The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220437 Fixes: 487c407d57d6 ("firmware: arm_scmi: Add common framework to handle firmware quirks") Cc: stable@vger.kernel.org # 6.16 Cc: Cristian Marussi cristian.marussi@arm.com Signed-off-by: Johan Hovold johan@kernel.org --- drivers/firmware/arm_scmi/quirks.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/drivers/firmware/arm_scmi/quirks.c b/drivers/firmware/arm_scmi/quirks.c index 03960aca3610..e70823754b0b 100644 --- a/drivers/firmware/arm_scmi/quirks.c +++ b/drivers/firmware/arm_scmi/quirks.c @@ -89,9 +89,9 @@ struct scmi_quirk { bool enabled; const char *name; - char *vendor; - char *sub_vendor_id; - char *impl_ver_range; + const char *vendor; + const char *sub_vendor_id; + const char *impl_ver_range; u32 start_range; u32 end_range; struct static_key_false *key; @@ -217,7 +217,7 @@ static unsigned int scmi_quirk_signature(const char *vend, const char *sub_vend)
static int scmi_quirk_range_parse(struct scmi_quirk *quirk) { - const char *last, *first = quirk->impl_ver_range; + const char *last, *first; size_t len; char *sep; int ret; @@ -228,8 +228,12 @@ static int scmi_quirk_range_parse(struct scmi_quirk *quirk) if (!len) return 0;
+ first = kmemdup(quirk->impl_ver_range, len + 1, GFP_KERNEL); + if (!first) + return -ENOMEM; + last = first + len - 1; - sep = strchr(quirk->impl_ver_range, '-'); + sep = strchr(first, '-'); if (sep) *sep = '\0';
@@ -238,7 +242,7 @@ static int scmi_quirk_range_parse(struct scmi_quirk *quirk) else /* X OR X- OR X-y */ ret = kstrtouint(first, 0, &quirk->start_range); if (ret) - return ret; + goto out_free;
if (!sep) quirk->end_range = quirk->start_range; @@ -246,7 +250,9 @@ static int scmi_quirk_range_parse(struct scmi_quirk *quirk) ret = kstrtouint(sep + 1, 0, &quirk->end_range);
if (quirk->start_range > quirk->end_range) - return -EINVAL; + ret = -EINVAL; +out_free: + kfree(first);
return ret; }
On Fri, Aug 29, 2025 at 03:21:52PM +0200, Johan Hovold wrote:
The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
With Jan's permission, let's add:
Reported-by: Jan Palus jpalus@fastmail.com
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220437 Fixes: 487c407d57d6 ("firmware: arm_scmi: Add common framework to handle firmware quirks") Cc: stable@vger.kernel.org # 6.16 Cc: Cristian Marussi cristian.marussi@arm.com Signed-off-by: Johan Hovold johan@kernel.org
Johan
Hi Sudeep,
On Fri, Aug 29, 2025 at 04:29:48PM +0200, Johan Hovold wrote:
On Fri, Aug 29, 2025 at 03:21:52PM +0200, Johan Hovold wrote:
The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
With Jan's permission, let's add:
Reported-by: Jan Palus jpalus@fastmail.com
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220437 Fixes: 487c407d57d6 ("firmware: arm_scmi: Add common framework to handle firmware quirks") Cc: stable@vger.kernel.org # 6.16 Cc: Cristian Marussi cristian.marussi@arm.com Signed-off-by: Johan Hovold johan@kernel.org
I noticed that you picked up this fix yesterday but also that you rewrote the commit message and switched using cleanup helpers.
Please don't do such (non-trivial) changes without making that clear in the commit message before your Signed-off-by tag:
[ sudeep: rewrite commit message; switch to cleanup helpers ]
In this case, you also changed the meaning so that the commit message now reads like the sole reason that writing to string constants is wrong is that they may reside in read-only memory.
I used "e.g." on purpose instead of listing further reasons like the fact that string constants may be shared so that parsing of one quirk can subtly break a later one.
Johan
On Tue, Sep 02, 2025 at 11:59:24AM +0200, Johan Hovold wrote:
Hi Sudeep,
On Fri, Aug 29, 2025 at 04:29:48PM +0200, Johan Hovold wrote:
On Fri, Aug 29, 2025 at 03:21:52PM +0200, Johan Hovold wrote:
The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
With Jan's permission, let's add:
Reported-by: Jan Palus jpalus@fastmail.com
I was hoping to hear back, but I assume silence is kind of acceptance.
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=220437 Fixes: 487c407d57d6 ("firmware: arm_scmi: Add common framework to handle firmware quirks") Cc: stable@vger.kernel.org # 6.16 Cc: Cristian Marussi cristian.marussi@arm.com Signed-off-by: Johan Hovold johan@kernel.org
I noticed that you picked up this fix yesterday but also that you rewrote the commit message and switched using cleanup helpers.
Please don't do such (non-trivial) changes without making that clear in the commit message before your Signed-off-by tag:
[ sudeep: rewrite commit message; switch to cleanup helpers ]
Sorry I meant to do that when I replied and asked you if you are OK with cleanup helpers. Also yes I planned to add a line like something above before finalizing.
In this case, you also changed the meaning so that the commit message now reads like the sole reason that writing to string constants is wrong is that they may reside in read-only memory.
Ah, I didn't realise that it changes the meaning now.
I used "e.g." on purpose instead of listing further reasons like the fact that string constants may be shared so that parsing of one quirk can subtly break a later one.
I see your point, will revert to your commit message.
On Tue, Sep 02, 2025 at 11:16:46AM +0100, Sudeep Holla wrote:
On Tue, Sep 02, 2025 at 11:59:24AM +0200, Johan Hovold wrote:
On Fri, Aug 29, 2025 at 04:29:48PM +0200, Johan Hovold wrote:
On Fri, Aug 29, 2025 at 03:21:52PM +0200, Johan Hovold wrote:
The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
With Jan's permission, let's add:
Reported-by: Jan Palus jpalus@fastmail.com
I was hoping to hear back, but I assume silence is kind of acceptance.
I sent the reply with the tag after making sure off-list that Jan was OK with it. Sorry if that was not clear.
Please don't do such (non-trivial) changes without making that clear in the commit message before your Signed-off-by tag:
[ sudeep: rewrite commit message; switch to cleanup helpers ]
Sorry I meant to do that when I replied and asked you if you are OK with cleanup helpers. Also yes I planned to add a line like something above before finalizing.
Sounds like a mail has gotten lost since I never saw that question from you.
I'm fine with using the helpers here even if I'm not generally a fan of them (e.g. due to declarations in middle of functions).
In this case, you also changed the meaning so that the commit message now reads like the sole reason that writing to string constants is wrong is that they may reside in read-only memory.
Ah, I didn't realise that it changes the meaning now.
I used "e.g." on purpose instead of listing further reasons like the fact that string constants may be shared so that parsing of one quirk can subtly break a later one.
I see your point, will revert to your commit message.
Thanks!
Johan
On Tue, Sep 02, 2025 at 12:27:45PM +0200, Johan Hovold wrote:
On Tue, Sep 02, 2025 at 11:16:46AM +0100, Sudeep Holla wrote:
On Tue, Sep 02, 2025 at 11:59:24AM +0200, Johan Hovold wrote:
On Fri, Aug 29, 2025 at 04:29:48PM +0200, Johan Hovold wrote:
On Fri, Aug 29, 2025 at 03:21:52PM +0200, Johan Hovold wrote:
The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
With Jan's permission, let's add:
Reported-by: Jan Palus jpalus@fastmail.com
I was hoping to hear back, but I assume silence is kind of acceptance.
I sent the reply with the tag after making sure off-list that Jan was OK with it. Sorry if that was not clear.
Please don't do such (non-trivial) changes without making that clear in the commit message before your Signed-off-by tag:
[ sudeep: rewrite commit message; switch to cleanup helpers ]
Sorry I meant to do that when I replied and asked you if you are OK with cleanup helpers. Also yes I planned to add a line like something above before finalizing.
Sounds like a mail has gotten lost since I never saw that question from you.
No I hadn't sent it yet, generally wait for builder report to finalise the commit. Sometimes -next integration happens before build sends build report for my branch and that happened this time.
On Fri, Aug 29, 2025 at 03:21:52PM +0200, Johan Hovold wrote:
The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
Hi,
indeed when implementing this I was a bit doubtful about the in-place overwrite approach that I used during the ranges parsing...but since each quirk was indeed initialized once and its range parsed once, it seemed fair to use the string itself as a sort of scratch area while parsing it into integers and avoid the local copy...just I haven't considered the possibility that such strings could be stored in a RO segment...and I got no error on my setup....
Anyway, good catch, it is certainly better to operate on a copy.
LGTM.
Reviewed-by: Cristian Marussi cristian.marussi@arm.com
Thanks, Cristian
On Fri, 29 Aug 2025 15:21:52 +0200, Johan Hovold wrote:
The quirk version range is typically a string constant and must not be modified (e.g. as it may be stored in read-only memory):
Unable to handle kernel write to read-only memory at virtual address ffffc036d998a947
Fix the range parsing so that it operates on a copy of the version range string, and mark all the quirk strings as const to reduce the risk of introducing similar future issues.
[...]
Applied to sudeep.holla/linux (for-next/scmi/updates), thanks!
[1/1] firmware: arm_scmi: quirk: fix write to string constant https://git.kernel.org/sudeep.holla/c/572ce546390d -- Regards, Sudeep
linux-stable-mirror@lists.linaro.org
-
Cristian Marussi -
Johan Hovold -
Sudeep Holla