Re: [PATCH 2/8] powerpc/rtas: use memmove for potentially overlapping buffer copy

[PATCH 0/8] RTAS changes for 6.4 · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
[PATCH 4/8] powerpc/rtas: fix miswording in rtas_function kerneldoc · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 4/8] powerpc/rtas: fix miswording in rtas_function kerneldoc · Andrew Donnellan <hidden> · 2023-03-23
[PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() · Andrew Donnellan <hidden> · 2023-03-23
Re: [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() · Nathan Lynch <hidden> · 2023-03-23
Re: [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() · Nathan Lynch <hidden> · 2023-03-24
Re: [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() · Michael Ellerman <mpe@ellerman.id.au> · 2023-03-29
Re: [PATCH 7/8] powerpc/rtas: warn on unsafe argument to rtas_call_unlocked() · Nathan Lynch <hidden> · 2023-03-29
[PATCH 3/8] powerpc/rtas: rtas_call_unlocked() kerneldoc · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 3/8] powerpc/rtas: rtas_call_unlocked() kerneldoc · Andrew Donnellan <hidden> · 2023-03-23
[PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Andrew Donnellan <hidden> · 2023-03-23
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Nathan Lynch <hidden> · 2023-03-23
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Michael Ellerman <mpe@ellerman.id.au> · 2023-03-23
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Nathan Lynch <hidden> · 2023-03-23
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Christophe Leroy <hidden> · 2024-01-25
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Nathan Lynch <hidden> · 2024-01-25
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Christophe Leroy <hidden> · 2024-01-25
Re: [PATCH 8/8] powerpc/rtas: consume retry statuses in sys_rtas() · Nathan Lynch <hidden> · 2024-01-25
[PATCH 1/8] powerpc/rtas: ensure 8-byte alignment for struct rtas_args · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 1/8] powerpc/rtas: ensure 8-byte alignment for struct rtas_args · Andrew Donnellan <hidden> · 2023-03-23
[PATCH 5/8] powerpc/rtas: rename va_rtas_call_unlocked() to va_rtas_call() · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 5/8] powerpc/rtas: rename va_rtas_call_unlocked() to va_rtas_call() · Andrew Donnellan <hidden> · 2023-03-23
Re: [PATCH 5/8] powerpc/rtas: rename va_rtas_call_unlocked() to va_rtas_call() · Nathan Lynch <hidden> · 2023-03-23
Re: [PATCH 5/8] powerpc/rtas: rename va_rtas_call_unlocked() to va_rtas_call() · Michael Ellerman <mpe@ellerman.id.au> · 2023-03-29
[PATCH 2/8] powerpc/rtas: use memmove for potentially overlapping buffer copy · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 2/8] powerpc/rtas: use memmove for potentially overlapping buffer copy · Andrew Donnellan <hidden> · 2023-03-23
[PATCH 6/8] powerpc/rtas: lockdep annotations · Nathan Lynch via B4 Relay <devnull+nathanl.linux.ibm.com@kernel.org> · 2023-03-06
Re: [PATCH 6/8] powerpc/rtas: lockdep annotations · Andrew Donnellan <hidden> · 2023-03-23
Re: (subset) [PATCH 0/8] RTAS changes for 6.4 · Michael Ellerman <hidden> · 2023-04-06
Re: [PATCH 0/8] RTAS changes for 6.4 · Michael Ellerman <hidden> · 2023-04-26

From: Andrew Donnellan <hidden>
Date: 2023-03-23 04:10:44

On Mon, 2023-03-06 at 15:33 -0600, Nathan Lynch via B4 Relay wrote:

From: Nathan Lynch <redacted>

Using memcpy() isn't safe when buf is identical to rtas_err_buf,
which
can happen during boot before slab is up. Full context which may not
be obvious from the diff:

        if (altbuf) {
                buf = altbuf;
        } else {
                buf = rtas_err_buf;
                if (slab_is_available())
                        buf = kmalloc(RTAS_ERROR_LOG_MAX,
GFP_ATOMIC);
        }
        if (buf)
                memcpy(buf, rtas_err_buf, RTAS_ERROR_LOG_MAX);

This was found by inspection and I'm not aware of it causing problems
in practice. It appears to have been introduced by commit
033ef338b6e0 ("powerpc: Merge rtas.c into arch/powerpc/kernel"); the
old ppc64 version of this code did not have this problem.

Use memmove() instead.

Fixes: 033ef338b6e0 ("powerpc: Merge rtas.c into
arch/powerpc/kernel")
Signed-off-by: Nathan Lynch <redacted>

Reviewed-by: Andrew Donnellan <redacted>

-- 
Andrew Donnellan    OzLabs, ADL Canberra
ajd@linux.ibm.com   IBM Australia Limited

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help