kdb: do a sanity check on the cpu in kdb_per_cpu()

BugLink: https://bugs.launchpad.net/bugs/1863019
[ Upstream commit b586627e10f57ee3aa8f0cfab0d6f7dc4ae63760 ]

The "whichcpu" comes from argv[3].  The cpu_online() macro looks up the
cpu in a bitmap of online cpus, but if the value is too high then it
could read beyond the end of the bitmap and possibly Oops.

Fixes: 5d5314d6795f ("kdb: core for kgdb back end (1 of 2)")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>

diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
index eb1779ea05a082097a9db09de477e48c650da9cc..10a11b82701c4286b615ddb3745daa845d52a3c0 100644 (file)
--- a/kernel/debug/kdb/kdb_main.c
+++ b/kernel/debug/kdb/kdb_main.c
@@ -2634,7 +2634,7 @@ static int kdb_per_cpu(int argc, const char **argv)
                diag = kdbgetularg(argv[3], &whichcpu);
                if (diag)
                        return diag;
-               if (!cpu_online(whichcpu)) {
+               if (whichcpu >= nr_cpu_ids || !cpu_online(whichcpu)) {
                        kdb_printf("cpu %ld is not online\n", whichcpu);
                        return KDB_BADCPUNUM;
                }