www.infradead.org Git - users/dwmw2/linux.git/commit

author	Ard Biesheuvel <ardb@kernel.org>
	Thu, 6 Mar 2025 15:59:16 +0000 (16:59 +0100)
committer	Ingo Molnar <mingo@kernel.org>
	Thu, 6 Mar 2025 21:02:39 +0000 (22:02 +0100)
commit	c00b413a96261faef4ce22329153c6abd4acef25
tree	91b59a6a3dff54f701039b992303d304bd873e92	tree
parent	0d3e0dfd68fb9e6b0ec865be9f3377cc3ff55733	commit \| diff

x86/boot: Sanitize boot params before parsing command line

The 5-level paging code parses the command line to look for the 'no5lvl'
string, and does so very early, before sanitize_boot_params() has been
called and has been given the opportunity to wipe bogus data from the
fields in boot_params that are not covered by struct setup_header, and
are therefore supposed to be initialized to zero by the bootloader.

This triggers an early boot crash when using syslinux-efi to boot a
recent kernel built with CONFIG_X86_5LEVEL=y and CONFIG_EFI_STUB=n, as
the 0xff padding that now fills the unused PE/COFF header is copied into
boot_params by the bootloader, and interpreted as the top half of the
command line pointer.

Fix this by sanitizing the boot_params before use. Note that there is no
harm in calling this more than once; subsequent invocations are able to
spot that the boot_params have already been cleaned up.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: <stable@vger.kernel.org> # v6.1+
Link: https://lore.kernel.org/r/20250306155915.342465-2-ardb+git@google.com
Closes: https://lore.kernel.org/all/202503041549.35913.ulrich.gemkow@ikr.uni-stuttgart.de