Commit 92499add authored Mar 19, 2024 by Yazen Ghannam Committed by PrithivishS Oct 22, 2024

RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records()

mainline inclusion
from mainline-v6.11-rc1
commit 4b0e527c9970a15ac9ec8fc44af957725b854c29
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/IAYOV8
CVE: NA

Reference: https://github.com/torvalds/linux/commit/4b0e527c9970a15ac9ec8fc44af957725b854c29



--------------------------------

commit 4b0e527c9970a15ac9ec8fc44af957725b854c29 upstream

An old, invalid record should be cleared and skipped.

Currently, the record is cleared in ERST, but it is not skipped. This
leads to a NULL pointer dereference when attempting to copy the old
record to the new record.

Continue the loop after clearing an old, invalid record to skip it.

Fixes: 6f15e617cc99 ("RAS: Introduce a FRU memory poison manager")
Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Tested-by: Muralidhara M K <muralidhara.mk@amd.com>
Link: https://lore.kernel.org/r/20240319113322.280096-2-yazen.ghannam@amd.com


Signed-off-by: suryasaimadhu <SaiMadhu.KoyyalaHariVenkata@amd.com>
Signed-off-by: PrithivishS <sprithiv@amd.com>

parent d5054ed8

drivers/ras/amd/fmpm.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -676,8 +676,10 @@ static int get_saved_records(void)
		}

		new = get_valid_record(old);
		if (!new)
		if (!new) {
		erst_clear(record_id);
		continue;
		}

		/* Restore the record */
		memcpy(new, old, len);