Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp1974678imm; Sat, 29 Sep 2018 07:51:08 -0700 (PDT) X-Google-Smtp-Source: ACcGV60qDZfRIx2OsF7xk6B35moNpLb9gugIXAUWj52TsSNskByrROrtkWfI7X7qnYukcOt6zqR9 X-Received: by 2002:a17:902:d808:: with SMTP id a8-v6mr3601435plz.306.1538232668675; Sat, 29 Sep 2018 07:51:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538232668; cv=none; d=google.com; s=arc-20160816; b=fVCPzpta4W4CfBsTJd3sVN5uMPoa8HALe7edNfWfu5pqf7NAqwQbtyGe4oFQvIEnVG XdxrcTWITEoNjdeDUklTFPnXTpmXAEkXJWWBFQSwAdSUQVMhDF3T4KcAv21rf4NPAU93 Ji1qkkmTusbkDddDBU2azdCq7Z4dQ2pVpDTfUlFBpAc328O3wTZC+Gk+g03rKrKx+lGJ 5JJ92vKyTLocoT3nayZDdZR0mKDUzwztMZP/Bu+xSEXrK3W4VpJop1V5GAK+qfH6qoiC yjGgCnKBEi7sbWtrg5CFiwfhnivrb06bU6Urlri2ycwvE3kD1RNxyFAkiMNBVxdL/7JP p62w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:to :from; bh=RDwB1j09qvYe1K/b6F/Kr9VyJZjIdOmbNA4GJ+5JIdE=; b=oFxskjfb/V28RXIALxtDqhD05TcMIUAbuz5gk4VVhbelOIQ380eeeZchQqX0aZ78sp NthKW4/ca4/2ZeNQAqKuKONlhOoe+ew2zK0or51zg5mEwLIHDG8PBZqa14eUuR4m/cx2 i6AxccdJkvu6Up3oax3Gy8evShNJh5dhQiWJ9TlChLrqndcCYiEgrXSpH38b2HGsJvgF r3dwq9Ldwoao7XalakIlMwbY8wH3Q4g8d6EDCqOMuhiY9BrP6g/yIgzRvCOG4A2Zcw6T oAsZPIMRq7O4q8iosDb3UXhfnSpUsMItOZqZZpH2RcZIPCttHv7G0gqRdipdNBmXqPQk n5CA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h36-v6si7185131pgm.125.2018.09.29.07.50.54; Sat, 29 Sep 2018 07:51:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728419AbeI2VTO (ORCPT + 99 others); Sat, 29 Sep 2018 17:19:14 -0400 Received: from mail5.windriver.com ([192.103.53.11]:59266 "EHLO mail5.wrs.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728278AbeI2VTN (ORCPT ); Sat, 29 Sep 2018 17:19:13 -0400 Received: from ALA-HCB.corp.ad.wrs.com (ala-hcb.corp.ad.wrs.com [147.11.189.41]) by mail5.wrs.com (8.15.2/8.15.2) with ESMTPS id w8TEnJOr026801 (version=TLSv1 cipher=AES128-SHA bits=128 verify=FAIL); Sat, 29 Sep 2018 07:49:30 -0700 Received: from pek-lpg-core2.corp.ad.wrs.com (128.224.153.41) by ALA-HCB.corp.ad.wrs.com (147.11.189.41) with Microsoft SMTP Server id 14.3.408.0; Sat, 29 Sep 2018 07:48:51 -0700 From: To: , , , , Subject: [PATCH v4 1/4] printk: Fix panic caused by passing log_buf_len to command line Date: Sat, 29 Sep 2018 22:48:46 +0800 Message-ID: <1538232529-72706-1-git-send-email-zhe.he@windriver.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: He Zhe log_buf_len_setup does not check input argument before passing it to simple_strtoull. The argument would be a NULL pointer if "log_buf_len", without its value, is set in command line and thus causes the following panic. PANIC: early exception 0xe3 IP 10:ffffffffaaeacd0d error 0 cr2 0x0 [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc4-yocto-standard+ #1 [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 ... [ 0.000000] Call Trace: [ 0.000000] simple_strtoull+0x29/0x70 [ 0.000000] memparse+0x26/0x90 [ 0.000000] log_buf_len_setup+0x17/0x22 [ 0.000000] do_early_param+0x57/0x8e [ 0.000000] parse_args+0x208/0x320 [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_options+0x29/0x2d [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_param+0x36/0x4d [ 0.000000] setup_arch+0x336/0x99e [ 0.000000] start_kernel+0x6f/0x4ee [ 0.000000] x86_64_start_reservations+0x24/0x26 [ 0.000000] x86_64_start_kernel+0x6f/0x72 [ 0.000000] secondary_startup_64+0xa4/0xb0 This patch adds a check to prevent the panic. Signed-off-by: He Zhe Cc: stable@vger.kernel.org Cc: pmladek@suse.com Cc: sergey.senozhatsky@gmail.com Cc: rostedt@goodmis.org --- v2: Split out the addition of pr_fmt and the unsigned update v3: Remove error message for NULL pointer Add check and error message for over 4G use v4: Split each piece into one patch kernel/printk/printk.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c index 9bf5404..06045ab 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c @@ -1048,7 +1048,12 @@ static void __init log_buf_len_update(unsigned size) /* save requested log_buf_len since it's too early to process it */ static int __init log_buf_len_setup(char *str) { - unsigned size = memparse(str, &str); + unsigned int size; + + if (!str) + return -EINVAL; + + size = memparse(str, &str); log_buf_len_update(size); -- 2.7.4