4.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Vishal Verma vishal.l.verma@intel.com
commit e8a308e5f47e545e0d41d0686c00f5f5217c5f61 upstream.
The NFIT machine check handler uses the physical address from the mce structure, and compares it against information in the ACPI NFIT table to determine whether that location lies on an NVDIMM. The mce->addr field however may not always be valid, and this is indicated by the MCI_STATUS_ADDRV bit in the status field.
Export mce_usable_address() which already performs validation for the address, and use it in the NFIT handler.
Fixes: 6839a6d96f4e ("nfit: do an ARS scrub on hitting a latent media error") Reported-by: Robert Elliott elliott@hpe.com Signed-off-by: Vishal Verma vishal.l.verma@intel.com Signed-off-by: Borislav Petkov bp@suse.de CC: Arnd Bergmann arnd@arndb.de Cc: Dan Williams dan.j.williams@intel.com CC: Dave Jiang dave.jiang@intel.com CC: elliott@hpe.com CC: "H. Peter Anvin" hpa@zytor.com CC: Ingo Molnar mingo@redhat.com CC: Len Brown lenb@kernel.org CC: linux-acpi@vger.kernel.org CC: linux-edac linux-edac@vger.kernel.org CC: linux-nvdimm@lists.01.org CC: Qiuxu Zhuo qiuxu.zhuo@intel.com CC: "Rafael J. Wysocki" rjw@rjwysocki.net CC: Ross Zwisler zwisler@kernel.org CC: stable stable@vger.kernel.org CC: Thomas Gleixner tglx@linutronix.de CC: Tony Luck tony.luck@intel.com CC: x86-ml x86@kernel.org CC: Yazen Ghannam yazen.ghannam@amd.com Link: http://lkml.kernel.org/r/20181026003729.8420-2-vishal.l.verma@intel.com Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
--- arch/x86/include/asm/mce.h | 1 + arch/x86/kernel/cpu/mcheck/mce.c | 3 ++- drivers/acpi/nfit/mce.c | 4 ++++ 3 files changed, 7 insertions(+), 1 deletion(-)
--- a/arch/x86/include/asm/mce.h +++ b/arch/x86/include/asm/mce.h @@ -217,6 +217,7 @@ static inline int umc_normaddr_to_sysadd int mce_available(struct cpuinfo_x86 *c); bool mce_is_memory_error(struct mce *m); bool mce_is_correctable(struct mce *m); +int mce_usable_address(struct mce *m);
DECLARE_PER_CPU(unsigned, mce_exception_count); DECLARE_PER_CPU(unsigned, mce_poll_count); --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -489,7 +489,7 @@ static void mce_report_event(struct pt_r * be somewhat complicated (e.g. segment offset would require an instruction * parser). So only support physical addresses up to page granuality for now. */ -static int mce_usable_address(struct mce *m) +int mce_usable_address(struct mce *m) { if (!(m->status & MCI_STATUS_ADDRV)) return 0; @@ -509,6 +509,7 @@ static int mce_usable_address(struct mce
return 1; } +EXPORT_SYMBOL_GPL(mce_usable_address);
bool mce_is_memory_error(struct mce *m) { --- a/drivers/acpi/nfit/mce.c +++ b/drivers/acpi/nfit/mce.c @@ -29,6 +29,10 @@ static int nfit_handle_mce(struct notifi if (!mce_is_memory_error(mce) || mce_is_correctable(mce)) return NOTIFY_DONE;
+ /* Verify the address reported in the MCE is valid. */ + if (!mce_usable_address(mce)) + return NOTIFY_DONE; + /* * mce->addr contains the physical addr accessed that caused the * machine check. We need to walk through the list of NFITs, and see