hibernate-asm.S riscv: Use SYM_*() assembly macros instead of deprecated ones 2023-11-06 09:42:47 -08:00
hibernate.c riscv: hibernate: remove WARN_ON in save_processor_state 2023-06-23 10:06:22 -07:00
image-vars.h efi: move screen_info into efi init code 2023-10-17 16:33:39 +02:00
irq.c Merge patch "drivers: perf: Do not broadcast to other cpus when starting a counter" 2023-11-09 06:44:13 -08:00
jump_label.c riscv: jump_label: Batch icache maintenance 2024-06-26 07:36:27 -07:00
kernel_mode_fpu.c riscv: add support for kernel-mode FPU 2024-05-19 14:36:19 -07:00
kernel_mode_vector.c riscv: vector: allow kernel-mode Vector with preemption 2024-01-16 07:14:02 -08:00
kexec_relocate.S riscv: kexec: Cleanup riscv_kexec_relocate 2023-09-20 02:53:29 -07:00
kgdb.c RISC-V: rename parse_asm.h to insn.h 2022-12-29 06:59:47 -08:00
machine_kexec_file.c RISC-V: Add kexec_file support 2022-05-19 12:14:18 -07:00
machine_kexec.c riscv: kexec: Avoid deadlock in kexec crash path 2024-07-03 13:11:30 -07:00
Makefile Merge patch series "riscv: Separate vendor extensions from standard extensions" 2024-07-22 15:37:01 -07:00
Makefile.syscalls syscalls: fix syscall macros for newfstat/newfstatat 2024-08-02 15:20:47 +02:00
mcount-dyn.S ftrace: riscv: move from REGS to ARGS 2024-05-22 16:12:48 -07:00
mcount.S riscv: remove MCOUNT_NAME workaround 2024-02-22 15:38:54 -08:00
module-sections.c riscv: add missing header file includes 2019-10-28 00:46:01 -07:00
module.c arch: make execmem setup available regardless of CONFIG_MODULES 2024-05-14 00:31:44 -07:00
paravirt.c RISC-V: KVM: Rename the SBI_STA_SHMEM_DISABLE to a generic name 2024-04-22 11:13:52 +05:30
patch.c riscv: Re-introduce global icache flush in patch_text_XXX() 2024-08-06 06:49:14 -07:00
perf_callchain.c riscv: Fix fill_callchain return value 2022-03-30 23:01:42 -07:00
perf_regs.c perf/arch: Remove perf_sample_data::regs_user_copy 2020-11-09 18:12:34 +01:00
process.c riscv: process: Fix kernel gp leakage 2024-04-04 12:35:05 -07:00
ptrace.c Merge patch series "riscv: Introduce compat-mode helpers & improve arch_get_mmap_end()" 2024-03-20 08:56:05 -07:00
reset.c riscv: Use do_kernel_power_off() 2022-05-19 19:30:30 +02:00
return_address.c riscv: add CALLER_ADDRx support 2024-02-22 12:17:47 -08:00
riscv_ksyms.c RISC-V: add infrastructure to allow different str* implementations 2023-01-31 11:43:23 -08:00
sbi-ipi.c RISC-V: Enable the IPI before workqueue_online_cpu() 2024-08-01 07:15:43 -07:00
sbi.c riscv: Improve sbi_ecall() code generation by reordering arguments 2024-07-10 13:30:56 -07:00
setup.c ACPI: RISCV: Add NUMA support based on SRAT and SLIT 2024-07-22 07:13:06 -07:00
signal.c riscv: signal: Remove unlikely() from WARN_ON() condition 2024-07-26 05:50:46 -07:00
smp.c riscv: Use IPIs for remote cache/TLB flushes by default 2024-04-29 10:49:26 -07:00
smpboot.c Merge patch series "Add ACPI NUMA support for RISC-V" 2024-07-22 10:31:51 -07:00
soc.c riscv: Fix builtin DTB handling 2021-01-07 19:00:50 -08:00
stacktrace.c riscv: Improve exception and system call latency 2024-07-26 05:50:45 -07:00
suspend_entry.S riscv: Use SYM_*() assembly macros instead of deprecated ones 2023-11-06 09:42:47 -08:00
suspend.c riscv: Do not save the scratch CSR during suspend 2024-04-28 14:50:36 -07:00
sys_hwprobe.c RISC-V: Provide the frequency of time CSR via hwprobe 2024-07-26 05:50:51 -07:00
sys_riscv.c syscalls: mmap(): use unsigned offset type consistently 2024-06-25 15:57:38 +02:00
syscall_table.c riscv: convert to generic syscall table 2024-07-10 14:23:38 +02:00
time.c RISC-V: paravirt: Add skeleton for pv-time support 2023-12-30 11:25:03 +05:30
traps_misaligned.c riscv: misaligned: remove CONFIG_RISCV_M_MODE specific code 2024-04-28 14:50:37 -07:00
traps.c riscv: entry: always initialize regs->a0 to -ENOSYS 2024-08-14 13:12:22 -07:00
unaligned_access_speed.c riscv: Use kcalloc() instead of kzalloc() 2024-03-20 08:56:07 -07:00
vdso.c riscv: vdso: Use generic union vdso_data_store 2024-02-20 20:56:00 +01:00
vector.c riscv: vector: adjust minimum Vector requirement to ZVE32X 2024-05-30 14:33:10 -07:00
vendor_extensions.c riscv: Fix out-of-bounds when accessing Andes per hart vendor extension array 2024-08-15 13:12:16 -07:00
vmcore_info.c crash: split vmcoreinfo exporting code out from crash_core.c 2024-02-23 17:48:22 -08:00
vmlinux-xip.lds.S riscv: Check if the code to patch lies in the exit section 2024-01-09 10:58:59 -08:00
vmlinux.lds.S riscv: Check if the code to patch lies in the exit section 2024-01-09 10:58:59 -08:00