Skip to content
Find file Blame History Permalink
  • Matt Fleming's avatar
    efi, pstore: Initialise 'entry' before iterating · 4ee39e97
    Matt Fleming authored 
    

Seiji reports hitting the following crash when erasing pstore dump
variables,

  BUG: unable to handle kernel NULL pointer dereference at 0000000000000fa4
  IP: [<ffffffff8142dadf>] __efivar_entry_iter+0x2f/0x120
  PGD 18482a067 PUD 190724067 PMD 0
  Oops: 0000 [#1] SMP
  [...]
  Call Trace:
   [<ffffffff8143001f>] efi_pstore_erase+0xdf/0x130
   [<ffffffff81200038>] ? cap_socket_create+0x8/0x10
   [<ffffffff811ea491>] pstore_unlink+0x41/0x60
   [<ffffffff811741ff>] vfs_unlink+0x9f/0x110
   [<ffffffff8117813b>] do_unlinkat+0x18b/0x280
   [<ffffffff81178472>] sys_unlinkat+0x22/0x40
   [<ffffffff81542402>] system_call_fastpath+0x16/0x1b

'entry' needs to be initialised in efi_pstore_erase() when iterating
with __efivar_entry_iter(), otherwise the garbage pointer will be
dereferenced, leading to crashes like the above.

Reported-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
Tested-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
Cc: Tony Luck <tony.luck@intel.com>
Cc: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
    4ee39e97