From 2dff862341a97e1344f89472c7d5c99d8a82ec90 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Fri, 19 Apr 2019 21:04:54 +0200 Subject: [PATCH] ACPICA: Namespace: remove address node from global list after method termination --- debian/changelog | 2 + ...-remove-address-node-from-global-lis.patch | 63 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 66 insertions(+) create mode 100644 debian/patches/bugfix/all/ACPICA-Namespace-remove-address-node-from-global-lis.patch diff --git a/debian/changelog b/debian/changelog index 55f952716..40396b0e9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -815,6 +815,8 @@ linux (4.19.34-1) UNRELEASED; urgency=medium [ Salvatore Bonaccorso ] * xen/pciback: Don't disable PCI_COMMAND on PCI device reset. (CVE-2015-8553) + * ACPICA: Namespace: remove address node from global list after method + termination -- Ben Hutchings Mon, 18 Mar 2019 22:50:08 +0000 diff --git a/debian/patches/bugfix/all/ACPICA-Namespace-remove-address-node-from-global-lis.patch b/debian/patches/bugfix/all/ACPICA-Namespace-remove-address-node-from-global-lis.patch new file mode 100644 index 000000000..abe056d33 --- /dev/null +++ b/debian/patches/bugfix/all/ACPICA-Namespace-remove-address-node-from-global-lis.patch @@ -0,0 +1,63 @@ +From: Erik Schmauss +Date: Mon, 8 Apr 2019 13:42:26 -0700 +Subject: ACPICA: Namespace: remove address node from global list after method + termination +Origin: https://git.kernel.org/linus/c5781ffbbd4f742a58263458145fe7f0ac01d9e0 +Bug: https://bugzilla.kernel.org/show_bug.cgi?id=202475 + +ACPICA commit b233720031a480abd438f2e9c643080929d144c3 + +ASL operation_regions declare a range of addresses that it uses. In a +perfect world, the range of addresses should be used exclusively by +the AML interpreter. The OS can use this information to decide which +drivers to load so that the AML interpreter and device drivers use +different regions of memory. + +During table load, the address information is added to a global +address range list. Each node in this list contains an address range +as well as a namespace node of the operation_region. This list is +deleted at ACPI shutdown. + +Unfortunately, ASL operation_regions can be declared inside of control +methods. Although this is not recommended, modern firmware contains +such code. New module level code changes unintentionally removed the +functionality of adding and removing nodes to the global address +range list. + +A few months ago, support for adding addresses has been re- +implemented. However, the removal of the address range list was +missed and resulted in some systems to crash due to the address list +containing bogus namespace nodes from operation_regions declared in +control methods. In order to fix the crash, this change removes +dynamic operation_regions after control method termination. + +Link: https://github.com/acpica/acpica/commit/b2337200 +Link: https://bugzilla.kernel.org/show_bug.cgi?id=202475 +Fixes: 4abb951b73ff ("ACPICA: AML interpreter: add region addresses in global list during initialization") +Reported-by: Michael J Gruber +Signed-off-by: Erik Schmauss +Signed-off-by: Bob Moore +Cc: 4.20+ # 4.20+ +Signed-off-by: Rafael J. Wysocki +--- + drivers/acpi/acpica/nsobject.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/drivers/acpi/acpica/nsobject.c b/drivers/acpi/acpica/nsobject.c +index 8638f43cfc3d..79d86da1c892 100644 +--- a/drivers/acpi/acpica/nsobject.c ++++ b/drivers/acpi/acpica/nsobject.c +@@ -186,6 +186,10 @@ void acpi_ns_detach_object(struct acpi_namespace_node *node) + } + } + ++ if (obj_desc->common.type == ACPI_TYPE_REGION) { ++ acpi_ut_remove_address_range(obj_desc->region.space_id, node); ++ } ++ + /* Clear the Node entry in all cases */ + + node->object = NULL; +-- +2.11.0 + diff --git a/debian/patches/series b/debian/patches/series index bd1787f6d..7c5e0bfae 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -103,6 +103,7 @@ bugfix/all/kbuild-include-addtree-remove-quotes-before-matching-path.patch debian/revert-objtool-fix-config_stack_validation-y-warning.patch bugfix/all/mt76-use-the-correct-hweight8-function.patch bugfix/all/revert-net-stmmac-send-tso-packets-always-from-queue.patch +bugfix/all/ACPICA-Namespace-remove-address-node-from-global-lis.patch # Miscellaneous features