From patchwork Fri Jul 23 17:39:17 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yinghai Lu X-Patchwork-Id: 113953 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter.kernel.org (8.14.4/8.14.3) with ESMTP id o6NHeNIK021160 for ; Fri, 23 Jul 2010 17:40:48 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755297Ab0GWRkW (ORCPT ); Fri, 23 Jul 2010 13:40:22 -0400 Received: from rcsinet10.oracle.com ([148.87.113.121]:40390 "EHLO rcsinet10.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752644Ab0GWRkV (ORCPT ); Fri, 23 Jul 2010 13:40:21 -0400 Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by rcsinet10.oracle.com (Switch-3.4.2/Switch-3.4.2) with ESMTP id o6NHdRF4014354 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 23 Jul 2010 17:39:29 GMT Received: from acsmt353.oracle.com (acsmt353.oracle.com [141.146.40.153]) by acsinet15.oracle.com (Switch-3.4.2/Switch-3.4.1) with ESMTP id o6NHdOrF016333; Fri, 23 Jul 2010 17:39:25 GMT Received: from abhmt021.oracle.com by acsmt353.oracle.com with ESMTP id 431807681279906759; Fri, 23 Jul 2010 10:39:19 -0700 Received: from [10.6.76.26] (/10.6.76.26) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Fri, 23 Jul 2010 10:39:19 -0700 Message-ID: <4C49D3C5.4000007@kernel.org> Date: Fri, 23 Jul 2010 10:39:17 -0700 From: Yinghai Lu User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.10) Gecko/20100520 SUSE/3.0.5 Thunderbird/3.0.5 MIME-Version: 1.0 To: Len Brown , Huang Ying , Andi Kleen CC: Stephen Rothwell , Tejun Heo , Daniel J Blueman , linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] acpi: fix apei related table size checking X-Source-IP: acsmt353.oracle.com [141.146.40.153] X-Auth-Type: Internal IP X-CT-RefId: str=0001.0A090208.4C49D3CF.00E2,ss=1,fgs=0 Sender: linux-acpi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-acpi@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.3 (demeter.kernel.org [140.211.167.41]); Fri, 23 Jul 2010 17:40:50 +0000 (UTC) Index: linux-2.6/drivers/acpi/apei/einj.c =================================================================== --- linux-2.6.orig/drivers/acpi/apei/einj.c +++ linux-2.6/drivers/acpi/apei/einj.c @@ -426,7 +426,8 @@ DEFINE_SIMPLE_ATTRIBUTE(error_inject_fop static int einj_check_table(struct acpi_table_einj *einj_tab) { - if (einj_tab->header_length != sizeof(struct acpi_table_einj)) + if (einj_tab->header_length != + (sizeof(struct acpi_table_einj) - sizeof(einj_tab->header))) return -EINVAL; if (einj_tab->header.length < sizeof(struct acpi_table_einj)) return -EINVAL; Index: linux-2.6/drivers/acpi/apei/erst.c =================================================================== --- linux-2.6.orig/drivers/acpi/apei/erst.c +++ linux-2.6/drivers/acpi/apei/erst.c @@ -749,7 +749,8 @@ __setup("erst_disable", setup_erst_disab static int erst_check_table(struct acpi_table_erst *erst_tab) { - if (erst_tab->header_length != sizeof(struct acpi_table_erst)) + if (erst_tab->header_length != + (sizeof(struct acpi_table_erst) - sizeof(erst_tab->header))) return -EINVAL; if (erst_tab->header.length < sizeof(struct acpi_table_erst)) return -EINVAL; Index: linux-2.6/drivers/acpi/apei/apei-base.c =================================================================== --- linux-2.6.orig/drivers/acpi/apei/apei-base.c +++ linux-2.6/drivers/acpi/apei/apei-base.c @@ -163,6 +163,7 @@ int apei_exec_run(struct apei_exec_conte u32 i, ip; struct acpi_whea_header *entry; apei_exec_ins_func_t run; + bool found_action = false; ctx->ip = 0; @@ -178,6 +179,7 @@ rewind: entry = &ctx->action_table[i]; if (entry->action != action) continue; + found_action = true; if (ip == ctx->ip) { if (entry->instruction >= ctx->instructions || !ctx->ins_table[entry->instruction].run) { @@ -198,6 +200,9 @@ rewind: goto rewind; } + if (!found_action) + return -ENODEV; + return 0; } EXPORT_SYMBOL_GPL(apei_exec_run);