| From 2bd33db2a01130c93c26c5faa66cf69a86105122 Mon Sep 17 00:00:00 2001 |
| From: Vasily Gorbik <gor@linux.ibm.com> |
| Date: Tue, 17 Sep 2019 22:59:03 +0200 |
| Subject: [PATCH] s390/topology: avoid firing events before kobjs are created |
| |
| commit f3122a79a1b0a113d3aea748e0ec26f2cb2889de upstream. |
| |
| arch_update_cpu_topology is first called from: |
| kernel_init_freeable->sched_init_smp->sched_init_domains |
| |
| even before cpus has been registered in: |
| kernel_init_freeable->do_one_initcall->s390_smp_init |
| |
| Do not trigger kobject_uevent change events until cpu devices are |
| actually created. Fixes the following kasan findings: |
| |
| BUG: KASAN: global-out-of-bounds in kobject_uevent_env+0xb40/0xee0 |
| Read of size 8 at addr 0000000000000020 by task swapper/0/1 |
| |
| BUG: KASAN: global-out-of-bounds in kobject_uevent_env+0xb36/0xee0 |
| Read of size 8 at addr 0000000000000018 by task swapper/0/1 |
| |
| CPU: 0 PID: 1 Comm: swapper/0 Tainted: G B |
| Hardware name: IBM 3906 M04 704 (LPAR) |
| Call Trace: |
| ([<0000000143c6db7e>] show_stack+0x14e/0x1a8) |
| [<0000000145956498>] dump_stack+0x1d0/0x218 |
| [<000000014429fb4c>] print_address_description+0x64/0x380 |
| [<000000014429f630>] __kasan_report+0x138/0x168 |
| [<0000000145960b96>] kobject_uevent_env+0xb36/0xee0 |
| [<0000000143c7c47c>] arch_update_cpu_topology+0x104/0x108 |
| [<0000000143df9e22>] sched_init_domains+0x62/0xe8 |
| [<000000014644c94a>] sched_init_smp+0x3a/0xc0 |
| [<0000000146433a20>] kernel_init_freeable+0x558/0x958 |
| [<000000014599002a>] kernel_init+0x22/0x160 |
| [<00000001459a71d4>] ret_from_fork+0x28/0x30 |
| [<00000001459a71dc>] kernel_thread_starter+0x0/0x10 |
| |
| Cc: stable@vger.kernel.org |
| Reviewed-by: Heiko Carstens <heiko.carstens@de.ibm.com> |
| Signed-off-by: Vasily Gorbik <gor@linux.ibm.com> |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/arch/s390/kernel/topology.c b/arch/s390/kernel/topology.c |
| index 8964a3f60aad..cea6eb7b2a20 100644 |
| --- a/arch/s390/kernel/topology.c |
| +++ b/arch/s390/kernel/topology.c |
| @@ -311,7 +311,8 @@ int arch_update_cpu_topology(void) |
| on_each_cpu(__arch_update_dedicated_flag, NULL, 0); |
| for_each_online_cpu(cpu) { |
| dev = get_cpu_device(cpu); |
| - kobject_uevent(&dev->kobj, KOBJ_CHANGE); |
| + if (dev) |
| + kobject_uevent(&dev->kobj, KOBJ_CHANGE); |
| } |
| return rc; |
| } |
| -- |
| 2.7.4 |
| |