diff options
| author | Ard Biesheuvel <[email protected]> | 2025-03-06 15:59:16 +0000 |
|---|---|---|
| committer | Ingo Molnar <[email protected]> | 2025-03-06 21:02:39 +0000 |
| commit | c00b413a96261faef4ce22329153c6abd4acef25 (patch) | |
| tree | 91b59a6a3dff54f701039b992303d304bd873e92 /tools/testing/selftests/kvm/x86/nested_exceptions_test.c | |
| parent | x86/sgx: Fix size overflows in sgx_encl_create() (diff) | |
| download | kernel-c00b413a96261faef4ce22329153c6abd4acef25.tar.gz kernel-c00b413a96261faef4ce22329153c6abd4acef25.zip | |
x86/boot: Sanitize boot params before parsing command line
The 5-level paging code parses the command line to look for the 'no5lvl'
string, and does so very early, before sanitize_boot_params() has been
called and has been given the opportunity to wipe bogus data from the
fields in boot_params that are not covered by struct setup_header, and
are therefore supposed to be initialized to zero by the bootloader.
This triggers an early boot crash when using syslinux-efi to boot a
recent kernel built with CONFIG_X86_5LEVEL=y and CONFIG_EFI_STUB=n, as
the 0xff padding that now fills the unused PE/COFF header is copied into
boot_params by the bootloader, and interpreted as the top half of the
command line pointer.
Fix this by sanitizing the boot_params before use. Note that there is no
harm in calling this more than once; subsequent invocations are able to
spot that the boot_params have already been cleaned up.
Signed-off-by: Ard Biesheuvel <[email protected]>
Signed-off-by: Ingo Molnar <[email protected]>
Cc: "H. Peter Anvin" <[email protected]>
Cc: Linus Torvalds <[email protected]>
Cc: <[email protected]> # v6.1+
Link: https://lore.kernel.org/r/[email protected]
Closes: https://lore.kernel.org/all/[email protected]
Diffstat (limited to 'tools/testing/selftests/kvm/x86/nested_exceptions_test.c')
0 files changed, 0 insertions, 0 deletions