Commit-ID:  e8a308e5f47e545e0d41d0686c00f5f5217c5f61
Gitweb:     https://git.kernel.org/tip/e8a308e5f47e545e0d41d0686c00f5f5217c5f61
Author:     Vishal Verma <[email protected]>
AuthorDate: Thu, 25 Oct 2018 18:37:29 -0600
Committer:  Borislav Petkov <[email protected]>
CommitDate: Tue, 6 Nov 2018 19:13:26 +0100

acpi/nfit, x86/mce: Validate a MCE's address before using it

The NFIT machine check handler uses the physical address from the mce
structure, and compares it against information in the ACPI NFIT table
to determine whether that location lies on an NVDIMM. The mce->addr
field however may not always be valid, and this is indicated by the
MCI_STATUS_ADDRV bit in the status field.

Export mce_usable_address() which already performs validation for the
address, and use it in the NFIT handler.

Fixes: 6839a6d96f4e ("nfit: do an ARS scrub on hitting a latent media error")
Reported-by: Robert Elliott <[email protected]>
Signed-off-by: Vishal Verma <[email protected]>
Signed-off-by: Borislav Petkov <[email protected]>
CC: Arnd Bergmann <[email protected]>
Cc: Dan Williams <[email protected]>
CC: Dave Jiang <[email protected]>
CC: [email protected]
CC: "H. Peter Anvin" <[email protected]>
CC: Ingo Molnar <[email protected]>
CC: Len Brown <[email protected]>
CC: [email protected]
CC: linux-edac <[email protected]>
CC: [email protected]
CC: Qiuxu Zhuo <[email protected]>
CC: "Rafael J. Wysocki" <[email protected]>
CC: Ross Zwisler <[email protected]>
CC: stable <[email protected]>
CC: Thomas Gleixner <[email protected]>
CC: Tony Luck <[email protected]>
CC: x86-ml <[email protected]>
CC: Yazen Ghannam <[email protected]>
Link: http://lkml.kernel.org/r/[email protected]
---
 arch/x86/include/asm/mce.h       | 1 +
 arch/x86/kernel/cpu/mcheck/mce.c | 3 ++-
 drivers/acpi/nfit/mce.c          | 4 ++++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/mce.h b/arch/x86/include/asm/mce.h
index dbd9fe2f6163..c1a812bd5a27 100644
--- a/arch/x86/include/asm/mce.h
+++ b/arch/x86/include/asm/mce.h
@@ -222,6 +222,7 @@ static inline void mce_hygon_feature_init(struct 
cpuinfo_x86 *c) { return mce_am
 int mce_available(struct cpuinfo_x86 *c);
 bool mce_is_memory_error(struct mce *m);
 bool mce_is_correctable(struct mce *m);
+int mce_usable_address(struct mce *m);
 
 DECLARE_PER_CPU(unsigned, mce_exception_count);
 DECLARE_PER_CPU(unsigned, mce_poll_count);
diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c
index 77527b8ea982..36d2696c9563 100644
--- a/arch/x86/kernel/cpu/mcheck/mce.c
+++ b/arch/x86/kernel/cpu/mcheck/mce.c
@@ -485,7 +485,7 @@ static void mce_report_event(struct pt_regs *regs)
  * be somewhat complicated (e.g. segment offset would require an instruction
  * parser). So only support physical addresses up to page granuality for now.
  */
-static int mce_usable_address(struct mce *m)
+int mce_usable_address(struct mce *m)
 {
        if (!(m->status & MCI_STATUS_ADDRV))
                return 0;
@@ -505,6 +505,7 @@ static int mce_usable_address(struct mce *m)
 
        return 1;
 }
+EXPORT_SYMBOL_GPL(mce_usable_address);
 
 bool mce_is_memory_error(struct mce *m)
 {
diff --git a/drivers/acpi/nfit/mce.c b/drivers/acpi/nfit/mce.c
index 7a51707f87e9..d6c1b10f6c25 100644
--- a/drivers/acpi/nfit/mce.c
+++ b/drivers/acpi/nfit/mce.c
@@ -29,6 +29,10 @@ static int nfit_handle_mce(struct notifier_block *nb, 
unsigned long val,
        if (!mce_is_memory_error(mce) || mce_is_correctable(mce))
                return NOTIFY_DONE;
 
+       /* Verify the address reported in the MCE is valid. */
+       if (!mce_usable_address(mce))
+               return NOTIFY_DONE;
+
        /*
         * mce->addr contains the physical addr accessed that caused the
         * machine check. We need to walk through the list of NFITs, and see

Reply via email to