xenbits.xensource.com Git - xen.git/commit

author	Roger Pau Monne <roger.pau@citrix.com>
	Thu, 13 Mar 2025 11:19:48 +0000 (12:19 +0100)
committer	Roger Pau Monne <roger.pau@citrix.com>
	Mon, 17 Mar 2025 12:33:29 +0000 (13:33 +0100)
commit	9a6f2c52f75781acda39fab5cc96d1bcc54bf534
tree	0f50c0fa9d5d3b9639872994b3b89c95170de4a0	tree
parent	53ec18fa8f590ea6ad4792a0b126013dd39a25ee	commit \| diff

x86/ioremap: prevent additions against the NULL pointer

This was reported by clang UBSAN as:

UBSAN: Undefined behaviour in arch/x86/mm.c:6297:40
applying zero offset to null pointer
[...]
Xen call trace:
    [<ffff82d040303662>] R common/ubsan/ubsan.c#ubsan_epilogue+0xa/0xc0
    [<ffff82d040304aa3>] F __ubsan_handle_pointer_overflow+0xcb/0x100
    [<ffff82d0406ebbc0>] F ioremap_wc+0xc8/0xe0
    [<ffff82d0406c3728>] F video_init+0xd0/0x180
    [<ffff82d0406ab6f5>] F console_init_preirq+0x3d/0x220
    [<ffff82d0406f1876>] F __start_xen+0x68e/0x5530
    [<ffff82d04020482e>] F __high_start+0x8e/0x90

Fix bt_ioremap() and ioremap{,_wc}() to not add the offset if the returned
pointer from __vmap() is NULL.

Fixes: d0d4635d034f ('implement vmap()')
Fixes: f390941a92f1 ('x86/DMI: fix table mapping when one lives above 1Mb')
Fixes: 81d195c6c0e2 ('x86: introduce ioremap_wc()')
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

xen/arch/x86/dmi_scan.c		diff \| blob \| blame \| history
xen/arch/x86/mm.c		diff \| blob \| blame \| history