Commit 2da98a44 authored Aug 29, 2024 by Armin Wolf Committed by liwei Aug 29, 2024

ACPI: EC: Abort address space access upon error

stable inclusion
from stable-v4.19.319
commit 52a1125633abf465f59d184020add71616b87efa
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/IAMXCL
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=52a1125633abf465f59d184020add71616b87efa



---------------------------

[ Upstream commit f6f172dc6a6d7775b2df6adfd1350700e9a847ec ]

When a multi-byte address space access is requested, acpi_ec_read()/
acpi_ec_write() is being called multiple times.

Abort such operations if a single call to acpi_ec_read() /
acpi_ec_write() fails, as the data read from / written to the EC
might be incomplete.

Signed-off-by: Armin Wolf <W_Armin@gmx.de>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: liwei <liwei728@huawei.com>

parent 55398d69

drivers/acpi/ec.c

+4 −1

Original line number	Diff line number	Diff line
		@@ -1330,10 +1330,13 @@ acpi_ec_space_handler(u32 function, acpi_physical_address address,
		if (ec->busy_polling \|\| bits > 8)
		acpi_ec_burst_enable(ec);

		for (i = 0; i < bytes; ++i, ++address, ++value)
		for (i = 0; i < bytes; ++i, ++address, ++value) {
		result = (function == ACPI_READ) ?
		acpi_ec_read(ec, address, value) :
		acpi_ec_write(ec, address, *value);
		if (result < 0)
		break;
		}

		if (ec->busy_polling \|\| bits > 8)
		acpi_ec_burst_disable(ec);