Re: [PATCH] x86/mm: Fix use of uninitialized buffer in sme_enable()
From: Borislav Petkov
Date: Fri Feb 17 2023 - 16:47:34 EST
On Thu, Feb 02, 2023 at 10:25:38AM -0800, Nikita Zhandarovich wrote:
> cmdline_find_option() may fail before doing any initialization of
> buffer array. This may lead to unpredictable results when the same
> buffer is used later in calls to strncmp() function.
> Fix the issue by initializing the buffer to an empty string.
I'd prefer if you test cmdline_find_option()'s return value instead and
return early if -1.
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
SVACE is?
> Fixes: 1cd9c22fee3a ("x86/mm/encrypt: Move page table helpers into separate translation unit")
The proper Fixes commit should be:
aca20d546214 ("x86/mm: Add support to make use of Secure Memory Encryption")
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette