From: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
To: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Thomas Gleixner <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>,
"H . Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
Cc: Ard Biesheuvel
<ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Matt Fleming
<matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, "Lee,
Chun-Yi" <jlee-IBi9RG/b67k@public.gmane.org>,
Matthew Garrett <mjg59-JW9irJGTvgXQT0dZR+AlfA@public.gmane.org>,
Peter Jones <pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Subject: [GIT PULL 0/5] EFI urgent fixes
Date: Fri, 12 Feb 2016 11:27:07 +0000 [thread overview]
Message-ID: <1455276432-9931-1-git-send-email-matt@codeblueprint.co.uk> (raw)
Folks,
Please pull the following EFI patches from Peter that prevent
accidental deletion of EFI variables through efivarfs which can lead
to bricked machines.
These obviously need backporting to stable, so I'll take care of
sending the backports separately because we don't need to send the
entire 5 patch series.
The following changes since commit 59fd1214561921343305a0e9dc218bf3d40068f3:
x86/mm/numa: Fix 32-bit memblock range truncation bug on 32-bit NUMA kernels (2016-02-08 12:10:03 +0100)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi.git tags/efi-urgent
for you to fetch changes up to ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879:
efi: Make efivarfs entries immutable by default (2016-02-10 16:25:52 +0000)
----------------------------------------------------------------
* Prevent accidental deletion of EFI variables through efivarfs that
may brick machines. We use a whitelist of known-safe variables to
allow things like installing distributions to work out of the box, and
instead restrict vendor-specific variable deletion by making
non-whitelist variables immutable - Peter Jones
----------------------------------------------------------------
Peter Jones (5):
lib/ucs2_string: Add ucs2 -> utf8 helper functions
efi: Use ucs2_as_utf8 in efivarfs instead of open coding a bad version
efi: Do variable name validation tests in utf8
efi: Make our variable validation list include the guid
efi: Make efivarfs entries immutable by default
Documentation/filesystems/efivarfs.txt | 7 ++
drivers/firmware/efi/efivars.c | 35 +++---
drivers/firmware/efi/vars.c | 143 ++++++++++++++++++-------
fs/efivarfs/file.c | 70 ++++++++++++
fs/efivarfs/inode.c | 30 ++++--
fs/efivarfs/internal.h | 3 +-
fs/efivarfs/super.c | 16 +--
include/linux/efi.h | 5 +-
include/linux/ucs2_string.h | 4 +
lib/ucs2_string.c | 62 +++++++++++
tools/testing/selftests/efivarfs/efivarfs.sh | 19 +++-
tools/testing/selftests/efivarfs/open-unlink.c | 72 ++++++++++++-
12 files changed, 383 insertions(+), 83 deletions(-)
next reply other threads:[~2016-02-12 11:27 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-12 11:27 Matt Fleming [this message]
2016-02-12 11:27 ` [PATCH 2/5] efi: Use ucs2_as_utf8 in efivarfs instead of open coding a bad version Matt Fleming
[not found] ` <1455276432-9931-3-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-18 5:34 ` H. Peter Anvin
[not found] ` <12473B1F-5227-4E83-BAF9-06B69CF74D77-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2016-02-18 6:09 ` Matthew Garrett
[not found] ` <CAPeXnHuoQgrz1-_zkBKcskNE24jK2L5DSyWjbBoU+ceVzGZe0Q-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-02-18 9:36 ` H. Peter Anvin
[not found] ` <1455276432-9931-1-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-12 11:27 ` [PATCH 1/5] lib/ucs2_string: Add ucs2 -> utf8 helper functions Matt Fleming
2016-02-12 11:27 ` [PATCH 3/5] efi: Do variable name validation tests in utf8 Matt Fleming
2016-02-12 11:27 ` [PATCH 4/5] efi: Make our variable validation list include the guid Matt Fleming
2016-02-12 11:27 ` [PATCH 5/5] efi: Make efivarfs entries immutable by default Matt Fleming
[not found] ` <1455276432-9931-6-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-15 10:50 ` Matt Fleming
2016-02-16 12:15 ` [GIT PULL 0/5] EFI urgent fixes Ingo Molnar
2016-02-16 12:52 ` Matt Fleming
[not found] ` <20160216125236.GB2769-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-17 7:59 ` Ingo Molnar
2016-02-17 10:16 ` Matt Fleming
2017-05-26 11:36 Matt Fleming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1455276432-9931-1-git-send-email-matt@codeblueprint.co.uk \
--to=matt-mf/unelci9gs6ibeejttw/xrex20p6io@public.gmane.org \
--cc=ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
--cc=jlee-IBi9RG/b67k@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=mjg59-JW9irJGTvgXQT0dZR+AlfA@public.gmane.org \
--cc=pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).