git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Dan Williams <dan.j.williams@intel.com>
	Tue, 8 Jan 2019 23:34:52 +0000 (15:34 -0800)
committer	Dan Williams <dan.j.williams@intel.com>
	Wed, 9 Jan 2019 06:06:09 +0000 (22:06 -0800)
commit	1cb95e072ede5e3d6a54eefd520db21b45985896
tree	3cb1ea431423fc4e0102989fc7a4de76edb309e4	tree \| snapshot
parent	ccb7f15a8a3c0c7a35389e4c8e083c424b4df79d	commit \| diff

libnvdimm/dimm: Fix security capability detection for non-Intel NVDIMMs

Kees reports a crash with the following signature...

RIP: 0010:nvdimm_visible+0x79/0x80
[..]
Call Trace:
  internal_create_group+0xf4/0x380
  sysfs_create_groups+0x46/0xb0
  device_add+0x331/0x680
  nd_async_device_register+0x15/0x60
  async_run_entry_fn+0x38/0x100

...when starting a QEMU environment with "label-less" DIMM. Without
labels QEMU does not publish any DSM methods. Without defined methods
the NVDIMM_FAMILY type is not established and the nfit driver will skip
registering security operations.

In that case the security state should be initialized to a negative
value in __nvdimm_create() and nvdimm_visible() should skip
interrogating the specific ops. However, since 'enum
nvdimm_security_state' was only defined to contain positive values the
"if (nvdimm->sec.state < 0)" check always fails.

Define a negative error state to allow negative state values to be
handled as expected.

Fixes: f2989396553a ("acpi/nfit, libnvdimm: Introduce nvdimm_security_ops")
Reviewed-by: Dave Jiang <dave.jiang@intel.com>
Reported-by: Kees Cook <keescook@chromium.org>
Tested-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>