[PATCH 2/4] [Patch-next] ACPI, APEI, EINJ Fix the wrong checkingof Injection Header's length

From: Jin Dongming
Date: Mon Aug 16 2010 - 20:56:29 EST


header_length in struct acpi_table_einj is not the length of struct
acpi_table_einj, but the length of Injection Header.

In einj_check_table(), header_length is used for checking the length
of struct acpi_table_einj. So I think it is wrong.

This patch fixed it and I confirmed it on x86_64 next-tree.

Signed-off-by: Jin Dongming <jin.dongming@xxxxxxxxxxxxxxxxxx>
---
drivers/acpi/apei/einj.c | 15 +++++++++------
include/acpi/actbl1.h | 17 ++++++++++++-----
2 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/drivers/acpi/apei/einj.c b/drivers/acpi/apei/einj.c
index 465c885..5fe876c 100644
--- a/drivers/acpi/apei/einj.c
+++ b/drivers/acpi/apei/einj.c
@@ -104,7 +104,8 @@ static struct einj_parameter *einj_param;
static void einj_exec_ctx_init(struct apei_exec_context *ctx)
{
apei_exec_ctx_init(ctx, einj_ins_type, ARRAY_SIZE(einj_ins_type),
- EINJ_TAB_ENTRY(einj_tab), einj_tab->entries);
+ EINJ_TAB_ENTRY(einj_tab),
+ einj_tab->inje_header.entries);
}

static int __einj_get_available_error_type(u32 *type)
@@ -153,7 +154,7 @@ static u64 einj_get_parameter_address(void)
struct acpi_whea_header *entry;

entry = EINJ_TAB_ENTRY(einj_tab);
- for (i = 0; i < einj_tab->entries; i++) {
+ for (i = 0; i < einj_tab->inje_header.entries; i++) {
if (entry->action == ACPI_EINJ_SET_ERROR_TYPE &&
entry->instruction == ACPI_EINJ_WRITE_REGISTER &&
entry->register_region.space_id ==
@@ -426,12 +427,14 @@ DEFINE_SIMPLE_ATTRIBUTE(error_inject_fops, NULL,

static int einj_check_table(struct acpi_table_einj *einj_tab)
{
- if (einj_tab->header_length != sizeof(struct acpi_table_einj))
+ if (einj_tab->common_header.length < sizeof(struct acpi_table_einj))
return -EINVAL;
- if (einj_tab->header.length < sizeof(struct acpi_table_einj))
+
+ if (einj_tab->inje_header.length != sizeof(struct acpi_einj_header))
return -EINVAL;
- if (einj_tab->entries !=
- (einj_tab->header.length - sizeof(struct acpi_table_einj)) /
+
+ if (einj_tab->inje_header.entries !=
+ (einj_tab->common_header.length - sizeof(struct acpi_table_einj)) /
sizeof(struct acpi_einj_entry))
return -EINVAL;

diff --git a/include/acpi/actbl1.h b/include/acpi/actbl1.h
index 821f8ac..e586c30 100644
--- a/include/acpi/actbl1.h
+++ b/include/acpi/actbl1.h
@@ -199,14 +199,21 @@ struct acpi_table_ecdt {
*
******************************************************************************/

-struct acpi_table_einj {
- struct acpi_table_header header; /* Common ACPI table header */
- u32 header_length;
- u8 flags;
- u8 reserved[3];
+/* EINJ Injection Header */
+struct acpi_einj_header {
+ u32 length;
+ u8 flags;
+ u8 reserved[3];
u32 entries;
};

+/* EINJ Header */
+
+struct acpi_table_einj {
+ struct acpi_table_header common_header; /* Common ACPI table header */
+ struct acpi_einj_header inje_header; /* Injection Header */
+};
+
/* EINJ Injection Instruction Entries (actions) */

struct acpi_einj_entry {
--
1.7.1.1


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/