diff options
author | Luis Araneda <luaraneda@gmail.com> | 2019-08-04 00:32:04 -0400 |
---|---|---|
committer | Hauke Mehrtens <hauke@hauke-m.de> | 2019-08-17 16:57:32 +0200 |
commit | d71cac96f3dc14065f1c25bd6677605dcb417619 (patch) | |
tree | bc5c3b0b83acce59cfb56f4c5e53363f929d9bae /target | |
parent | b82edc70adb252d646029e28a5e4636b11f4b066 (diff) | |
download | upstream-d71cac96f3dc14065f1c25bd6677605dcb417619.tar.gz upstream-d71cac96f3dc14065f1c25bd6677605dcb417619.tar.bz2 upstream-d71cac96f3dc14065f1c25bd6677605dcb417619.zip |
zynq: k4.19: fix kernel panic on smp bring-up
This fixes a kernel panic when validating the
arguments of memcpy at runtime, which is enabled
by generic's CONFIG_FORTIFY_SOURCE for k4.19
This wasn't triggered on 4.14, as ARCH_HAS_FORTIFY_SOURCE
was added on k4.17 for the ARM architecture
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
Diffstat (limited to 'target')
-rw-r--r-- | target/linux/zynq/patches-4.19/110-ARM-zynq-Use-memcpy_toio-instead-of-memcpy.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/target/linux/zynq/patches-4.19/110-ARM-zynq-Use-memcpy_toio-instead-of-memcpy.patch b/target/linux/zynq/patches-4.19/110-ARM-zynq-Use-memcpy_toio-instead-of-memcpy.patch new file mode 100644 index 0000000000..03027b2016 --- /dev/null +++ b/target/linux/zynq/patches-4.19/110-ARM-zynq-Use-memcpy_toio-instead-of-memcpy.patch @@ -0,0 +1,35 @@ +From a801d4aa6000f7ba0ffc5ba9d841af62ec7e0bb1 Mon Sep 17 00:00:00 2001 +From: Luis Araneda <luaraneda@gmail.com> +Date: Tue, 30 Jul 2019 00:29:03 -0400 +Subject: [RFC PATCH] ARM: zynq: Use memcpy_toio instead of memcpy on smp bring-up + +This fixes a kernel panic (read overflow) on memcpy when +FORTIFY_SOURCE is enabled. + +The computed size of memcpy args are: +- p_size (dst): 4294967295 = (size_t) -1 +- q_size (src): 1 +- size (len): 8 + +Additionally, the memory is marked as __iomem, so one of +the memcpy_* functions should be used for read/write + +Signed-off-by: Luis Araneda <luaraneda@gmail.com> +--- +As of 2019-08-03, this patch is under review and waiting +comments from the maintainer / author +-- + arch/arm/mach-zynq/platsmp.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/arm/mach-zynq/platsmp.c ++++ b/arch/arm/mach-zynq/platsmp.c +@@ -65,7 +65,7 @@ int zynq_cpun_start(u32 address, int cpu + * 0x4: Jump by mov instruction + * 0x8: Jumping address + */ +- memcpy((__force void *)zero, &zynq_secondary_trampoline, ++ memcpy_toio(zero, &zynq_secondary_trampoline, + trampoline_size); + writel(address, zero + trampoline_size); + |