From: Nathan Lynch <nath...@linux.ibm.com>
Any caller of rtas_call_unlocked() must provide an rtas_args parameter
block distinct from the core rtas_args buffer used by the rtas_call()
path. It's an unlikely error to make, but the potential consequences
are grim, and it's trivial to check.
Signed-off-by: Nathan Lynch <nath...@linux.ibm.com>
---
arch/powerpc/kernel/rtas.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/arch/powerpc/kernel/rtas.c b/arch/powerpc/kernel/rtas.c
index 633c925164e7..47a2aa43d7d4 100644
--- a/arch/powerpc/kernel/rtas.c
+++ b/arch/powerpc/kernel/rtas.c
@@ -1042,6 +1042,13 @@ void rtas_call_unlocked(struct rtas_args *args, int
token, int nargs, int nret,
{
va_list list;
+ /*
+ * Callers must not use rtas_args; otherwise they risk
+ * corrupting the state of the rtas_call() path, which is
+ * serialized by rtas_lock.
+ */
+ WARN_ON(args == &rtas_args);
+
va_start(list, nret);
va_rtas_call(args, token, nargs, nret, list);
va_end(list);
--
2.39.1
