AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2024-12-18 07:47:50 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
9d7f29cdb4
linux_dsm_epyc7002/arch/mips
History
James Hogan 9d7f29cdb4 MIPS: cevt-r4k: Fix out-of-bounds array access 
calculate_min_delta() may incorrectly access a 4th element of buf2[]
which only has 3 elements. This may trigger undefined behaviour and has
been reported to cause strange crashes in start_kernel() sometime after
timer initialization when built with GCC 5.3, possibly due to
register/stack corruption:

sched_clock: 32 bits at 200MHz, resolution 5ns, wraps every 10737418237ns
CPU 0 Unable to handle kernel paging request at virtual address ffffb0aa, epc == 8067daa8, ra == 8067da84
Oops[#1]:
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.9.18 #51
task: 8065e3e0 task.stack: 80644000
$ 0   : 00000000 00000001 00000000 00000000
$ 4   : 8065b4d0 00000000 805d0000 00000010
$ 8   : 00000010 80321400 fffff000 812de408
$12   : 00000000 00000000 00000000 ffffffff
$16   : 00000002 ffffffff 80660000 806a666c
$20   : 806c0000 00000000 00000000 00000000
$24   : 00000000 00000010
$28   : 80644000 80645ed0 00000000 8067da84
Hi    : 00000000
Lo    : 00000000
epc   : 8067daa8 start_kernel+0x33c/0x500
ra    : 8067da84 start_kernel+0x318/0x500
Status: 11000402 KERNEL EXL
Cause : 4080040c (ExcCode 03)
BadVA : ffffb0aa
PrId  : 0501992c (MIPS 1004Kc)
Modules linked in:
Process swapper/0 (pid: 0, threadinfo=80644000, task=8065e3e0, tls=00000000)
Call Trace:
[<8067daa8>] start_kernel+0x33c/0x500
Code: 24050240  0c0131f9  24849c64 <a200b0a8> 41606020  000000c0  0c1a45e6 00000000  0c1a5f44

UBSAN also detects the same issue:

================================================================
UBSAN: Undefined behaviour in arch/mips/kernel/cevt-r4k.c:85:41
load of address 80647e4c with insufficient space
for an object of type 'unsigned int'
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.9.18 #47
Call Trace:
[<80028f70>] show_stack+0x88/0xa4
[<80312654>] dump_stack+0x84/0xc0
[<8034163c>] ubsan_epilogue+0x14/0x50
[<803417d8>] __ubsan_handle_type_mismatch+0x160/0x168
[<8002dab0>] r4k_clockevent_init+0x544/0x764
[<80684d34>] time_init+0x18/0x90
[<8067fa5c>] start_kernel+0x2f0/0x500
=================================================================

buf2[] is intentionally only 3 elements so that the last element is the
median once 5 samples have been inserted, so explicitly prevent the
possibility of comparing against the 4th element rather than extending
the array.

Fixes: 1fa405552e ("MIPS: cevt-r4k: Dynamically calculate min_delta_ns")
Reported-by: Rabin Vincent <rabinv@axis.com>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Tested-by: Rabin Vincent <rabinv@axis.com>
Cc: linux-mips@linux-mips.org
Cc: <stable@vger.kernel.org> # 4.7.x-
Patchwork: https://patchwork.linux-mips.org/patch/15892/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-04-10 13:31:12 +02:00
..
alchemy MIPS changes for v4.11 2017-02-21 14:21:11 -08:00
ar7 MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
ath25
ath79 MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
bcm47xx MIPS: BCM47XX: Fix button inversion for Asus WL-500W 2017-02-17 11:16:46 +00:00
bcm63xx MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
bmips MIPS: BMIPS: Support APPENDED_DTB 2016-10-06 17:31:02 +02:00
boot MIPS: DTS: Add img directory to Makefile 2017-02-17 11:16:46 +00:00
cavium-octeon MIPS: Add missing include files 2017-03-08 10:38:06 +01:00
cobalt MIPS: Cobalt: Fix typo 2016-08-03 08:16:30 +02:00
configs MIPS changes for v4.11 2017-02-21 14:21:11 -08:00
dec MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
emma MIPS: Avoid old-style declaration 2017-01-25 02:51:11 +01:00
fw MIPS: Fix misspellings in comments. 2016-04-03 12:32:09 +02:00
generic MIPS: generic/kexec: add support for a DTB passed in a separate buffer 2017-01-03 16:34:46 +01:00
include Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2017-04-06 13:16:34 -07:00
jazz MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
jz4740 MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
kernel MIPS: cevt-r4k: Fix out-of-bounds array access 2017-04-10 13:31:12 +02:00
kvm sched/headers: Prepare to move signal wakeup & sigpending methods from <linux/sched.h> into <linux/sched/signal.h> 2017-03-02 08:42:32 +01:00
lantiq MIPS: Lantiq: fix missing xbar kernel panic 2017-03-21 21:34:43 +01:00
lasat MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
lib MIPS: Fix modversions 2017-01-24 18:30:35 +01:00
loongson32 MIPS: Loongson1B: Change the OSC clock name 2017-01-03 16:48:40 +01:00
loongson64 MIPS: Add missing include files 2017-03-08 10:38:06 +01:00
math-emu sched/headers: Prepare to move the task_lock()/unlock() APIs to <linux/sched/task.h> 2017-03-02 08:42:38 +01:00
mm MIPS: c-r4k: Fix Loongson-3's vcache/scache waysize calculation 2017-03-21 23:22:43 +01:00
mti-malta MIPS: Malta: Fix i8259 irqchip setup 2017-04-10 12:02:42 +02:00
net treewide: remove redundant #include <linux/kconfig.h> 2016-10-11 15:06:33 -07:00
netlogic MIPS: Add missing include files 2017-03-08 10:38:06 +01:00
oprofile MIPS: Unify perf counter register definitions 2017-02-14 09:00:24 +00:00
paravirt sched/headers: Prepare for new header dependencies before moving code to <linux/sched/task_stack.h> 2017-03-02 08:42:36 +01:00
pci This is a tree wide change and has been kept separate for that reason. 2017-02-25 13:45:43 -08:00
pic32 MIPS: pic32mzda: Fix linker error for pic32_get_pbclk() 2017-02-17 11:14:29 +00:00
pistachio Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2016-08-06 09:13:11 -04:00
pmcs-msp71xx MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
pnx833x MIPS: Squash lines for simple wrapper functions 2016-10-04 16:13:57 +02:00
power
ralink MIPS: ralink: Fix typos in rt3883 pinctrl 2017-03-08 11:29:48 +01:00
rb532 MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
sgi-ip22 MIPS: Add missing include files 2017-03-08 10:38:06 +01:00
sgi-ip27 MIPS: Add missing include files 2017-03-08 10:38:06 +01:00
sgi-ip32 MIPS: Add missing include files 2017-03-08 10:38:06 +01:00
sibyte sched/headers: Move task-stack related APIs from <linux/sched.h> to <linux/sched/task_stack.h> 2017-03-03 01:43:47 +01:00
sni char/genrtc: remove asm-generic/rtc.h from mips 2016-06-04 00:23:36 +02:00
txx9 MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
vdso MIPS: VDSO: Explicitly use -fno-asynchronous-unwind-tables 2017-02-17 11:32:12 +00:00
vr41xx MIPS: Audit and remove any unnecessary uses of module.h 2017-02-14 09:00:25 +00:00
xilfpga MIPS: xilfpga: Use irqchip instead of the legacy way 2017-01-03 16:34:39 +01:00
Kbuild MIPS: Initial implementation of a VDSO 2015-11-11 08:36:36 +01:00
Kbuild.platforms MIPS: generic: Convert SEAD-3 to a generic board 2016-10-06 18:04:20 +02:00
Kconfig MIPS: Force o32 fp64 support on 32bit MIPS64r6 kernels 2017-03-08 11:16:25 +01:00
Kconfig.debug MIPS: Remove compact branch policy Kconfig entries 2016-09-13 14:14:50 +02:00
Makefile MIPS: Disable stack checks on MIPS kernels 2017-02-14 09:00:23 +00:00
Makefile.postlink MIPS: Fix distclean with Makefile.postlink 2017-02-13 18:57:34 +00:00