diff mbox

acpi: fix apei related table size checking

Message ID 4C49D3C5.4000007@kernel.org (mailing list archive)
State New, archived
Headers show

Commit Message

Yinghai Lu July 23, 2010, 5:39 p.m. UTC 
None
diff mbox

Patch

Index: linux-2.6/drivers/acpi/apei/einj.c
===================================================================
--- linux-2.6.orig/drivers/acpi/apei/einj.c
+++ linux-2.6/drivers/acpi/apei/einj.c
@@ -426,7 +426,8 @@  DEFINE_SIMPLE_ATTRIBUTE(error_inject_fop
 
 static int einj_check_table(struct acpi_table_einj *einj_tab)
 {
-	if (einj_tab->header_length != sizeof(struct acpi_table_einj))
+	if (einj_tab->header_length !=
+	    (sizeof(struct acpi_table_einj) - sizeof(einj_tab->header)))
 		return -EINVAL;
 	if (einj_tab->header.length < sizeof(struct acpi_table_einj))
 		return -EINVAL;
Index: linux-2.6/drivers/acpi/apei/erst.c
===================================================================
--- linux-2.6.orig/drivers/acpi/apei/erst.c
+++ linux-2.6/drivers/acpi/apei/erst.c
@@ -749,7 +749,8 @@  __setup("erst_disable", setup_erst_disab
 
 static int erst_check_table(struct acpi_table_erst *erst_tab)
 {
-	if (erst_tab->header_length != sizeof(struct acpi_table_erst))
+	if (erst_tab->header_length !=
+	    (sizeof(struct acpi_table_erst) - sizeof(erst_tab->header)))
 		return -EINVAL;
 	if (erst_tab->header.length < sizeof(struct acpi_table_erst))
 		return -EINVAL;
Index: linux-2.6/drivers/acpi/apei/apei-base.c
===================================================================
--- linux-2.6.orig/drivers/acpi/apei/apei-base.c
+++ linux-2.6/drivers/acpi/apei/apei-base.c
@@ -163,6 +163,7 @@  int apei_exec_run(struct apei_exec_conte
 	u32 i, ip;
 	struct acpi_whea_header *entry;
 	apei_exec_ins_func_t run;
+	bool found_action = false;
 
 	ctx->ip = 0;
 
@@ -178,6 +179,7 @@  rewind:
 		entry = &ctx->action_table[i];
 		if (entry->action != action)
 			continue;
+		found_action = true;
 		if (ip == ctx->ip) {
 			if (entry->instruction >= ctx->instructions ||
 			    !ctx->ins_table[entry->instruction].run) {
@@ -198,6 +200,9 @@  rewind:
 			goto rewind;
 	}
 
+	if (!found_action)
+		return -ENODEV;
+
 	return 0;
 }
 EXPORT_SYMBOL_GPL(apei_exec_run);