summaryrefslogtreecommitdiffstats
path: root/include/acpi/actbl.h
diff options
context:
space:
mode:
authorLv Zheng <lv.zheng@intel.com>2017-06-07 06:54:58 +0200
committerRafael J. Wysocki <rafael.j.wysocki@intel.com>2017-06-12 14:09:29 +0200
commit83848fbe7e6af978c080a88c130a67178b1ac0e4 (patch)
treed0768387438df3a229e80017c093e826f0b30cec /include/acpi/actbl.h
parentRevert "ACPICA: Disassembler: Enhance resource descriptor detection" (diff)
downloadlinux-83848fbe7e6af978c080a88c130a67178b1ac0e4.tar.xz
linux-83848fbe7e6af978c080a88c130a67178b1ac0e4.zip
ACPICA: Tables: Mechanism to handle late stage acpi_get_table() imbalance
Considering this case: 1. A program opens a sysfs table file 65535 times, it can increase validation_count and first increment cause the table to be mapped: validation_count = 65535 2. AML execution causes "Load" to be executed on the same table, this time it cannot increase validation_count, so validation_count remains: validation_count = 65535 3. The program closes sysfs table file 65535 times, it can decrease validation_count and the last decrement cause the table to be unmapped: validation_count = 0 4. AML code still accessing the loaded table, kernel crash can be observed. To prevent that from happening, add a validation_count threashold. When it is reached, the validation_count can no longer be incremented/decremented to invalidate the table descriptor (means preventing table unmappings) Note that code added in acpi_tb_put_table() is actually a no-op but changes the warning message into a "warn once" one. Lv Zheng. Signed-off-by: Lv Zheng <lv.zheng@intel.com> [ rjw: Changelog, comments ] Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Diffstat (limited to 'include/acpi/actbl.h')
-rw-r--r--include/acpi/actbl.h14
1 files changed, 14 insertions, 0 deletions
diff --git a/include/acpi/actbl.h b/include/acpi/actbl.h
index d92543f3bbfd..bdc55c0da19c 100644
--- a/include/acpi/actbl.h
+++ b/include/acpi/actbl.h
@@ -374,6 +374,20 @@ struct acpi_table_desc {
u16 validation_count;
};
+/*
+ * Maximum value of the validation_count field in struct acpi_table_desc.
+ * When reached, validation_count cannot be changed any more and the table will
+ * be permanently regarded as validated.
+ *
+ * This is to prevent situations in which unbalanced table get/put operations
+ * may cause premature table unmapping in the OS to happen.
+ *
+ * The maximum validation count can be defined to any value, but should be
+ * greater than the maximum number of OS early stage mapping slots to avoid
+ * leaking early stage table mappings to the late stage.
+ */
+#define ACPI_MAX_TABLE_VALIDATIONS ACPI_UINT16_MAX
+
/* Masks for Flags field above */
#define ACPI_TABLE_ORIGIN_EXTERNAL_VIRTUAL (0) /* Virtual address, external maintained */