EDAC/versal: Check user-supplied data before injecting an error

The function inject_data_ue_store() lacks a NULL check for the user
passed values. To prevent below kernel crash include a NULL check.

Call trace:

  kstrtoull
  kstrtou8
  inject_data_ue_store
  full_proxy_write
  vfs_write
  ksys_write
  __arm64_sys_write
  invoke_syscall
  el0_svc_common.constprop.0
  do_el0_svc
  el0_svc
  el0t_64_sync_handler
  el0t_64_sync

Fixes: 83bf24051a60 ("EDAC/versal: Make the bit position of injected errors configurable")
Signed-off-by: Shubhrajyoti Datta <shubhrajyoti.datta@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/r/20240425121942.26378-3-shubhrajyoti.datta@amd.com

diff --git a/drivers/edac/versal_edac.c b/drivers/edac/versal_edac.c
index 873e7377a105ffe28de5b593441d964fa45c359b..0c50afafc3e23260b98664c3d9993154c89d4161 100644 (file)
--- a/drivers/edac/versal_edac.c
+++ b/drivers/edac/versal_edac.c
@@ -865,6 +865,9 @@ static ssize_t inject_data_ue_store(struct file *file, const char __user *data,
        for (i = 0; i < NUM_UE_BITPOS; i++)
                token[i] = strsep(&pbuf, ",");
 
+       if (!token[0] || !token[1])
+               return -EFAULT;
+
        ret = kstrtou8(token[0], 0, &ue0);
        if (ret)
                return ret;