• George Cherian's avatar
    ACPI / CPPC: Fix KASAN global out of bounds warning · 1ecbd717
    George Cherian authored
    Default value of pcc_subspace_idx is -1.
    Make sure to check pcc_subspace_idx before using the same as array index.
    This will avoid following KASAN warnings too.
    
    [   15.113449] ==================================================================
    [   15.116983] BUG: KASAN: global-out-of-bounds in cppc_get_perf_caps+0xf3/0x3b0
    [   15.116983] Read of size 8 at addr ffffffffb9a5c0d8 by task swapper/0/1
    [   15.116983] CPU: 3 PID: 1 Comm: swapper/0 Not tainted 4.15.0-rc2+ #2
    [   15.116983] Hardware name: Dell Inc. OptiPlex 7040/0Y7WYT, BIOS 1.2.8 01/26/2016
    [   15.116983] Call Trace:
    [   15.116983]  dump_stack+0x7c/0xbb
    [   15.116983]  print_address_description+0x1df/0x290
    [   15.116983]  kasan_report+0x28a/0x370
    [   15.116983]  ? cppc_get_perf_caps+0xf3/0x3b0
    [   15.116983]  cppc_get_perf_caps+0xf3/0x3b0
    [   15.116983]  ? cpc_read+0x210/0x210
    [   15.116983]  ? __rdmsr_on_cpu+0x90/0x90
    [   15.116983]  ? rdmsrl_on_cpu+0xa9/0xe0
    [   15.116983]  ? rdmsr_on_cpu+0x100/0x100
    [   15.116983]  ? wrmsrl_on_cpu+0x9c/0xd0
    [   15.116983]  ? wrmsrl_on_cpu+0x9c/0xd0
    [   15.116983]  ? wrmsr_on_cpu+0xe0/0xe0
    [   15.116983]  __intel_pstate_cpu_init.part.16+0x3a2/0x530
    [   15.116983]  ? intel_pstate_init_cpu+0x197/0x390
    [   15.116983]  ? show_no_turbo+0xe0/0xe0
    [   15.116983]  ? __lockdep_init_map+0xa0/0x290
    [   15.116983]  intel_pstate_cpu_init+0x30/0x60
    [   15.116983]  cpufreq_online+0x155/0xac0
    [   15.116983]  cpufreq_add_dev+0x9b/0xb0
    [   15.116983]  subsys_interface_register+0x1ae/0x290
    [   15.116983]  ? bus_unregister_notifier+0x40/0x40
    [   15.116983]  ? mark_held_locks+0x83/0xb0
    [   15.116983]  ? _raw_write_unlock_irqrestore+0x32/0x60
    [   15.116983]  ? intel_pstate_setup+0xc/0x104
    [   15.116983]  ? intel_pstate_setup+0xc/0x104
    [   15.116983]  ? cpufreq_register_driver+0x1ce/0x2b0
    [   15.116983]  cpufreq_register_driver+0x1ce/0x2b0
    [   15.116983]  ? intel_pstate_setup+0x104/0x104
    [   15.116983]  intel_pstate_register_driver+0x3a/0xa0
    [   15.116983]  intel_pstate_init+0x3c4/0x434
    [   15.116983]  ? intel_pstate_setup+0x104/0x104
    [   15.116983]  ? intel_pstate_setup+0x104/0x104
    [   15.116983]  do_one_initcall+0x9c/0x206
    [   15.116983]  ? parameq+0xa0/0xa0
    [   15.116983]  ? initcall_blacklisted+0x150/0x150
    [   15.116983]  ? lock_downgrade+0x2c0/0x2c0
    [   15.116983]  kernel_init_freeable+0x327/0x3f0
    [   15.116983]  ? start_kernel+0x612/0x612
    [   15.116983]  ? _raw_spin_unlock_irq+0x29/0x40
    [   15.116983]  ? finish_task_switch+0xdd/0x320
    [   15.116983]  ? finish_task_switch+0x8e/0x320
    [   15.116983]  ? rest_init+0xd0/0xd0
    [   15.116983]  kernel_init+0xf/0x11a
    [   15.116983]  ? rest_init+0xd0/0xd0
    [   15.116983]  ret_from_fork+0x24/0x30
    
    [   15.116983] The buggy address belongs to the variable:
    [   15.116983]  __key.36299+0x38/0x40
    
    [   15.116983] Memory state around the buggy address:
    [   15.116983]  ffffffffb9a5bf80: fa fa fa fa 00 fa fa fa fa fa fa fa 00 fa fa fa
    [   15.116983]  ffffffffb9a5c000: fa fa fa fa 00 fa fa fa fa fa fa fa 00 fa fa fa
    [   15.116983] >ffffffffb9a5c080: fa fa fa fa 00 fa fa fa fa fa fa fa 00 00 00 00
    [   15.116983]                                                     ^
    [   15.116983]  ffffffffb9a5c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    [   15.116983]  ffffffffb9a5c180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    [   15.116983] ==================================================================
    
    Fixes: 85b1407b (ACPI / CPPC: Make CPPC ACPI driver aware of PCC subspace IDs)
    Reported-by: 's avatarChangbin Du <changbin.du@intel.com>
    Signed-off-by: 's avatarGeorge Cherian <george.cherian@cavium.com>
    Signed-off-by: 's avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
    1ecbd717
Name
Last commit
Last update
..
acpica Loading commit data...
apei Loading commit data...
arm64 Loading commit data...
dptf Loading commit data...
nfit Loading commit data...
pmic Loading commit data...
x86 Loading commit data...
Kconfig Loading commit data...
Makefile Loading commit data...
ac.c Loading commit data...
acpi_amba.c Loading commit data...
acpi_apd.c Loading commit data...
acpi_cmos_rtc.c Loading commit data...
acpi_configfs.c Loading commit data...
acpi_dbg.c Loading commit data...
acpi_extlog.c Loading commit data...
acpi_ipmi.c Loading commit data...
acpi_lpat.c Loading commit data...
acpi_lpit.c Loading commit data...
acpi_lpss.c Loading commit data...
acpi_memhotplug.c Loading commit data...
acpi_pad.c Loading commit data...
acpi_platform.c Loading commit data...
acpi_pnp.c Loading commit data...
acpi_processor.c Loading commit data...
acpi_video.c Loading commit data...
acpi_watchdog.c Loading commit data...
battery.c Loading commit data...
battery.h Loading commit data...
bgrt.c Loading commit data...
blacklist.c Loading commit data...
bus.c Loading commit data...
button.c Loading commit data...
cm_sbs.c Loading commit data...
container.c Loading commit data...
cppc_acpi.c Loading commit data...
custom_method.c Loading commit data...
debugfs.c Loading commit data...
device_pm.c Loading commit data...
device_sysfs.c Loading commit data...
dock.c Loading commit data...
ec.c Loading commit data...
ec_sys.c Loading commit data...
event.c Loading commit data...
evged.c Loading commit data...
fan.c Loading commit data...
glue.c Loading commit data...
hed.c Loading commit data...
internal.h Loading commit data...
ioapic.c Loading commit data...
irq.c Loading commit data...
numa.c Loading commit data...
nvs.c Loading commit data...
osi.c Loading commit data...
osl.c Loading commit data...
pci_irq.c Loading commit data...
pci_link.c Loading commit data...
pci_mcfg.c Loading commit data...
pci_root.c Loading commit data...
pci_slot.c Loading commit data...
power.c Loading commit data...
proc.c Loading commit data...
processor_core.c Loading commit data...
processor_driver.c Loading commit data...
processor_idle.c Loading commit data...
processor_pdc.c Loading commit data...
processor_perflib.c Loading commit data...
processor_thermal.c Loading commit data...
processor_throttling.c Loading commit data...
property.c Loading commit data...
reboot.c Loading commit data...
resource.c Loading commit data...
sbs.c Loading commit data...
sbshc.c Loading commit data...
sbshc.h Loading commit data...
scan.c Loading commit data...
sleep.c Loading commit data...
sleep.h Loading commit data...
spcr.c Loading commit data...
sysfs.c Loading commit data...
tables.c Loading commit data...
thermal.c Loading commit data...
utils.c Loading commit data...
video_detect.c Loading commit data...
wakeup.c Loading commit data...