!43 [sync] PR-36: Fix CVE-2023-49100
From: @openeuler-sync-bot Reviewed-by: @cherry530 Signed-off-by: @cherry530
This commit is contained in:
openeuler-ci-bot
Gitee
commit
7ecd192f9e
37
CVE-2023-49100.patch
Normal file
37
CVE-2023-49100.patch
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
From a7eff3477dcf3624c74f5217419b1a27b7ebd2aa Mon Sep 17 00:00:00 2001
|
||||||
|
From: Manish Pandey <manish.pandey2@arm.com>
|
||||||
|
Date: Thu, 26 Oct 2023 11:14:21 +0100
|
||||||
|
Subject: fix(sdei): ensure that interrupt ID is valid
|
||||||
|
|
||||||
|
As per SDEI spec (section 5.1.14.1), SDEI_INTERRUPT_BIND interface
|
||||||
|
expects a valid PPI or SPI. SGI's are not allowed to be bounded.
|
||||||
|
Current check in the code only checks for an SGI and returns invalid
|
||||||
|
ID. This check is insufficient as it will not catch architecturally
|
||||||
|
invalid interrupt IDs.
|
||||||
|
|
||||||
|
Modify the check to ensure that interrupt is either PPI or SPI.
|
||||||
|
|
||||||
|
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
|
||||||
|
Change-Id: I52eb0a6d7f88a12f6816cff9b68fb3a7ca12cbb7
|
||||||
|
---
|
||||||
|
services/std_svc/sdei/sdei_main.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/services/std_svc/sdei/sdei_main.c b/services/std_svc/sdei/sdei_main.c
|
||||||
|
index 44178eddd3..0fd3c1d32c 100644
|
||||||
|
--- a/services/std_svc/sdei/sdei_main.c
|
||||||
|
+++ b/services/std_svc/sdei/sdei_main.c
|
||||||
|
@@ -710,8 +710,8 @@ static int sdei_interrupt_bind(unsigned int intr_num)
|
||||||
|
sdei_ev_map_t *map;
|
||||||
|
bool retry = true, shared_mapping;
|
||||||
|
|
||||||
|
- /* SGIs are not allowed to be bound */
|
||||||
|
- if (plat_ic_is_sgi(intr_num) != 0)
|
||||||
|
+ /* Interrupt must be either PPI or SPI */
|
||||||
|
+ if (!(plat_ic_is_ppi(intr_num) || plat_ic_is_spi(intr_num)))
|
||||||
|
return SDEI_EINVAL;
|
||||||
|
|
||||||
|
shared_mapping = (plat_ic_is_spi(intr_num) != 0);
|
||||||
|
--
|
||||||
|
cgit v1.2.3
|
||||||
|
|
||||||
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
Name: arm-trusted-firmware
|
Name: arm-trusted-firmware
|
||||||
Version: 2.3
|
Version: 2.3
|
||||||
Release: 3
|
Release: 4
|
||||||
Summary: ARM Trusted Firmware
|
Summary: ARM Trusted Firmware
|
||||||
License: BSD
|
License: BSD
|
||||||
URL: https://github.com/ARM-software/arm-trusted-firmware/wiki
|
URL: https://github.com/ARM-software/arm-trusted-firmware/wiki
|
||||||
@ -15,6 +15,8 @@ Patch0001: CVE-2022-47630-2.patch
|
|||||||
Patch0002: CVE-2022-47630-3.patch
|
Patch0002: CVE-2022-47630-3.patch
|
||||||
# https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=abb8f936fd0ad085
|
# https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=abb8f936fd0ad085
|
||||||
Patch0003: CVE-2022-47630-4.patch
|
Patch0003: CVE-2022-47630-4.patch
|
||||||
|
# https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=a7eff3477dcf3624
|
||||||
|
Patch0004: CVE-2023-49100.patch
|
||||||
ExclusiveArch: aarch64
|
ExclusiveArch: aarch64
|
||||||
BuildRequires: dtc
|
BuildRequires: dtc
|
||||||
|
|
||||||
@ -69,6 +71,9 @@ strip %{buildroot}/%{_datadir}/%{name}/rk3368/bl31.elf
|
|||||||
%{_datadir}/%{name}
|
%{_datadir}/%{name}
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Jan 23 2024 yaoxin <yao_xin001@hoperun.com> - 2.3-4
|
||||||
|
- Fix CVE-2023-49100
|
||||||
|
|
||||||
* Fri Dec 01 2023 yaoxin <yao_xin001@hoperun.com> - 2.3-3
|
* Fri Dec 01 2023 yaoxin <yao_xin001@hoperun.com> - 2.3-3
|
||||||
- Fix CVE-2022-47630
|
- Fix CVE-2022-47630
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user