1. 27 Dec, 2021 7 commits
    • Shuuichirou Ishii's avatar
      ACPICA: Fix AEST Processor generic resource substructure data field byte length · 00395b74
      Shuuichirou Ishii authored
      ACPICA commit 13b9327761955f6e1e5dbf748b3112940c0dc539
      
      The byte length of the Data field in the AEST Processor generic resource
      substructure defined in ACPI for the Armv8 RAS Extensions 1.1 is 4Byte.
      However, it is defined as a pointer type, and on a 64-bit machine,
      it is interpreted as 8 bytes. Therefore, it is changed from a pointer
      type unsigned integer 1 byte to an unsigned integer 4 bytes.
      
      Link: https://github.com/acpica/acpica/commit/13b93277Signed-off-by: default avatarShuuichirou Ishii <ishii.shuuichir@fujitsu.com>
      Signed-off-by: default avatarBob Moore <robert.moore@intel.com>
      Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
      00395b74
    • Bob Moore's avatar
      ACPICA: iASL/Disassembler: Additional support for NHLT table · e4a07f5a
      Bob Moore authored
      ACPICA commit 0420852ffc520b81960e877852703b739c16025c
      
      Added support for Vendor-defined microphone arrays and SNR
      (signal-to-noise) extension.
      
      Link: https://github.com/acpica/acpica/commit/0420852fSigned-off-by: default avatarBob Moore <robert.moore@intel.com>
      Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
      e4a07f5a
    • Jessica Clarke's avatar
      ACPICA: Avoid subobject buffer overflow when validating RSDP signature · a3e525fe
      Jessica Clarke authored
      ACPICA commit 6bb72909c1e3d415aee214104a01bc9834b2d4ce
      
      Since the Signature member is accessed through an struct acpi_table_header, the
      pointer to it is only to a 4-char array, and so trying to read past the
      4th character, as will be done when it is an RSDP, reads beyond the
      bounds of the accessed member. On CHERI, and thus Arm's experimental
      Morello prototype architecture, pointers are represented as
      capabilities, which are unforgeable bounded pointers, providing
      always-on fine-grained spatial memory safety. By default, subobject
      bounds enforcement is not enabled, only bounds on allocations, but it is
      enabled in the cheri_BSD (a port of free_BSD) kernel as intra-object
      overflow attacks are common on operating system kernels, and so this
      overflow is detected there and traps.
      
      Link: https://github.com/acpica/acpica/commit/6bb72909Signed-off-by: default avatarBob Moore <robert.moore@intel.com>
      Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
      a3e525fe
    • Jessica Clarke's avatar
      ACPICA: Macros: Remove ACPI_PHYSADDR_TO_PTR · 339651be
      Jessica Clarke authored
      ACPICA commit 52abebd410945ec55afb4dd8b7150e8a39b5c960
      
      This macro was only ever used when stuffing pointers into physical
      addresses and trying to later reconstruct the pointer, which is
      implementation-defined as to whether that can be done. Now that all such
      operations are gone, the macro is unused, and should be removed to avoid
      such practices being reintroduced.
      
      Link: https://github.com/acpica/acpica/commit/52abebd4Signed-off-by: default avatarBob Moore <robert.moore@intel.com>
      Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
      339651be
    • Jessica Clarke's avatar
      ACPICA: Use original pointer for virtual origin tables · 5d6e5966
      Jessica Clarke authored
      ACPICA commit dfa3feffa8f760b686207d09dc880cd2f26c72af
      
      Currently the pointer to the table is cast to acpi_physical_address and
      later cast back to a pointer to be dereferenced. Whether or not this is
      supported is implementation-defined.
      
      On CHERI, and thus Arm's experimental Morello prototype architecture,
      pointers are represented as capabilities, which are unforgeable bounded
      pointers, providing always-on fine-grained spatial memory safety. This
      means that any pointer cast to a plain integer will lose all its
      associated metadata, and when cast back to a pointer it will give a
      null-derived pointer (one that has the same metadata as null but an
      address equal to the integer) that will trap on any dereference. As a
      result, this is an implementation where acpi_physical_address cannot be
      used as a hack to store real pointers.
      
      Thus, alter the lifecycle of table descriptors. Internal physical tables
      keep the current behaviour where only the address is set on install, and
      the pointer is set on acquire. Virtual tables (internal and external)
      now store the pointer on initialisation and use that on acquire (which
      will redundantly set *table_ptr to itself, but changing that is both
      unnecessary and overly complicated as acpi_tb_acquire_table is called with
      both a pointer to a variable and a pointer to Table->Pointer itself).
      
      This requires propagating the (possible) table pointer everywhere in
      order to make sure pointers make it through to acpi_tb_acquire_temp_table,
      which requires a change to the acpi_install_table interface. Instead of
      taking an ACPI_PHYSADDR_TYPE and a boolean indicating whether it's
      physical or virtual, it is now split into acpi_install_table (that takes
      an external virtual table pointer) and acpi_install_physical_table (that
      takes an ACPI_PHYSADDR_TYPE for an internal physical table address).
      This also has the benefit of providing a cleaner API.
      
      Link: https://github.com/acpica/acpica/commit/dfa3feffSigned-off-by: default avatarBob Moore <robert.moore@intel.com>
      [ rjw: Adjust the code in tables.c to match interface changes ]
      Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
      5d6e5966
    • Jessica Clarke's avatar
      ACPICA: Use original data_table_region pointer for accesses · ca25f92b
      Jessica Clarke authored
      ACPICA commit d9eb82bd7515989f0b29d79deeeb758db4d6529c
      
      Currently the pointer to the table is cast to acpi_physical_address and
      later cast back to a pointer to be dereferenced. Whether or not this is
      supported is implementation-defined.
      
      On CHERI, and thus Arm's experimental Morello prototype architecture,
      pointers are represented as capabilities, which are unforgeable bounded
      pointers, providing always-on fine-grained spatial memory safety. This
      means that any pointer cast to a plain integer will lose all its
      associated metadata, and when cast back to a pointer it will give a
      null-derived pointer (one that has the same metadata as null but an
      address equal to the integer) that will trap on any dereference. As a
      result, this is an implementation where acpi_physical_address cannot be
      used as a hack to store real pointers.
      
      Thus, add a new field to struct acpi_object_region to store the pointer for
      table regions, and propagate it to acpi_ex_data_table_space_handler via the
      region context, to use a more portable implementation that supports
      CHERI.
      
      Link: https://github.com/acpica/acpica/commit/d9eb82bdSigned-off-by: default avatarBob Moore <robert.moore@intel.com>
      Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
      ca25f92b
    • Mark Langsdorf's avatar
      ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions · f81bdeaf
      Mark Langsdorf authored
      ACPICA commit bc02c76d518135531483dfc276ed28b7ee632ce1
      
      The current ACPI_ACCESS_*_WIDTH defines do not provide a way to
      test that size is small enough to not cause an overflow when
      applied to a 32-bit integer.
      
      Rather than adding more magic numbers, add ACPI_ACCESS_*_SHIFT,
      ACPI_ACCESS_*_MAX, and ACPI_ACCESS_*_DEFAULT #defines and
      redefine ACPI_ACCESS_*_WIDTH in terms of the new #defines.
      
      This was inititally reported on Linux where a size of 102 in
      ACPI_ACCESS_BIT_WIDTH caused an overflow error in the SPCR
      initialization code.
      
      Link: https://github.com/acpica/acpica/commit/bc02c76dSigned-off-by: default avatarMark Langsdorf <mlangsdo@redhat.com>
      Signed-off-by: default avatarBob Moore <robert.moore@intel.com>
      Signed-off-by: default avatarRafael J. Wysocki <rafael.j.wysocki@intel.com>
      f81bdeaf
  2. 26 Dec, 2021 4 commits
  3. 25 Dec, 2021 12 commits
  4. 24 Dec, 2021 3 commits
  5. 23 Dec, 2021 14 commits