| Message ID | 20211011075638.23785-1-luca.fancellu@arm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | arm/efi: Fix null pointer dereference | expand |
Hi Luca, > On 11 Oct 2021, at 08:56, Luca Fancellu <Luca.Fancellu@arm.com> wrote: > > Fix for commit 60649d443dc395243e74d2b3e05594ac0c43cfe3 > that introduces a null pointer dereference when the > fdt_node_offset_by_compatible is called with "fdt" > argument null. > > Reported-by: Julien Grall <julien@xen.org> > Fixes: 60649d443d ("arm/efi: Introduce xen,uefi-cfg-load DT property") > Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com> Cheers Bertrand > --- > xen/arch/arm/efi/efi-boot.h | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/xen/arch/arm/efi/efi-boot.h b/xen/arch/arm/efi/efi-boot.h > index a3e46453d4..e63dafac26 100644 > --- a/xen/arch/arm/efi/efi-boot.h > +++ b/xen/arch/arm/efi/efi-boot.h > @@ -593,7 +593,8 @@ static bool __init efi_arch_use_config_file(EFI_SYSTEM_TABLE *SystemTable) > dtbfile.ptr = fdt; > dtbfile.need_to_free = false; /* Config table memory can't be freed. */ > > - if ( fdt_node_offset_by_compatible(fdt, 0, "multiboot,module") > 0 ) > + if ( fdt && > + (fdt_node_offset_by_compatible(fdt, 0, "multiboot,module") > 0) ) > { > /* Locate chosen node */ > int node = fdt_subnode_offset(fdt, 0, "chosen"); > -- > 2.17.1 >
On Mon, 11 Oct 2021, Bertrand Marquis wrote: > Hi Luca, > > > On 11 Oct 2021, at 08:56, Luca Fancellu <Luca.Fancellu@arm.com> wrote: > > > > Fix for commit 60649d443dc395243e74d2b3e05594ac0c43cfe3 > > that introduces a null pointer dereference when the > > fdt_node_offset_by_compatible is called with "fdt" > > argument null. > > > > Reported-by: Julien Grall <julien@xen.org> > > Fixes: 60649d443d ("arm/efi: Introduce xen,uefi-cfg-load DT property") > > Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> > Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> > > --- > > xen/arch/arm/efi/efi-boot.h | 3 ++- > > 1 file changed, 2 insertions(+), 1 deletion(-) > > > > diff --git a/xen/arch/arm/efi/efi-boot.h b/xen/arch/arm/efi/efi-boot.h > > index a3e46453d4..e63dafac26 100644 > > --- a/xen/arch/arm/efi/efi-boot.h > > +++ b/xen/arch/arm/efi/efi-boot.h > > @@ -593,7 +593,8 @@ static bool __init efi_arch_use_config_file(EFI_SYSTEM_TABLE *SystemTable) > > dtbfile.ptr = fdt; > > dtbfile.need_to_free = false; /* Config table memory can't be freed. */ > > > > - if ( fdt_node_offset_by_compatible(fdt, 0, "multiboot,module") > 0 ) > > + if ( fdt && > > + (fdt_node_offset_by_compatible(fdt, 0, "multiboot,module") > 0) ) > > { > > /* Locate chosen node */ > > int node = fdt_subnode_offset(fdt, 0, "chosen"); > > -- > > 2.17.1 > > >
diff --git a/xen/arch/arm/efi/efi-boot.h b/xen/arch/arm/efi/efi-boot.h index a3e46453d4..e63dafac26 100644 --- a/xen/arch/arm/efi/efi-boot.h +++ b/xen/arch/arm/efi/efi-boot.h @@ -593,7 +593,8 @@ static bool __init efi_arch_use_config_file(EFI_SYSTEM_TABLE *SystemTable) dtbfile.ptr = fdt; dtbfile.need_to_free = false; /* Config table memory can't be freed. */ - if ( fdt_node_offset_by_compatible(fdt, 0, "multiboot,module") > 0 ) + if ( fdt && + (fdt_node_offset_by_compatible(fdt, 0, "multiboot,module") > 0) ) { /* Locate chosen node */ int node = fdt_subnode_offset(fdt, 0, "chosen");
Fix for commit 60649d443dc395243e74d2b3e05594ac0c43cfe3 that introduces a null pointer dereference when the fdt_node_offset_by_compatible is called with "fdt" argument null. Reported-by: Julien Grall <julien@xen.org> Fixes: 60649d443d ("arm/efi: Introduce xen,uefi-cfg-load DT property") Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> --- xen/arch/arm/efi/efi-boot.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)