linux-xiaomi-chiron

History

Vitaly Kuznetsov 55f1ea1521 efi: Fix for_each_efi_memory_desc_in_map() for empty memmaps Commit: `78ce248faa` ("efi: Iterate over efi.memmap in for_each_efi_memory_desc()") introduced a regression for systems booted with the 'noefi' kernel option. In particular, I observed an early kernel hang in efi_find_mirror()'s for_each_efi_memory_desc() call. As we don't have efi memmap on this system we enter this iterator with the following parameters: efi.memmap.map = 0, efi.memmap.map_end = 0, efi.memmap.desc_size = 28 ... then for_each_efi_memory_desc_in_map() does the following comparison: (md) <= (efi_memory_desc_t *)((m)->map_end - (m)->desc_size); ... where md = 0, (m)->map_end = 0 and (m)->desc_size = 28 but when we subtract something from a NULL pointer wrap around happens and we end up returning invalid pointer and crash. Fix it by using the correct pointer arithmetics. Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com> Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: K. Y. Srinivasan <kys@microsoft.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mark Salter <msalter@redhat.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: linux-efi@vger.kernel.org Fixes: `78ce248faa` ("efi: Iterate over efi.memmap in for_each_efi_memory_desc()") Link: http://lkml.kernel.org/r/1464690224-4503-2-git-send-email-matt@codeblueprint.co.uk [ Made the changelog more readable. ] Signed-off-by: Ingo Molnar <mingo@kernel.org>		2016-06-03 09:57:35 +02:00
..
acpi	libnvdimm for 4.7	2016-05-23 11:18:01 -07:00
asm-generic	Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip	2016-05-25 17:11:43 -07:00
clocksource	clocksource: arm_arch_timer: Remove arch_timer_get_timecounter	2016-05-03 12:54:21 +02:00
crypto	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security	2016-05-19 09:21:36 -07:00
drm	Merge tag 'drm-intel-next-fixes-2016-05-25' of git://anongit.freedesktop.org/drm-intel into drm-next	2016-05-27 16:08:38 +10:00
dt-bindings	Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/rzhang/linux	2016-05-26 09:23:43 -07:00
keys
kvm	KVM: arm/arm64: vgic-new: implement mapped IRQ handling	2016-05-20 15:40:09 +02:00
linux	efi: Fix for_each_efi_memory_desc_in_map() for empty memmaps	2016-06-03 09:57:35 +02:00
math-emu
media	[media] media: rc: reduce size of struct ir_raw_event	2016-05-07 10:34:17 -03:00
memory
misc	cxl: Add kernel API to allow a context to operate with relocate disabled	2016-05-11 21:54:10 +10:00
net	ipv6: hide ip6_encap_hlen/ip6_tnl_encap definitions	2016-05-29 22:24:21 -07:00
pcmcia
ras
rdma	IB/core: Make device counter infrastructure dynamic	2016-05-26 12:52:51 -04:00
rxrpc
scsi	Merge branch '4.7/scsi-queue' of git://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi into for-4.7-zac	2016-05-09 12:34:39 -04:00
soc	ARC updates for 4.7-rc1	2016-05-19 09:46:18 -07:00
sound	ASoC: Updates for v4.7	2016-05-16 14:59:00 +02:00
target	Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending	2016-05-28 12:04:17 -07:00
trace	- move kvm_stat tool from QEMU repo into tools/kvm/kvm_stat	2016-05-27 13:41:54 -07:00
uapi	Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net	2016-05-31 22:28:28 -07:00
video	imx-drm probing fix	2016-05-25 12:36:20 +10:00
xen
Kbuild