Re: [PATCH] x86/boot: Reject truncated acpi_rsdp= values

Next message: Barry Song: "Re: [RFC PATCH] mm: Avoiding split large folios if swap has no space"
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH net v2 0/2] net/sched: act_ct: preserve tc_skb_cb across defragmentation"
In reply to: Borislav Petkov: "Re: [PATCH] x86/boot: Reject truncated acpi_rsdp= values"
Next in thread: Borislav Petkov: "Re: [PATCH] x86/boot: Reject truncated acpi_rsdp= values"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Thorsten Blum

Date: Thu Jun 18 2026 - 21:01:19 EST

On Thu, Jun 18, 2026 at 12:34:09PM -0700, Borislav Petkov wrote:
> On Thu, Jun 18, 2026 at 08:57:56PM +0200, Thorsten Blum wrote:
> > Only far enough to avoid using a value the user didn't actually enter.
>
> But the user did enter it.
>
> And nothing in there tells her/him that they entered a wrong value. Only that
> the value she entered magically turned into a 0.
>
> So how is that helping said user fix the input?
>
> And is there a real use case you're fixing here or is this something
> hypothetical that *might* happen?
>
> > A user can still shoot themselves in the foot by using a syntactically
> > valid but wrong address. The check only rejects an overlong acpi_rsdp=
> > value after cmdline_find_option() reports that it didn't fit in the
> > buffer.
>
> My question still stands paraphrazed: what *actual*, real use case are you
> fixing here?
>
> And how does your fix make anything better?

Without this patch, the decompressor acts on a truncated address. The
result is undefined and crashed my setup during early boot (an internal
broken script surfaced this).

With this patch, a user at least has a chance to see the main kernel's
log message:

[ 0.000000] Malformed early option 'acpi_rsdp'

You can reproduce this with QEMU using the malformed example from
before:

acpi_rsdp=0x0123456789abcdefx