| Message ID | 20230202182538.29352-1-n.zhandarovich@fintech.ru |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp400278wrn;
Thu, 2 Feb 2023 10:29:06 -0800 (PST)
X-Google-Smtp-Source:
AK7set9UAxg2VbzWOHIqDtCFs/Mz7taullG6OB3Bo6MQy6iHTLN5V2mi8NYHOVVAKptZesH5o9Yh
X-Received: by 2002:a17:903:230f:b0:196:8071:2178 with SMTP id
d15-20020a170903230f00b0019680712178mr8173816plh.46.1675362545875;
Thu, 02 Feb 2023 10:29:05 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1675362545; cv=none;
d=google.com; s=arc-20160816;
b=f7hLnxzCvm+XI9EmAcSGArehgI80IUCiFs9Yyo8jyiOpW8sT55AW9MFU26FT+xBcQF
vCMsByzCHEkM/LcD39tGcprz8Px1O7BnDh6Wx7iHHNO7UWXwgabiHOR02I1N2x55GCYS
lS1UtDgP+Q+HUTyegSo9vvKHOsP7Yyy5bUX2frZdenKhVHTahvDOkdnZVSGofmrq14rb
anbLuTzSgnnv+2Ho0A0uRfekHLKLmATdGBUprj9xWpwywYkf5LlJNZ+UYkdNtHoMwX5b
pTk+4koBV8QaUolOUJOiqT+YlMJ+s0HZT6jvuAWJRD5YbB662KHK7fbnyrJrTEynaEyz
gD4Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from;
bh=xOBSl++lKFN17Bv9j4p+GrSZwmGkWWpiOWpkp4PUZtE=;
b=gncbeQk4np3WllIA95Y2G8VrBhY0ToQnM6D7VGrH2JGOU3C8icYT8kuQdghWAOzbcZ
uB4dlg9a0dbP7TfiXTCW9QGLzrnkId2p8VwtmPJsyH6Gk3nrTUDe3SSbw9fxJIqf1A5J
OKfSJSdEmkLDDhZPYUw2mcckqaRWhGvulya15skzUp1NBaKEGWmBPuWdebi45o/fjM/K
NuJfYshm3GofBq1HI3S0KLfi30sFO753LVxH60GQ/wRBZSu/fa3f5n7eHfwsX9PrHIDB
J0knm2ETY6l6LKNK/n2VRE4ssJeqbbYe27+P1AXJnDk0Z4BnEmHQiexu4B/YC8L7uxVp
9PPA==
ARC-Authentication-Results: i=1; mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
jh18-20020a170903329200b001964ea9909dsi19857676plb.404.2023.02.02.10.28.45;
Thu, 02 Feb 2023 10:29:05 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230456AbjBBS0B (ORCPT <rfc822;il.mystafa@gmail.com> + 99 others);
Thu, 2 Feb 2023 13:26:01 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59284 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230144AbjBBSZ7 (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Thu, 2 Feb 2023 13:25:59 -0500
Received: from exchange.fintech.ru (e10edge.fintech.ru [195.54.195.159])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE17B61D40
for <linux-kernel@vger.kernel.org>;
Thu, 2 Feb 2023 10:25:57 -0800 (PST)
Received: from Ex16-01.fintech.ru (10.0.10.18) by exchange.fintech.ru
(195.54.195.169) with Microsoft SMTP Server (TLS) id 14.3.498.0; Thu, 2 Feb
2023 21:25:55 +0300
Received: from localhost (10.0.253.157) by Ex16-01.fintech.ru (10.0.10.18)
with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Thu, 2 Feb 2023
21:25:54 +0300
From: Nikita Zhandarovich <n.zhandarovich@fintech.ru>
To: Dave Hansen <dave.hansen@linux.intel.com>
CC: Nikita Zhandarovich <n.zhandarovich@fintech.ru>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
<x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Tom Lendacky <thomas.lendacky@amd.com>,
<linux-kernel@vger.kernel.org>, <lvc-project@linuxtesting.org>
Subject: [PATCH] x86/mm: Fix use of uninitialized buffer in sme_enable()
Date: Thu, 2 Feb 2023 10:25:38 -0800
Message-ID: <20230202182538.29352-1-n.zhandarovich@fintech.ru>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Content-Transfer-Encoding: 7BIT
Content-Type: text/plain; charset=US-ASCII
X-Originating-IP: [10.0.253.157]
X-ClientProxiedBy: Ex16-01.fintech.ru (10.0.10.18) To Ex16-01.fintech.ru
(10.0.10.18)
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE,
SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1756744956898775669?=
X-GMAIL-MSGID: =?utf-8?q?1756744956898775669?=
|
| Series |
x86/mm: Fix use of uninitialized buffer in sme_enable()
|
|
Commit Message
Nikita Zhandarovich
Feb. 2, 2023, 6:25 p.m. UTC
cmdline_find_option() may fail before doing any initialization of
buffer array. This may lead to unpredictable results when the same
buffer is used later in calls to strncmp() function.
Fix the issue by initializing the buffer to an empty string.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 1cd9c22fee3a ("x86/mm/encrypt: Move page table helpers into separate translation unit")
Signed-off-by: Nikita Zhandarovich <n.zhandarovich@fintech.ru>
---
arch/x86/mm/mem_encrypt_identity.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
On Thu, Feb 02, 2023 at 10:25:38AM -0800, Nikita Zhandarovich wrote: > cmdline_find_option() may fail before doing any initialization of > buffer array. This may lead to unpredictable results when the same > buffer is used later in calls to strncmp() function. > Fix the issue by initializing the buffer to an empty string. I'd prefer if you test cmdline_find_option()'s return value instead and return early if -1. > Found by Linux Verification Center (linuxtesting.org) with SVACE. SVACE is? > Fixes: 1cd9c22fee3a ("x86/mm/encrypt: Move page table helpers into separate translation unit") The proper Fixes commit should be: aca20d546214 ("x86/mm: Add support to make use of Secure Memory Encryption") Thx.
diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index 88cccd65029d..6b84243bfd54 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -509,7 +509,7 @@ void __init sme_enable(struct boot_params *bp) unsigned long feature_mask; bool active_by_default; unsigned long me_mask; - char buffer[16]; + char buffer[16] = ""; bool snp; u64 msr;