kernel_optimize_test/drivers
Toshi Kani c4cd52ab1e EDAC/ghes: Set the DIMM label unconditionally
commit 5e2805d5379619c4a2e3ae4994e73b36439f4bad upstream.

The commit

  cb51a371d0 ("EDAC/ghes: Setup DIMM label from DMI and use it in error reports")

enforced that both the bank and device strings passed to
dimm_setup_label() are not NULL.

However, there are BIOSes, for example on a

  HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 03/15/2019

which don't populate both strings:

  Handle 0x0020, DMI type 17, 84 bytes
  Memory Device
          Array Handle: 0x0013
          Error Information Handle: Not Provided
          Total Width: 72 bits
          Data Width: 64 bits
          Size: 32 GB
          Form Factor: DIMM
          Set: None
          Locator: PROC 1 DIMM 1        <===== device
          Bank Locator: Not Specified   <===== bank

This results in a buffer overflow because ghes_edac_register() calls
strlen() on an uninitialized label, which had non-zero values left over
from krealloc_array():

  detected buffer overflow in __fortify_strlen
   ------------[ cut here ]------------
   kernel BUG at lib/string_helpers.c:983!
   invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
   CPU: 1 PID: 1 Comm: swapper/0 Tainted: G          I       5.18.6-200.fc36.x86_64 #1
   Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 03/15/2019
   RIP: 0010:fortify_panic
   ...
   Call Trace:
    <TASK>
    ghes_edac_register.cold
    ghes_probe
    platform_probe
    really_probe
    __driver_probe_device
    driver_probe_device
    __driver_attach
    ? __device_attach_driver
    bus_for_each_dev
    bus_add_driver
    driver_register
    acpi_ghes_init
    acpi_init
    ? acpi_sleep_proc_init
    do_one_initcall

The label contains garbage because the commit in Fixes reallocs the
DIMMs array while scanning the system but doesn't clear the newly
allocated memory.

Change dimm_setup_label() to always initialize the label to fix the
issue. Set it to the empty string in case BIOS does not provide both
bank and device so that ghes_edac_register() can keep the default label
given by edac_mc_alloc_dimms().

  [ bp: Rewrite commit message. ]

Fixes: b9cae27728 ("EDAC/ghes: Scan the system once on driver init")
Co-developed-by: Robert Richter <rric@kernel.org>
Signed-off-by: Robert Richter <rric@kernel.org>
Signed-off-by: Toshi Kani <toshi.kani@hpe.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Tested-by: Robert Elliott <elliott@hpe.com>
Cc: <stable@vger.kernel.org>
Link: https://lore.kernel.org/r/20220719220124.760359-1-toshi.kani@hpe.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-08-03 12:00:50 +02:00
..
accessibility tty: the rest, stop using tty_schedule_flip() 2022-07-29 17:19:28 +02:00
acpi ACPI: property: Release subnode properties with data nodes 2022-06-09 10:21:23 +02:00
amba amba: Make the remove callback return void 2022-04-08 14:40:02 +02:00
android binder: fix handling of error during copy 2022-01-27 10:54:06 +01:00
ata ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() 2022-06-22 14:13:14 +02:00
atm atm: eni: Add check for dma_map_single 2022-03-23 09:13:27 +01:00
auxdisplay
base x86/bugs: Report AMD retbleed vulnerability 2022-07-25 11:26:40 +02:00
bcma
block xen/blkfront: force data bouncing when backend is untrusted 2022-07-07 17:52:22 +02:00
bluetooth Bluetooth: hci_qca: Use del_timer_sync() before freeing 2022-06-06 08:42:43 +02:00
bus bus: ti-sysc: Fix warnings for unbind for serial 2022-06-14 18:32:34 +02:00
cdrom
char random: update comment from copy_to_user() -> copy_to_iter() 2022-06-29 08:59:54 +02:00
clk clk: imx8mp: fix usb_root_clk parent 2022-06-22 14:13:20 +02:00
clocksource clocksource/drivers/ixp4xx: remove EXPORT_SYMBOL_GPL from ixp4xx_timer_setup() 2022-07-07 17:52:23 +02:00
connector
counter counter: stm32-lptimer-cnt: remove iio counter abi 2022-01-27 10:54:08 +01:00
cpufreq cpufreq: pmac32-cpufreq: Fix refcount leak bug 2022-07-21 21:20:14 +02:00
cpuidle
crypto crypto: sun8i-ss - handle zero sized sg 2022-06-09 10:21:17 +02:00
dax dax: make sure inodes are flushed before destroy cache 2022-04-08 14:40:16 +02:00
dca
devfreq PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events 2022-07-07 17:52:18 +02:00
dio
dma dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate 2022-07-12 16:32:23 +02:00
dma-buf udmabuf: add back sanity check 2022-06-29 08:59:48 +02:00
edac EDAC/ghes: Set the DIMM label unconditionally 2022-08-03 12:00:50 +02:00
eisa
extcon extcon: Modify extcon device to be created after driver data is set 2022-06-14 18:32:43 +02:00
firewire firewire: core: extend card->lock in fw_core_handle_bus_reset 2022-05-12 12:25:32 +02:00
firmware firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle 2022-06-14 18:32:34 +02:00
fpga
fsi fsi: Aspeed: Fix a potential double free 2022-04-08 14:40:23 +02:00
gnss
gpio gpio: pca953x: use the correct register address when regcache sync during init 2022-07-29 17:19:19 +02:00
gpu nouveau/svm: Fix to migrate all requested pages 2022-08-03 12:00:44 +02:00
greybus greybus: svc: fix an error handling bug in gb_svc_hello() 2022-04-08 14:39:50 +02:00
hid HID: elan: Fix potential double free in elan_input_configured 2022-06-09 10:21:02 +02:00
hsi HSI: core: Fix return freed object in hsi_new_client 2022-01-27 10:54:12 +01:00
hv Drivers: hv: vmbus: Release cpu lock in error case 2022-06-22 14:13:16 +02:00
hwmon hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails 2022-07-07 17:52:20 +02:00
hwspinlock
hwtracing coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier 2022-06-14 18:32:32 +02:00
i2c i2c: cadence: Change large transfer count reset logic to be unconditional 2022-07-29 17:19:15 +02:00
i3c
ide
idle intel_idle: Disable IBRS during long idle 2022-07-25 11:26:43 +02:00
iio iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client 2022-06-29 08:59:52 +02:00
infiniband RDMA/cm: Fix memory leak in ib_cm_insert_listen 2022-07-07 17:52:17 +02:00
input Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq 2022-06-22 14:13:14 +02:00
interconnect interconnect: Restore sync state by ignoring ipa-virt in provider count 2022-06-14 18:32:47 +02:00
iommu iommu/vt-d: Fix PCI bus rescan device hot add 2022-07-12 16:32:18 +02:00
ipack
irqchip irqchip: or1k-pic: Undefine mask_ack for level triggered hardware 2022-07-21 21:20:17 +02:00
isdn isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() 2022-03-16 14:15:57 +01:00
leds
lightnvm lightnvm: disable the subsystem 2022-05-09 09:04:56 +02:00
macintosh macintosh: via-pmu and via-cuda need RTC_LIB 2022-06-09 10:21:18 +02:00
mailbox mailbox: forward the hrtimer if not queued and under a lock 2022-06-09 10:21:18 +02:00
mcb
md dm raid: fix KASAN warning in raid5_add_disks 2022-07-07 17:52:16 +02:00
media media: coda: Add more H264 levels for CODA960 2022-06-09 10:21:25 +02:00
memory memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings 2022-06-29 08:59:54 +02:00
memstick
message
mfd mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() 2022-06-09 10:21:18 +02:00
misc misc: rtsx_usb: set return value in rsp_buf alloc err path 2022-07-12 16:32:22 +02:00
mmc mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing 2022-06-29 08:59:45 +02:00
most
mtd Revert "mtd: rawnand: gpmi: Fix setting busy timeout setting" 2022-07-15 10:14:00 +02:00
mux
net mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. 2022-08-03 12:00:50 +02:00
nfc NFC: nxp-nci: don't print header length mismatch on i2c error 2022-07-21 21:20:14 +02:00
ntb ntb: intel: fix port config status offset for SPR 2022-03-08 19:09:32 +01:00
nubus
nvdimm nvdimm: Fix badblocks clear off-by-one error 2022-07-07 17:52:15 +02:00
nvme nvme-pci: phison e16 has bogus namespace ids 2022-07-21 21:20:17 +02:00
nvmem nvmem: core: set size for sysfs bin file 2022-01-27 10:54:22 +01:00
of of: overlay: do not break notify on NOTIFY_{OK|STOP} 2022-06-09 10:21:03 +02:00
opp OPP: call of_node_put() on error path in _bandwidth_supported() 2022-06-09 10:21:18 +02:00
oprofile
parisc parisc: Fix CPU affinity for Lasi, WAX and Dino chips 2022-04-13 21:01:03 +02:00
parport
pci PCI: hv: Fix interrupt mapping for multi-MSI 2022-07-29 17:19:10 +02:00
pcmcia pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards 2022-06-14 18:32:30 +02:00
perf arm_pmu: Validate single/group leader events 2022-04-27 13:53:55 +02:00
phy phy: qcom-qmp: fix pipe-clock imbalance on power-on failure 2022-06-14 18:32:32 +02:00
pinctrl pinctrl: stm32: fix optional IRQ support to gpios 2022-07-29 17:19:06 +02:00
platform platform/x86: hp-wmi: Ignore Sanitization Mode event 2022-07-21 21:20:14 +02:00
pnp
power power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe 2022-07-29 17:19:10 +02:00
powercap
pps
ps3
ptp ptp: replace snprintf with sysfs_emit 2022-04-13 21:00:55 +02:00
pwm pwm: lp3943: Fix duty calculation in case period was clamped 2022-06-14 18:32:31 +02:00
rapidio
ras
regulator regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt 2022-06-09 10:21:07 +02:00
remoteproc remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region 2022-04-08 14:40:26 +02:00
reset reset: tegra-bpmp: Restore Handle errors in BPMP response 2022-04-27 13:53:52 +02:00
rpmsg rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails 2022-06-14 18:32:32 +02:00
rtc rtc: mt6397: check return value after calling platform_get_resource() 2022-06-14 18:32:33 +02:00
s390 tty: the rest, stop using tty_schedule_flip() 2022-07-29 17:19:28 +02:00
sbus
scsi scsi: ufs: host: Hold reference returned by of_parse_phandle() 2022-08-03 12:00:45 +02:00
sfi
sh
siox
slimbus slimbus: qcom: Fix IRQ check in qcom_slim_probe 2022-05-18 10:23:47 +02:00
soc soc: ixp4xx/npe: Fix unused match warning 2022-07-21 21:20:17 +02:00
soundwire soundwire: intel: fix wrong register name in intel_shim_wake 2022-04-08 14:40:24 +02:00
spi spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers 2022-07-29 17:19:23 +02:00
spmi
ssb
staging pinctrl: ralink: Check for null return of devm_kcalloc 2022-07-29 17:19:11 +02:00
target target: remove an incorrect unmap zeroes data deduction 2022-06-09 10:21:01 +02:00
tc
tee optee: use driver internal tee_context for some rpc 2022-03-02 11:42:47 +01:00
thermal thermal/core: Fix memory leak in the error path 2022-06-09 10:21:30 +02:00
thunderbolt thunderbolt: Runtime PM activate both ends of the device link 2022-01-27 10:54:14 +01:00
tty tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() 2022-07-29 17:19:28 +02:00
uio
usb usb: dwc3: gadget: Fix event pending check 2022-07-21 21:20:18 +02:00
vdpa vdpasim: allow to enable a vq repeatedly 2022-06-09 10:21:29 +02:00
vfio amba: Make the remove callback return void 2022-04-08 14:40:02 +02:00
vhost vringh: Fix loop descriptors check in the indirect cases 2022-06-14 18:32:45 +02:00
video fbcon: Prevent that screen size is smaller than font size 2022-07-12 16:32:18 +02:00
virt
virtio virtio_mmio: Restore guest page size on resume 2022-07-21 21:20:13 +02:00
visorbus
vlynq
vme
w1 w1: w1_therm: fixes w1_seq for ds28ea00 sensors 2022-04-13 21:01:01 +02:00
watchdog watchdog: wdat_wdt: Stop watchdog when rebooting the system 2022-06-14 18:32:43 +02:00
xen xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE 2022-07-29 17:19:07 +02:00
zorro
Kconfig
Makefile