From: Ingo Molnar <mingo@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: linux-efi@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
linux-kernel@vger.kernel.org, Andy Lutomirski <luto@kernel.org>,
Arend van Spriel <arend.vanspriel@broadcom.com>,
Bhupesh Sharma <bhsharma@redhat.com>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@intel.com>,
Eric Snowberg <eric.snowberg@oracle.com>,
Hans de Goede <hdegoede@redhat.com>,
Joe Perches <joe@perches.com>, Jon Hunter <jonathanh@nvidia.com>,
Julien Thierry <julien.thierry@arm.com>,
Marc Zyngier <marc.zyngier@arm.com>,
Nathan Chancellor <natechancellor@gmail.com>,
Peter Zijlstra <peterz@infradead.org>,
Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>,
Sedat Dilek <sedat.dilek@gmail.com>,
YiFei Zhu <zhuyifei1999@gmail.com>
Subject: Re: [PATCH 08/11] firmware: efi: add NULL pointer checks in efivars api functions
Date: Fri, 30 Nov 2018 09:11:59 +0100 [thread overview]
Message-ID: <20181130081159.GD16084@gmail.com> (raw)
In-Reply-To: <20181129171230.18699-9-ard.biesheuvel@linaro.org>
* Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> From: Arend van Spriel <arend.vanspriel@broadcom.com>
>
> Since commit:
>
> ce2e6db554fa ("brcmfmac: Add support for getting nvram contents from
> EFI variables")
This commit ID is not upstream AFAICS. Which tree is it from? Mentioning
non-upstream sha1's is discouraged in changelogs, as there's no guarantee
that the sha1 will make it upstream.
> we have a device driver accessing the efivars API. Several functions in
> the efivars API assume __efivars is set, i.e., that they will be accessed
> only after efivars_register() has been called. However, the following NULL
> pointer access was reported calling efivar_entry_size() from the brcmfmac
> device driver.
>
> Unable to handle kernel NULL pointer dereference at virtual address 00000008
> pgd = 60bfa5f1
> [00000008] *pgd=00000000
> Internal error: Oops: 5 [#1] SMP ARM
> ...
> Hardware name: NVIDIA Tegra SoC (Flattened Device Tree)
> Workqueue: events request_firmware_work_func
> PC is at efivar_entry_size+0x28/0x90
> LR is at brcmf_fw_complete_request+0x3f8/0x8d4 [brcmfmac]
> pc : [<c0c40718>] lr : [<bf2a3ef4>] psr: a00d0113
> sp : ede7fe28 ip : ee983410 fp : c1787f30
> r10: 00000000 r9 : 00000000 r8 : bf2b2258
> r7 : ee983000 r6 : c1604c48 r5 : ede7fe88 r4 : edf337c0
> r3 : 00000000 r2 : 00000000 r1 : ede7fe88 r0 : c17712c8
> Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none
> Control: 10c5387d Table: ad16804a DAC: 00000051
>
> Disassembly showed that the local static variable __efivars is NULL,
> which is not entirely unexpected given that it is a non-EFI platform.
> So add a NULL pointer check to efivar_entry_size(), and to related
> functions while at it. In efivars_register() a couple of sanity checks
> are added as well.
>
> Cc: Hans de Goede <hdegoede@redhat.com>
> Reported-by: Jon Hunter <jonathanh@nvidia.com>
> Signed-off-by: Arend van Spriel <arend.vanspriel@broadcom.com>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Will that new commit be backported? If yes I suppose we could mark this
fix -stable too? If not then it's fine for a v4.21 merge.
Thanks,
Ingo
next prev parent reply other threads:[~2018-11-30 8:12 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-29 17:12 [GIT PULL 00/11] EFI updates Ard Biesheuvel
2018-11-29 17:12 ` [PATCH 01/11] x86/efi: Allocate e820 buffer before calling efi_exit_boot_service Ard Biesheuvel
2018-11-30 7:29 ` Ingo Molnar
2018-11-30 8:26 ` Ard Biesheuvel
2018-11-30 8:26 ` Ard Biesheuvel
2018-11-30 8:36 ` Ingo Molnar
2018-11-30 8:36 ` Ingo Molnar
2018-11-30 9:55 ` [tip:efi/core] " tip-bot for Eric Snowberg
2018-11-29 17:12 ` [PATCH 02/11] efi/fdt: Indentation fix Ard Biesheuvel
2018-11-30 7:56 ` [PATCH] efi/fdt: More cleanups Ingo Molnar
2018-11-30 8:31 ` Ard Biesheuvel
2018-11-30 8:31 ` Ard Biesheuvel
2018-11-30 9:48 ` Ingo Molnar
2018-11-30 9:48 ` Ingo Molnar
2018-11-30 9:56 ` [tip:efi/core] efi/fdt: Indentation fix tip-bot for Julien Thierry
2018-11-29 17:12 ` [PATCH 03/11] efi/fdt: Simplify get_fdt flow Ard Biesheuvel
2018-11-30 9:57 ` [tip:efi/core] efi/fdt: Simplify the get_fdt() flow tip-bot for Julien Thierry
2018-11-29 17:12 ` [PATCH 04/11] x86/mm/pageattr: Introduce helper function to unmap EFI boot services Ard Biesheuvel
2018-11-30 9:58 ` [tip:efi/core] " tip-bot for Sai Praneeth Prakhya
2018-11-29 17:12 ` [PATCH 05/11] x86/efi: Unmap EFI boot services code/data regions from efi_pgd Ard Biesheuvel
2018-11-30 9:58 ` [tip:efi/core] " tip-bot for Sai Praneeth Prakhya
2018-12-17 18:06 ` Prakhya, Sai Praneeth
2018-12-17 18:10 ` Ard Biesheuvel
2018-12-17 18:42 ` Prakhya, Sai Praneeth
2018-12-17 19:35 ` Ard Biesheuvel
2018-12-17 19:48 ` Prakhya, Sai Praneeth
2018-12-21 17:02 ` Ard Biesheuvel
2018-12-21 17:13 ` Borislav Petkov
2018-12-21 17:26 ` Ard Biesheuvel
2018-12-21 19:29 ` Borislav Petkov
2018-12-22 11:07 ` Ard Biesheuvel
2019-01-07 15:57 ` Matt Fleming
2018-12-21 17:52 ` Prakhya, Sai Praneeth
2018-11-29 17:12 ` [PATCH 06/11] x86/efi: Move efi_<reserve/free>_boot_services() to arch/x86 Ard Biesheuvel
2018-11-30 9:59 ` [tip:efi/core] " tip-bot for Sai Praneeth Prakhya
2018-11-29 17:12 ` [PATCH 07/11] efi/libstub: Disable some warnings for x86{,_64} Ard Biesheuvel
2018-11-30 9:59 ` [tip:efi/core] " tip-bot for Nathan Chancellor
2018-11-29 17:12 ` [PATCH 08/11] firmware: efi: add NULL pointer checks in efivars api functions Ard Biesheuvel
2018-11-30 8:11 ` Ingo Molnar [this message]
2018-11-30 8:37 ` Ard Biesheuvel
2018-11-30 8:37 ` Ard Biesheuvel
2018-11-30 9:56 ` [tip:efi/core] firmware/efi: Add NULL pointer checks in efivars API functions tip-bot for Arend van Spriel
2018-11-29 17:12 ` [PATCH 09/11] efi: permit multiple entries in persistent memreserve data structure Ard Biesheuvel
2018-11-30 10:00 ` [tip:efi/core] efi: Permit " tip-bot for Ard Biesheuvel
2018-11-29 17:12 ` [PATCH 10/11] efi: reduce the amount of memblock reservations for persistent allocations Ard Biesheuvel
2018-11-30 8:38 ` Ingo Molnar
2018-11-30 8:39 ` Ard Biesheuvel
2018-11-30 8:39 ` Ard Biesheuvel
2018-11-30 10:00 ` [tip:efi/core] efi: Reduce " tip-bot for Ard Biesheuvel
2018-11-29 17:12 ` [PATCH 11/11] efi/x86: earlyprintk - Fix infinite loop on some screen widths Ard Biesheuvel
2018-11-30 8:05 ` Ingo Molnar
2018-11-30 8:32 ` Ard Biesheuvel
2018-11-30 8:32 ` Ard Biesheuvel
2018-11-30 9:55 ` [tip:efi/core] x86/earlyprintk/efi: " tip-bot for YiFei Zhu
2018-11-29 18:27 ` [GIT PULL 00/11] EFI updates Prakhya, Sai Praneeth
2018-11-30 12:01 ` Ard Biesheuvel
2018-11-30 18:01 ` Prakhya, Sai Praneeth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181130081159.GD16084@gmail.com \
--to=mingo@kernel.org \
--cc=ard.biesheuvel@linaro.org \
--cc=arend.vanspriel@broadcom.com \
--cc=bhsharma@redhat.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=eric.snowberg@oracle.com \
--cc=hdegoede@redhat.com \
--cc=joe@perches.com \
--cc=jonathanh@nvidia.com \
--cc=julien.thierry@arm.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=marc.zyngier@arm.com \
--cc=natechancellor@gmail.com \
--cc=peterz@infradead.org \
--cc=sai.praneeth.prakhya@intel.com \
--cc=sedat.dilek@gmail.com \
--cc=tglx@linutronix.de \
--cc=zhuyifei1999@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.