[PATCH v4] x86/kexec: fix potential cmem->ranges out of bounds

lot too. Previously discussed link: [1] https://lore.kernel.org/kexec/ZXk2oBf%2FT1Ul6o0c@MiWiFi-R3L-srv/ [2] https://lore.kernel.org/kexec/273284e8-7680-4f5f-8065-c5d780987...@easystack.cn/ [3] https://lore.kernel.org/kexec/ZYQ6O%2F57sHAPxTHm@MiWiFi-R3L-srv/ Signed-off-by: fuqiang wang --- arch/

Re: [PATCH v3] x86/kexec: fix potential cmem->ranges out of bounds

在 2023/12/24 12:46, Baoquan He 写道: Rethink about this, seems above code comment is fine to be kept, and the same feeling about the elfheader region split from crashk_res. So, other than the patch log concerns, this patch looks good to me. Let's see if other people has concern about the newly

[PATCH v3] x86/kexec: fix potential cmem->ranges out of bounds

add a extra slot too. Previously discussed link: [1] https://lore.kernel.org/kexec/ZXk2oBf%2FT1Ul6o0c@MiWiFi-R3L-srv/ [2] https://lore.kernel.org/kexec/273284e8-7680-4f5f-8065-c5d780987...@easystack.cn/ [3] https://lore.kernel.org/kexec/ZYQ6O%2F57sHAPxTHm@MiWiFi-R3L-srv/ Signed-off-by: fuqiang w

Re: [PATCH v2 1/2] x86/kexec: Fix potential out of bounds in crash_setup_memmap_entries()

在 2023/12/21 21:14, Baoquan He 写道: On 12/20/23 at 01:57pm, fuqiang wang wrote: In memmap_exclude_ranges(), there will exclude elfheader from crashk_res. In the current x86 architecture code, the elfheader is always allocated at crashk_res.start. It seems that there won't be a split a new range

Re: [PATCH v2 2/2] kexec: Fix potential out of bounds in crash_exclude_mem_range()

在 2023/12/21 19:42, Baoquan He 写道: You may need rebase your work on next/master branch to avoid conflict. https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git In the current, below commit exists, then code change in this patch may not be needed. 86d80cbb61ca crash_core: fix and

[PATCH v2 2/2] kexec: Fix potential out of bounds in crash_exclude_mem_range()

When the split does not occur on the last array member, the current code will not return an error. So the correct array out-of-bounds check should be mem->nr_ranges >= mem->max_nr_ranges. When the OOB happen, the cmem->ranges[] have changed, so return early to avoid it. Signed-off

[PATCH v2 1/2] x86/kexec: Fix potential out of bounds in crash_setup_memmap_entries()

off-by: fuqiang wang --- arch/x86/kernel/crash.c | 20 ++-- 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c index c92d88680dbf..1c15d0884c90 100644 --- a/arch/x86/kernel/crash.c +++ b/arch/x86/kernel/crash.c @@ -149,6 +149

[PATCH v2 0/2] kexec: fix potential cmem->ranges out of bounds

c5d780987...@easystack.cn/ fuqiang wang (2): x86/kexec: Fix potential out of bounds in crash_setup_memmap_entries() kexec: Fix potential out of bounds in crash_exclude_mem_range() arch/x86/kernel/crash.c | 20 ++-- kernel/crash_core.c | 7 +++ 2 files changed, 17 i

Re: [PATCH] kexec: avoid out of bounds in crash_exclude_mem_range()

在 2023/12/19 18:39, Yuntao Wang 写道: On Tue, 19 Dec 2023 16:55:16 +0800, fuqiang wang wrote: Thank you very much for your patient comment. This change does indeed improve readability. But as a combination of these two, how do you feel about moving crash_setup_memmap_entries() behind vzalloc

Re: [PATCH] kexec: avoid out of bounds in crash_exclude_mem_range()

在 2023/12/19 13:29, Yuntao Wang 写道: On Tue, 19 Dec 2023 11:50:32 +0800, fuqiang wang wrote: 在 2023/12/19 10:47, Yuntao Wang 写道: Hi fuqiang, Yesterday, I posted two patches that happen to address the bugs you an Baoquan are currently discussing here, I wasn't aware that you both were also

Re: [PATCH] kexec: avoid out of bounds in crash_exclude_mem_range()

在 2023/12/19 10:47, Yuntao Wang 写道: Hi fuqiang, Yesterday, I posted two patches that happen to address the bugs you an Baoquan are currently discussing here, I wasn't aware that you both were also working on fixing these issues. Baoquan suggested I talk to you about it. If you're interested,

Re: [PATCH] kexec: avoid out of bounds in crash_exclude_mem_range()

在 2023/12/14 18:29, Baoquan He 写道: On 11/30/23 at 09:20pm, fuqiang wang wrote: On 2023/11/30 15:44, Baoquan He wrote: On 11/27/23 at 10:56am, fuqiang wang wrote: When the split happened, judge whether mem->nr_ranges is equal to mem->max_nr_ranges. If it is true, return -

Re: [PATCH] kexec: avoid out of bounds in crash_exclude_mem_range()

在 2023/12/13 12:44, Baoquan He 写道: On 11/30/23 at 09:20pm, fuqiang wang wrote: On 2023/11/30 15:44, Baoquan He wrote: On 11/27/23 at 10:56am, fuqiang wang wrote: When the split happened, judge whether mem->nr_ranges is equal to mem->max_nr_ranges. If it is true, return -

Re: [PATCH] kexec: avoid out of bounds in crash_exclude_mem_range()

On 2023/11/30 15:44, Baoquan He wrote: On 11/27/23 at 10:56am, fuqiang wang wrote: When the split happened, judge whether mem->nr_ranges is equal to mem->max_nr_ranges. If it is true, return -ENOMEM. The advantage of doing this is that it can avoid array bounds caused by some bug

[PATCH] kexec: avoid out of bounds in crash_exclude_mem_range()

ashkres_low."), reserve both high and low memories for the crashkernel may cause out of bounds. On the other hand, move this code before the split to ensure that the array will not be changed when return error. Signed-off-by: fuqiang wang --- kernel/crash_core.c | 6 +++--- 1 file changed, 3