From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5AEE4C2BA2B for ; Mon, 13 Apr 2020 15:55:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 314D920735 for ; Mon, 13 Apr 2020 15:55:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1586793335; bh=BUDRicBn8f0ZY8ppIfG0csRmOCIXJIw2tlzx7xNVDnw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=0Nz4bRAOAHwe4OUKqCyWCGQ8aJbXZOGu5B5yqVAvmaiKXIEpvp0sY9BBxHEiJyrbv N2MgI/UYo0/XjkRspG9S0jEgFW0Vh15vTLzUVVrNQKBlEQFmLFvv2stxhPoU6A+bo4 WefZkqcgBUlQxNc1v4VgRBWWp0Safw0qSQGi7yYQ= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731167AbgDMPze (ORCPT ); Mon, 13 Apr 2020 11:55:34 -0400 Received: from mail.kernel.org ([198.145.29.99]:56672 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730923AbgDMPzc (ORCPT ); Mon, 13 Apr 2020 11:55:32 -0400 Received: from e123331-lin.home (amontpellier-657-1-18-247.w109-210.abo.wanadoo.fr [109.210.65.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 5B76C20739; Mon, 13 Apr 2020 15:55:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1586793331; bh=BUDRicBn8f0ZY8ppIfG0csRmOCIXJIw2tlzx7xNVDnw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Fw+jw5m5kVq0nwtcd5wSaX+y+J63IlU5bU5zu0fCjN72+FoqAi62rLYWY6i2erMJ/ gzbO5OSTQhM8UNd/4dvKXB8P6L1HFYMJApMuIOu0AGPgznh/zGy8nrLPWkpgMnO44S 3dZmdxXw4dpTgnaUIdaUJMshUNGnuHYA7LTMRyps= From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, catalin.marinas@arm.com, will@kernel.org, Jonathan.Cameron@huawei.com, nivedita@alum.mit.edu, Ard Biesheuvel Subject: [PATCH v2 1/8] efi/libstub/random: align allocate size to EFI_ALLOC_ALIGN Date: Mon, 13 Apr 2020 17:55:14 +0200 Message-Id: <20200413155521.24698-2-ardb@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200413155521.24698-1-ardb@kernel.org> References: <20200413155521.24698-1-ardb@kernel.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The EFI stub uses a per-architecture #define for the minimum base and size alignment of page allocations, which is set to 4 KB for all architecures except arm64, which uses 64 KB, to ensure that allocations can always be (un)mapped efficiently, regardless of the page size used by the kernel proper, which could be a kexec'ee The API wrappers around page based allocations assume that this alignment is always taken into account, and so efi_free() will also round up its size argument to EFI_ALLOC_ALIGN. Currently, efi_random_alloc() does not honour this alignment for the allocated size, and so freeing such an allocation may result in unrelated memory to be freed, potentially leading to issues after boot. So let's round up size in efi_random_alloc() as well. Fixes: 2ddbfc81eac84a29 ("efi: stub: add implementation of efi_random_alloc()") Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/randomalloc.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/libstub/randomalloc.c b/drivers/firmware/efi/libstub/randomalloc.c index 4578f59e160c..6200dfa650f5 100644 --- a/drivers/firmware/efi/libstub/randomalloc.c +++ b/drivers/firmware/efi/libstub/randomalloc.c @@ -74,6 +74,8 @@ efi_status_t efi_random_alloc(unsigned long size, if (align < EFI_ALLOC_ALIGN) align = EFI_ALLOC_ALIGN; + size = round_up(size, EFI_ALLOC_ALIGN); + /* count the suitable slots in each memory map entry */ for (map_offset = 0; map_offset < map_size; map_offset += desc_size) { efi_memory_desc_t *md = (void *)memory_map + map_offset; @@ -109,7 +111,7 @@ efi_status_t efi_random_alloc(unsigned long size, } target = round_up(md->phys_addr, align) + target_slot * align; - pages = round_up(size, EFI_PAGE_SIZE) / EFI_PAGE_SIZE; + pages = size / EFI_PAGE_SIZE; status = efi_bs_call(allocate_pages, EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA, pages, &target); -- 2.17.1