lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 28 Jul 2018 14:05:19 -0700
From:   Erik Schmauss <erik.schmauss@...el.com>
To:     linux-acpi@...r.kernel.org, rafael@...nel.org
Cc:     gregkh@...uxfoundation.org, linux-kernel@...r.kernel.org,
        oleksandr@...alenko.name, torvalds@...ux-foundation.org,
        Erik Schmauss <erik.schmauss@...el.com>
Subject: [PATCH] ACPICA: AML Parser: ignore control method status in module-level code

Previous change in the AML parser code blindly set all non-successful
dispatcher statuses to AE_OK. This approach is incorrect because
successful control method invocations from module-level return
AE_CTRL_TRANSFER. Overwriting AE_OK to this status causes the AML
parser to think that there was no return value from the control
method invocation.

fixes: 73c2a01c52b6 (ACPICA: AML Parser: ignore dispatcher error status during table load)

Reported-by: Linus Torvalds <torvalds@...ux-foundation.org>
Tested-by: Linus Torvalds <torvalds@...ux-foundation.org>
Tested-by: Oleksandr Natalenko <oleksandr@...alenko.name>
Signed-off-by: Erik Schmauss <erik.schmauss@...el.com>
---
 drivers/acpi/acpica/psloop.c | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/drivers/acpi/acpica/psloop.c b/drivers/acpi/acpica/psloop.c
index ee840be150b5..44f35ab3347d 100644
--- a/drivers/acpi/acpica/psloop.c
+++ b/drivers/acpi/acpica/psloop.c
@@ -709,15 +709,20 @@ acpi_status acpi_ps_parse_loop(struct acpi_walk_state *walk_state)
 			} else
 			    if ((walk_state->
 				 parse_flags & ACPI_PARSE_MODULE_LEVEL)
+				&& status != AE_CTRL_TRANSFER
 				&& ACPI_FAILURE(status)) {
 				/*
-				 * ACPI_PARSE_MODULE_LEVEL means that we are loading a table by
-				 * executing it as a control method. However, if we encounter
-				 * an error while loading the table, we need to keep trying to
-				 * load the table rather than aborting the table load. Set the
-				 * status to AE_OK to proceed with the table load. If we get a
-				 * failure at this point, it means that the dispatcher got an
-				 * error while processing Op (most likely an AML operand error.
+				 * ACPI_PARSE_MODULE_LEVEL flag means that we are currently
+				 * loading a table by executing it as a control method.
+				 * However, if we encounter an error while loading the table,
+				 * we need to keep trying to load the table rather than
+				 * aborting the table load (setting the status to AE_OK
+				 * continues the table load). If we get a failure at this
+				 * point, it means that the dispatcher got an error while
+				 * processing Op (most likely an AML operand error) or a
+				 * control method was called from module level and the
+				 * dispatcher returned AE_CTRL_TRANSFER. In the latter case,
+				 * leave the status alone, there's nothing wrong with it.
 				 */
 				status = AE_OK;
 			}
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ