| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240723020746.3945016-1-ruanjinjie@huawei.com> Date: Tue, 23 Jul 2024 10:07:46 +0800 From: Jinjie Ruan <ruanjinjie@...wei.com> To: <bhe@...hat.com>, <vgoyal@...hat.com>, <dyoung@...hat.com>, <paul.walmsley@...ive.com>, <palmer@...belt.com>, <aou@...s.berkeley.edu>, <rppt@...nel.org>, <kexec@...ts.infradead.org>, <linux-kernel@...r.kernel.org>, <linux-riscv@...ts.infradead.org>, <linux-arm-kernel@...ts.infradead.org> CC: <ruanjinjie@...wei.com> Subject: [PATCH v5] crash: Fix crash memory reserve exceed system memory bug On x86_32 Qemu machine with 1GB memory, the cmdline "crashkernel=4G" is ok as below: crashkernel reserved: 0x0000000020000000 - 0x0000000120000000 (4096 MB) It's similar on other architectures, such as ARM32 and RISCV32. The cause is that the crash_size is parsed and printed with "unsigned long long" data type which is 8 bytes but allocated used with "phys_addr_t" which is 4 bytes in memblock_phys_alloc_range(). Fix it by checking if crash_size is greater than system RAM size and return error if so. After this patch, there is no above confusing reserve success info. Signed-off-by: Jinjie Ruan <ruanjinjie@...wei.com> Suggested-by: Baoquan He <bhe@...hat.com> Suggested-by: Mike Rapoport <rppt@...nel.org> --- v5: - Fix it in common parse_crashkernel() instead of per-arch. - Add suggested-by. v4: - Update the warn info to align with parse_crashkernel_mem(). - Rebased on the "ARM: Use generic interface to simplify crashkernel reservation" patch. - Also fix for riscv32. - Update the commit message. v3: - Handle the check in reserve_crashkernel() Baoquan suggested. - Split x86_32 and arm32. - Add Suggested-by. - Drop the wrong fix tag. v2: - Also fix for x86_32. - Update the fix method. - Peel off the other two patches. - Update the commit message. --- kernel/crash_reserve.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/crash_reserve.c b/kernel/crash_reserve.c index ad5b3f2c5487..5387269114f6 100644 --- a/kernel/crash_reserve.c +++ b/kernel/crash_reserve.c @@ -335,6 +335,9 @@ int __init parse_crashkernel(char *cmdline, if (!*crash_size) ret = -EINVAL; + if (*crash_size >= system_ram) + ret = -EINVAL; + return ret; } -- 2.34.1
Powered by blists - more mailing lists