• Vasily Gorbik's avatar
    s390/cio: exclude subchannels with no parent from pseudo check · ae340090
    Vasily Gorbik authored
    BugLink: https://bugs.launchpad.net/bugs/1848780
    
    commit ab575884 upstream.
    
    ccw console is created early in start_kernel and used before css is
    initialized or ccw console subchannel is registered. Until then console
    subchannel does not have a parent. For that reason assume subchannels
    with no parent are not pseudo subchannels. This fixes the following
    kasan finding:
    
    BUG: KASAN: global-out-of-bounds in sch_is_pseudo_sch+0x8e/0x98
    Read of size 8 at addr 00000000000005e8 by task swapper/0/0
    
    CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.3.0-rc8-07370-g6ac43dd12538 #2
    Hardware name: IBM 2964 NC9 702 (z/VM 6.4.0)
    Call Trace:
    ([<000000000012cd76>] show_stack+0x14e/0x1e0)
     [<0000000001f7fb44>] dump_stack+0x1a4/0x1f8
     [<00000000007d7afc>] print_address_description+0x64/0x3c8
     [<00000000007d75f6>] __kasan_report+0x14e/0x180
     [<00000000018a2986>] sch_is_pseudo_sch+0x8e/0x98
     [<000000000189b950>] cio_enable_subchannel+0x1d0/0x510
     [<00000000018cac7c>] ccw_device_recognition+0x12c/0x188
     [<0000000002ceb1a8>] ccw_device_enable_console+0x138/0x340
     [<0000000002cf1cbe>] con3215_init+0x25e/0x300
     [<0000000002c8770a>] console_init+0x68a/0x9b8
     [<0000000002c6a3d6>] start_kernel+0x4fe/0x728
     [<0000000000100070>] startup_continue+0x70/0xd0
    
    Cc: stable@vger.kernel.org
    Reviewed-by: default avatarSebastian Ott <sebott@linux.ibm.com>
    Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    Signed-off-by: default avatarConnor Kuehl <connor.kuehl@canonical.com>
    Signed-off-by: default avatarKhalid Elmously <khalid.elmously@canonical.com>
    ae340090
css.c 29.3 KB