Commit de87ba84 authored Apr 25, 2024 by Shubhrajyoti Datta Committed by Borislav Petkov (AMD) Apr 25, 2024

EDAC/versal: Check user-supplied data before injecting an error



The function inject_data_ue_store() lacks a NULL check for the user
passed values. To prevent below kernel crash include a NULL check.

Call trace:

  kstrtoull
  kstrtou8
  inject_data_ue_store
  full_proxy_write
  vfs_write
  ksys_write
  __arm64_sys_write
  invoke_syscall
  el0_svc_common.constprop.0
  do_el0_svc
  el0_svc
  el0t_64_sync_handler
  el0t_64_sync

Fixes: 83bf2405 ("EDAC/versal: Make the bit position of injected errors configurable")
Signed-off-by: Shubhrajyoti Datta <shubhrajyoti.datta@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20240425121942.26378-3-shubhrajyoti.datta@amd.com

parent edbe5942

drivers/edac/versal_edac.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -865,6 +865,9 @@ static ssize_t inject_data_ue_store(struct file file, const char __user data,
		for (i = 0; i < NUM_UE_BITPOS; i++)
		token[i] = strsep(&pbuf, ",");

		if (!token[0] \|\| !token[1])
		return -EFAULT;

		ret = kstrtou8(token[0], 0, &ue0);
		if (ret)
		return ret;