Re: Bug in patch "x86/pti: Add the pti= cmdline option and documentation"
From: Borislav Petkov
Date: Fri Dec 22 2017 - 11:55:42 EST
On Fri, Dec 22, 2017 at 05:43:50PM +0100, Thomas Gleixner wrote:
> On Fri, 22 Dec 2017, Juergen Gross wrote:
>
> > The patch in the tip tree with commit 506bcdf68b07a0335751e1fe8be37
> > ("x86/pti: Add the pti= cmdline option and documentation") is completely
> > wrong: cmdline_find_option() will return -1 in case the otion isn't
> > found and the len of the argument in case it has been found.
>
> AArgh .....
Please fold this in:
---
diff --git a/arch/x86/mm/pti.c b/arch/x86/mm/pti.c
index 2a5c1b9bdf73..f9fd4eb74d20 100644
--- a/arch/x86/mm/pti.c
+++ b/arch/x86/mm/pti.c
@@ -69,13 +69,15 @@ static void __init pti_print_if_secure(const char *reason)
void __init pti_check_boottime_disable(void)
{
char arg[5];
+ int ret;
if (hypervisor_is_type(X86_HYPER_XEN_PV)) {
pti_print_if_insecure("disabled on XEN PV.");
return;
}
- if (cmdline_find_option(boot_command_line, "pti", arg, sizeof(arg))) {
+ ret = cmdline_find_option(boot_command_line, "pti", arg, sizeof(arg));
+ if (ret > 0) {
if (!strncmp(arg, "off", 3)) {
pti_print_if_insecure("disabled on command line.");
return;
--
Regards/Gruss,
Boris.
SUSE Linux GmbH, GF: Felix ImendÃrffer, Jane Smithard, Graham Norton, HRB 21284 (AG NÃrnberg)
--