[PATCH] x86/callthunks: Correct calculation of dest address in is_callthunk()

From: Uros Bizjak
Date: Fri Dec 01 2023 - 03:57:36 EST

Next message: Roger Pau Monné: "Re: [RFC KERNEL PATCH v2 2/3] xen/pvh: Unmask irq for passthrough device in PVH dom0"
Previous message: Xu Yang: "RE: [PATCH 2/3] perf: imx_perf: add support for i.MX95 platform"
Next in thread: Nathan Chancellor: "Re: [PATCH] x86/callthunks: Correct calculation of dest address in is_callthunk()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

GCC didn't warn on the invalid use of relocation destination
pointer, so the calculated destination value was applied to
the uninitialized pointer location in error.

Fixes: 17bce3b2ae2d ("x86/callthunks: Handle %rip-relative relocations in call thunk template")
Reported-by: Nathan Chancellor <nathan@xxxxxxxxxx>
Closes: https://lore.kernel.org/lkml/20231201035457.GA321497@dev-arch.thelio-3990X/
Cc: Ingo Molnar <mingo@xxxxxxxxxx>
Signed-off-by: Uros Bizjak <ubizjak@xxxxxxxxx>
---
arch/x86/kernel/callthunks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/kernel/callthunks.c b/arch/x86/kernel/callthunks.c
index f5507c95e7be..c561dd481eb9 100644
--- a/arch/x86/kernel/callthunks.c
+++ b/arch/x86/kernel/callthunks.c
@@ -306,7 +306,7 @@ static bool is_callthunk(void *addr)
if (!thunks_initialized || skip_addr((void *)dest))
return false;

- *pad = dest - tmpl_size;
+ pad = (void *)(dest - tmpl_size);

memcpy(insn_buff, skl_call_thunk_template, tmpl_size);
apply_relocation(insn_buff, tmpl_size, pad,
--
2.31.1

Next message: Roger Pau Monné: "Re: [RFC KERNEL PATCH v2 2/3] xen/pvh: Unmask irq for passthrough device in PVH dom0"
Previous message: Xu Yang: "RE: [PATCH 2/3] perf: imx_perf: add support for i.MX95 platform"
Next in thread: Nathan Chancellor: "Re: [PATCH] x86/callthunks: Correct calculation of dest address in is_callthunk()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]