Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2072460imm; Sat, 29 Sep 2018 09:49:24 -0700 (PDT) X-Google-Smtp-Source: ACcGV60OMpuwe1DcBx/GOkx5mrd4o0gUFQstIY4Fto1HZ6Wl4wTgz2TO1LVHB9UHxjDod91truC0 X-Received: by 2002:a63:d60a:: with SMTP id q10-v6mr3485097pgg.175.1538239764406; Sat, 29 Sep 2018 09:49:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1538239764; cv=none; d=google.com; s=arc-20160816; b=lyM7qHah2/6Zhul0J048Yvh52yNwlOyWuaAkMx8VCiTK4Re4BxLmpXnoDpVVzwmvB0 CQFHWetDoq+UQqNxmj4ywxMTUCTKvZziTbLQbetSYwf+8rFj3J60HRpsEKmdAykikM/H wNoVewwV/f1oe1fASOqUESJdS+P202Vhq1L9tlEGpv/Q4+sRabpPQ+L/n2bNnrz618u5 3PJYIFk3r3LFNJH3FRxuaS/l5HPy0rd4CNgdN2WY0YEcmFqi+rLf4e2EtCddWgsMWdZo QYZugRUGu3IQEs0RIujEdYMx1M1/Ypn8zy+2kd3big5o+TFN5mnNq07DZ1+5D6GKVJey Jh8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:date:subject:to :from; bh=MyZH+W0Zcjl4xrSgAe9JDt4uu3S4U4ENg+h1BsvuL5U=; b=QNXP02Sshn4WikT+nroRocy+bJItM8y5ppWkTs82t5s9eWC3PJsLO975UERtrFsB7r mgfhhGh7YUsOh/7on0nWuyrSxHPP66ht8wpfT+4dE+hR3/trZwD7IYDI6+ZwytQltq+S ZRph5eu6KS6xDpsflKfb6HcQzedF9zK6u818kqOe7797kUivSCh9f4D1XEJuga0YceB1 vLON+W3RTeugmibfDadElXoHzEMO95mFAqFTFliOsdruJnw5CZVU3Jvh8VPkusVm5hTa pNs+vsFqkIHQhoN+ffG5Ty8M43Dhr96t4VHLbuRnzfON/Nffm4GRIlqXqG1TCwSqs3eu YsXA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1-v6si7921960plx.140.2018.09.29.09.49.09; Sat, 29 Sep 2018 09:49:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728520AbeI2XQX (ORCPT + 99 others); Sat, 29 Sep 2018 19:16:23 -0400 Received: from mail5.windriver.com ([192.103.53.11]:60240 "EHLO mail5.wrs.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728394AbeI2XQX (ORCPT ); Sat, 29 Sep 2018 19:16:23 -0400 Received: from ALA-HCA.corp.ad.wrs.com (ala-hca.corp.ad.wrs.com [147.11.189.40]) by mail5.wrs.com (8.15.2/8.15.2) with ESMTPS id w8TGk5At029114 (version=TLSv1 cipher=AES128-SHA bits=128 verify=FAIL); Sat, 29 Sep 2018 09:46:16 -0700 Received: from pek-lpg-core2.corp.ad.wrs.com (128.224.153.41) by ALA-HCA.corp.ad.wrs.com (147.11.189.40) with Microsoft SMTP Server id 14.3.408.0; Sat, 29 Sep 2018 09:45:55 -0700 From: To: , , , , Subject: [PATCH v5 1/4] printk: Fix panic caused by passing log_buf_len to command line Date: Sun, 30 Sep 2018 00:45:50 +0800 Message-ID: <1538239553-81805-1-git-send-email-zhe.he@windriver.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: He Zhe log_buf_len_setup does not check input argument before passing it to simple_strtoull. The argument would be a NULL pointer if "log_buf_len", without its value, is set in command line and thus causes the following panic. PANIC: early exception 0xe3 IP 10:ffffffffaaeacd0d error 0 cr2 0x0 [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 4.19.0-rc4-yocto-standard+ #1 [ 0.000000] RIP: 0010:_parse_integer_fixup_radix+0xd/0x70 ... [ 0.000000] Call Trace: [ 0.000000] simple_strtoull+0x29/0x70 [ 0.000000] memparse+0x26/0x90 [ 0.000000] log_buf_len_setup+0x17/0x22 [ 0.000000] do_early_param+0x57/0x8e [ 0.000000] parse_args+0x208/0x320 [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_options+0x29/0x2d [ 0.000000] ? rdinit_setup+0x30/0x30 [ 0.000000] parse_early_param+0x36/0x4d [ 0.000000] setup_arch+0x336/0x99e [ 0.000000] start_kernel+0x6f/0x4ee [ 0.000000] x86_64_start_reservations+0x24/0x26 [ 0.000000] x86_64_start_kernel+0x6f/0x72 [ 0.000000] secondary_startup_64+0xa4/0xb0 This patch adds a check to prevent the panic. Signed-off-by: He Zhe Cc: stable@vger.kernel.org Cc: pmladek@suse.com Cc: sergey.senozhatsky@gmail.com Cc: rostedt@goodmis.org --- v2: Split out the addition of pr_fmt and the unsigned update v3: Remove error message for NULL pointer Add check and error message for over 4G use v4: Split each piece into one patch v5: Remove a redundant print prefix kernel/printk/printk.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c index 9bf5404..06045ab 100644 --- a/kernel/printk/printk.c +++ b/kernel/printk/printk.c @@ -1048,7 +1048,12 @@ static void __init log_buf_len_update(unsigned size) /* save requested log_buf_len since it's too early to process it */ static int __init log_buf_len_setup(char *str) { - unsigned size = memparse(str, &str); + unsigned int size; + + if (!str) + return -EINVAL; + + size = memparse(str, &str); log_buf_len_update(size); -- 2.7.4