RISC-V: hwprobe: Fix vDSO SIGSEGV

[ Upstream commit e1c05b3bf80f829ced464bdca90f1dfa96e8d251 ]

A hwprobe pair key is signed, but the hwprobe vDSO function was
only checking that the upper bound was valid. In order to help
avoid this type of problem in the future, and in anticipation of
this check becoming more complicated with sparse keys, introduce
and use a "key is valid" predicate function for the check.

Fixes: aa5af0aa90ba ("RISC-V: Add hwprobe vDSO function and data")
Signed-off-by: Andrew Jones <ajones@ventanamicro.com>
Reviewed-by: Evan Green <evan@rivosinc.com>
Link: https://lore.kernel.org/r/20231010165101.14942-2-ajones@ventanamicro.com
Signed-off-by: Palmer Dabbelt <palmer@rivosinc.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/arch/riscv/include/asm/hwprobe.h b/arch/riscv/include/asm/hwprobe.h
index 78936f4ff513307a59e62768838ae19a738f69d1..7cad513538d8d08380eb9a6d4a65b411ddc0b05e 100644 (file)
--- a/arch/riscv/include/asm/hwprobe.h
+++ b/arch/riscv/include/asm/hwprobe.h
@@ -10,4 +10,9 @@
 
 #define RISCV_HWPROBE_MAX_KEY 5
 
+static inline bool riscv_hwprobe_key_is_valid(__s64 key)
+{
+       return key >= 0 && key <= RISCV_HWPROBE_MAX_KEY;
+}
+
 #endif

diff --git a/arch/riscv/kernel/vdso/hwprobe.c b/arch/riscv/kernel/vdso/hwprobe.c
index d40bec6ac0786690374b8fde5eaddda928c788d2..cadf725ef798370bbe248f80dcf207c7fd439e7b 100644 (file)
--- a/arch/riscv/kernel/vdso/hwprobe.c
+++ b/arch/riscv/kernel/vdso/hwprobe.c
@@ -37,7 +37,7 @@ int __vdso_riscv_hwprobe(struct riscv_hwprobe *pairs, size_t pair_count,
 
        /* This is something we can handle, fill out the pairs. */
        while (p < end) {
-               if (p->key <= RISCV_HWPROBE_MAX_KEY) {
+               if (riscv_hwprobe_key_is_valid(p->key)) {
                        p->value = avd->all_cpu_hwprobe_values[p->key];
 
                } else {