[BUG] ARM64 regression: NULL pointer dereference in arm_smccc_version_init+0x90/0x1ac
Will Deacon
will at kernel.org
Thu Feb 6 05:11:54 PST 2025
On Wed, Feb 05, 2025 at 05:50:13PM +0100, Emanuele Rocca wrote:
> Hello Will,
>
> On 2025-02-04 10:00, Will Deacon wrote:
> > Emanuele -- could you hack the code to poison the other unused result
> > registers () and see if they are also cleared? ARM_SMCCC_TRNG_VERSION
> > looks like a 32-bit call, so that would be W1-W7 afaict.
>
> Not sure if this is exactly what you are asking for, but right before
> the call to smccc_probe_trng():
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/drivers/firmware/smccc/smccc.c?h=v6.1.124#n29
>
> I did the following to write to all registers. First I tried W1-W7, then
> I went for W1-W17 too:
>
> register unsigned long w1 asm("w1");
> [...]
> register unsigned long w17 asm("w17");
>
> asm volatile(
> "mov w1, #0x1234\n"
> "mov w2, #0x2234\n"
> [...]
> "mov w16, #0x0234\n"
> "mov w17, #0x1234\n"
> );
>
> The values I wrote were not overwritten, see https://people.debian.org/~ema/w1-w17.jpg
Hrm, now I'm confused :/
In your screenshot, x6 looks like it's retained its poison value, but
that was the register being corrupted in the initial report. Maybe you
could share the diff you made?
Will
More information about the linux-arm-kernel
mailing list