1. Patchew
  2. linux
  3. View series

[PATCH] ACPICA: proactively check null ptr to avoid API misuse

Tong Zhang posted 1 patch 4 years, 4 months ago 
drivers/acpi/acpica/nswalk.c | 7 +++++++
1 file changed, 7 insertions(+)
[PATCH] ACPICA: proactively check null ptr to avoid API misuse
Posted by Tong Zhang 4 years, 4 months ago 
There are some cases that user use acpi_ns_walk_namespace() without
checking acpi_disable flag. When acpi=off is provided in boot cmdline,
acpi_gbl_root_node is NULL and calling acpi_ns_walk_namespace() will
crash kernel. In order to avoid such misuse, we proactively check null ptr
and return an error when we know ACPI is disabled.

Signed-off-by: Tong Zhang <ztong0001@gmail.com>
---
 drivers/acpi/acpica/nswalk.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/drivers/acpi/acpica/nswalk.c b/drivers/acpi/acpica/nswalk.c
index 915c2433463d..9ae45db16d86 100644
--- a/drivers/acpi/acpica/nswalk.c
+++ b/drivers/acpi/acpica/nswalk.c
@@ -171,6 +171,13 @@ acpi_ns_walk_namespace(acpi_object_type type,
 		start_node = acpi_gbl_root_node;
 	}
 
+	/* acpi_gbl_root_node is NULL when acpi=off is provided.
+	 * We proactively check nulliness here and return an error if user call
+	 * this function without checking acpi_disabled
+	 */
+	if (start_node == NULL)
+		return_ACPI_STATUS(AE_ERROR);
+
 	/* Null child means "get first node" */
 
 	parent_node = start_node;
-- 
2.25.1
Re: [PATCH] ACPICA: proactively check null ptr to avoid API misuse
Posted by Rafael J. Wysocki 4 years, 4 months ago 
On Wed, Feb 16, 2022 at 7:26 AM Tong Zhang <ztong0001@gmail.com> wrote:
>
> There are some cases that user use acpi_ns_walk_namespace() without
> checking acpi_disable flag. When acpi=off is provided in boot cmdline,
> acpi_gbl_root_node is NULL and calling acpi_ns_walk_namespace() will
> crash kernel. In order to avoid such misuse, we proactively check null ptr
> and return an error when we know ACPI is disabled.

The issue should be fixed by this commit in the upstream ACPICA code
base: https://github.com/acpica/acpica/commit/b1c3656ef4950098e530be68d4b589584f06cddc

>
> Signed-off-by: Tong Zhang <ztong0001@gmail.com>
> ---
>  drivers/acpi/acpica/nswalk.c | 7 +++++++
>  1 file changed, 7 insertions(+)
>
> diff --git a/drivers/acpi/acpica/nswalk.c b/drivers/acpi/acpica/nswalk.c
> index 915c2433463d..9ae45db16d86 100644
> --- a/drivers/acpi/acpica/nswalk.c
> +++ b/drivers/acpi/acpica/nswalk.c
> @@ -171,6 +171,13 @@ acpi_ns_walk_namespace(acpi_object_type type,
>                 start_node = acpi_gbl_root_node;
>         }
>
> +       /* acpi_gbl_root_node is NULL when acpi=off is provided.
> +        * We proactively check nulliness here and return an error if user call
> +        * this function without checking acpi_disabled
> +        */
> +       if (start_node == NULL)
> +               return_ACPI_STATUS(AE_ERROR);
> +
>         /* Null child means "get first node" */
>
>         parent_node = start_node;
> --
> 2.25.1
>
Re: [PATCH] ACPICA: proactively check null ptr to avoid API misuse
Posted by Tong Zhang 4 years, 4 months ago 
On Wed, Feb 16, 2022 at 4:22 AM Rafael J. Wysocki <rafael@kernel.org> wrote:
>
> On Wed, Feb 16, 2022 at 7:26 AM Tong Zhang <ztong0001@gmail.com> wrote:
> >
> > There are some cases that user use acpi_ns_walk_namespace() without
> > checking acpi_disable flag. When acpi=off is provided in boot cmdline,
> > acpi_gbl_root_node is NULL and calling acpi_ns_walk_namespace() will
> > crash kernel. In order to avoid such misuse, we proactively check null ptr
> > and return an error when we know ACPI is disabled.
>
> The issue should be fixed by this commit in the upstream ACPICA code
> base: https://github.com/acpica/acpica/commit/b1c3656ef4950098e530be68d4b589584f06cddc
>
Thank you Rafael. I've just seen that commit upstream.

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.