• Zachary Amsden's avatar
    [PATCH] x86: Pnp byte granularity · 5fe9fe3c
    Zachary Amsden authored
    The one remaining caller of set_limit, the PnP BIOS code, calls into the PnP
    BIOS, passing kernel parameters in and out.  These parameteres may be passed
    from arbitrary kernel virtual memory, so they deserve strict protection to
    stop a bad BIOS from smashing beyond the object size.
    
    Unfortunately, the use of set_limit was badly botching this by setting the
    limit in terms of pages, when it really should have byte granularity.
    
    When doing this, I discovered my BIOS had the buggy code during the "get
    system device node" call:
    
     mov ax, es:[bx]
    
    Which is harmless, but has a trivial workaround.
    Signed-off-by: default avatarZachary Amsden <zach@vmware.com>
    Cc: "Seth, Rohit" <rohit.seth@intel.com>
    Cc: Stephen Rothwell <sfr@canb.auug.org.au>
    Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
    5fe9fe3c
head.S 13.4 KB