Like other vectors already patched, this one here allows the root
user to load ACPI tables, which enables arbitrary physical address
writes, which in turn makes it possible to disable lockdown.
Prevents this by checking the lockdown status before allowing a new
ACPI table to be installed. The link in the trailer shows a PoC of
how this might be used.
Link: https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh
Cc: 5.4+ <stable@vger.kernel.org> # 5.4+
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
ACPICA commit d1716a829d19be23277d9157c575a03b9abb7457
For unloading an ACPI table, it is necessary to provide the index of
the table. The method intended for dynamically loading or hotplug
addition of tables, acpi_load_table(), should provide this information
via an optional pointer to the loaded table index.
This patch fixes the table unload function of acpi_configfs.
Reported-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Fixes: d06c47e3dd ("ACPI: configfs: Resolve objects on host-directed table loads")
Link: https://github.com/acpica/acpica/commit/d1716a82
Signed-off-by: Nikolaus Voss <nikolaus.voss@loewensteinmedical.de>
Signed-off-by: Erik Schmauss <erik.schmauss@intel.com>
Signed-off-by: Bob Moore <robert.moore@intel.com>
Tested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
* acpi-tables:
ACPI: configfs: Resolve objects on host-directed table loads
ACPI: tables: Allow BGRT to be overridden
* acpi-osl:
ACPI: OSL: Make a W=1 kernel-doc warning go away
* acpi-misc:
ACPI: Make AC and battery drivers available on !X86
* acpi-tools:
ACPI: tools: Exclude tools/* from .gitignore patterns
Based on 2 normalized pattern(s):
this program is free software you can redistribute it and or modify
it under the terms of the gnu general public license version 2 as
published by the free software foundation
this program is free software you can redistribute it and or modify
it under the terms of the gnu general public license version 2 as
published by the free software foundation #
extracted by the scancode license scanner the SPDX license identifier
GPL-2.0-only
has been chosen to replace the boilerplate/reference in 4122 file(s).
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Enrico Weigelt <info@metux.net>
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Allison Randal <allison@lohutok.net>
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190604081206.933168790@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If an ACPI SSDT overlay is loaded after built-in tables
have been loaded e.g. via configfs or efivar_ssdt_load()
it is necessary to rewalk the namespace to resolve
references. Without this, relative and absolute paths
like ^PCI0.SBUS or \_SB.PCI0.SBUS are not resolved
correctly.
Make configfs loads use the same method as efivar_ssdt_load().
Signed-off-by: Nikolaus Voss <nikolaus.voss@loewensteinmedical.de>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
ACPICA commit 24870bd9e73d71e2a1ff0a1e94519f8f8409e57d
ACPI_NAME_SIZE changed to ACPI_NAMESEG_SIZE
This clarifies that this is the length of an individual
nameseg, not the length of a generic namestring/namepath.
Improves understanding of the code.
Link: https://github.com/acpica/acpica/commit/24870bd9
Signed-off-by: Bob Moore <robert.moore@intel.com>
Signed-off-by: Erik Schmauss <erik.schmauss@intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
There is no need to have non-static local data structures. otherwise
sparse is not happy:
CHECK drivers/acpi/acpi_configfs.c
drivers/acpi/acpi_configfs.c💯31: warning: symbol 'acpi_table_bin_attrs' was not declared. Should it be static?
drivers/acpi/acpi_configfs.c:196:27: warning: symbol 'acpi_table_attrs' was not declared. Should it be static?
drivers/acpi/acpi_configfs.c:236:34: warning: symbol 'acpi_table_group_ops' was not declared. Should it be static?
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
There is no need to have non-static local functions. otherwise
compiler is not happy:
CC [M] drivers/acpi/acpi_configfs.o
drivers/acpi/acpi_configfs.c:105:9: warning: no previous prototype for ‘acpi_table_signature_show’ [-Wmissing-prototypes]
ssize_t acpi_table_signature_show(struct config_item *cfg, char *str)
^~~~~~~~~~~~~~~~~~~~~~~~~
drivers/acpi/acpi_configfs.c:115:9: warning: no previous prototype for ‘acpi_table_length_show’ [-Wmissing-prototypes]
ssize_t acpi_table_length_show(struct config_item *cfg, char *str)
^~~~~~~~~~~~~~~~~~~~~~
...
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Make these structures const as they are either passed to the functions
having the argument as const or stored as a reference in the "ci_type"
const field of a config_item structure.
Done using Coccienlle.
Signed-off-by: Bhumika Goyal <bhumirks@gmail.com>
Acked-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Call directly into acpica to load a table to obtain its index on return.
We choose the direct call of acpica internal functions to avoid having
to modify its API which is used outside of Linux as well.
Use that index to unload the table again when the corresponding
directory in configfs gets removed. This allows to change SSDTs without
rebooting the system. It also allows to destroy devices again that a
dynamically loaded SSDT created.
This is widely similar to the DT overlay behavior.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
If we compile ACPI configfs.c as module it will confuse the linker as it
hides symbols from the actual configfs:
Kernel: arch/x86/boot/bzImage is ready (#1236)
MODPOST 5739 modules
ERROR: "configfs_unregister_subsystem" [samples/configfs/configfs_sample.ko] undefined!
ERROR: "configfs_register_subsystem" [samples/configfs/configfs_sample.ko] undefined!
ERROR: "config_group_init" [samples/configfs/configfs_sample.ko] undefined!
ERROR: "config_item_init_type_name" [samples/configfs/configfs_sample.ko] undefined!
ERROR: "config_group_init_type_name" [samples/configfs/configfs_sample.ko] undefined!
ERROR: "configfs_undepend_item" [fs/ocfs2/cluster/ocfs2_nodemanager.ko] undefined!
...
Prevent these by renaming the file to acpi_configfs.c instead.
Reported-by: Scott Lawson <scott.lawson@intel.com>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>