ACPI: APEI: Fix AER info corruption when error status data has multiple sections
ghes_handle_aer() passes AER data to the PCI core for logging and recovery by calling aer_recover_queue() with a pointer to struct aer_capability_regs. The problem was that aer_recover_queue() queues the pointer directly without copying the aer_capability_regs data. The pointer was to the ghes->estatus buffer, which could be reused before aer_recover_work_func() reads the data. To avoid this problem, allocate a new aer_capability_regs structure from the ghes_estatus_pool, copy the AER data from the ghes->estatus buffer into it, pass a pointer to the new struct to aer_recover_queue(), and free it after aer_recover_work_func() has processed it. Reported-by: Bjorn Helgaas <helgaas@kernel.org> Acked-by: Bjorn Helgaas <bhelgaas@google.com> Signed-off-by: Shiju Jose <shiju.jose@huawei.com> [ rjw: Subject edits ] Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
This commit is contained in:
Shiju Jose
committed by
Rafael J. Wysocki
Rafael J. Wysocki
parent
ce9ecca023
commit
e2abc47a5a
@@ -73,8 +73,12 @@ int ghes_register_vendor_record_notifier(struct notifier_block *nb);
|
||||
void ghes_unregister_vendor_record_notifier(struct notifier_block *nb);
|
||||
|
||||
struct list_head *ghes_get_devices(void);
|
||||
|
||||
void ghes_estatus_pool_region_free(unsigned long addr, u32 size);
|
||||
#else
|
||||
static inline struct list_head *ghes_get_devices(void) { return NULL; }
|
||||
|
||||
static inline void ghes_estatus_pool_region_free(unsigned long addr, u32 size) { return; }
|
||||
#endif
|
||||
|
||||
int ghes_estatus_pool_init(unsigned int num_ghes);
|
||||
|
||||
Reference in New Issue
Block a user