From: jeremy.compostella@intel.com (Compostella, Jeremy)
To: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Ingo Molnar <mingo@kernel.org>, <stefan.stanacar@intel.com>,
<peterz@infradead.org>, <linux-kernel@vger.kernel.org>,
<tglx@linutronix.de>, <hpa@zytor.com>, <bp@alien8.de>,
<ard.biesheuvel@linaro.org>, <linux-tip-commits@vger.kernel.org>
Subject: Re: [tip:efi/core] efibc: Add EFI Bootloader Control module
Date: Fri, 29 Apr 2016 15:53:39 +0200 [thread overview]
Message-ID: <87h9eked24.fsf@jcompost-MOBL1.tl.intel.com> (raw)
In-Reply-To: <20160429121635.GF2839@codeblueprint.co.uk> (Matt Fleming's message of "Fri, 29 Apr 2016 13:16:35 +0100")
[-- Attachment #1: Type: text/plain, Size: 788 bytes --]
Matt Fleming <matt@codeblueprint.co.uk> writes:
> On Fri, 29 Apr, at 01:36:01PM, Jeremy Compostella wrote:
>> I would go for this last proposal because it fixes the issue, it works
>> with the potential race condition you mentioned and it is a simple
>> solution. Yet, it means that if we really run into a race condition,
>> the LoaderEntryOneShot value might be indeterminate.
>>
>> Though, this is a very unlikely situation and if it happens I cannot
>> think of any good reason to prefer to store the first restart target
>> or the second.
>>
>> Do you want me to make this change ?
>
> Yes please, that'd be greatly appreciated. Be sure to do it on top of
> either the EFI 'next' branch or tip:efi/core.
Please, find the patch in attachment. I wrote it on top of
tip:efi/core.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-efibc-fix-excessive-stack-footprint-warning.patch --]
[-- Type: text/x-diff, Size: 2837 bytes --]
>From ef3a2941769e59b11d1ec36117209dc4c90c7cf9 Mon Sep 17 00:00:00 2001
From: Jeremy Compostella <jeremy.compostella@intel.com>
Date: Fri, 29 Apr 2016 15:29:59 +0200
Subject: [PATCH] efibc: fix excessive stack footprint warning
Use dynamic memory allocation instead of stack memory for the entry
object.
This patch also fixes a potential buffer override.
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
---
drivers/firmware/efi/efibc.c | 36 ++++++++++++++++++++++++------------
1 file changed, 24 insertions(+), 12 deletions(-)
diff --git a/drivers/firmware/efi/efibc.c b/drivers/firmware/efi/efibc.c
index 2e0c7cc..dd6d1a6 100644
--- a/drivers/firmware/efi/efibc.c
+++ b/drivers/firmware/efi/efibc.c
@@ -17,6 +17,7 @@
#include <linux/efi.h>
#include <linux/module.h>
#include <linux/reboot.h>
+#include <linux/slab.h>
static void efibc_str_to_str16(const char *str, efi_char16_t *str16)
{
@@ -28,42 +29,53 @@ static void efibc_str_to_str16(const char *str, efi_char16_t *str16)
str16[i] = '\0';
}
-static void efibc_set_variable(const char *name, const char *value)
+static int efibc_set_variable(const char *name, const char *value)
{
int ret;
efi_guid_t guid = LINUX_EFI_LOADER_ENTRY_GUID;
- struct efivar_entry entry;
+ struct efivar_entry *entry;
size_t size = (strlen(value) + 1) * sizeof(efi_char16_t);
- if (size > sizeof(entry.var.Data))
+ if (size > sizeof(entry->var.Data)) {
pr_err("value is too large");
+ return -1;
+ }
- efibc_str_to_str16(name, entry.var.VariableName);
- efibc_str_to_str16(value, (efi_char16_t *)entry.var.Data);
- memcpy(&entry.var.VendorGuid, &guid, sizeof(guid));
+ entry = kmalloc(sizeof(*entry), GFP_KERNEL);
+ if (!entry) {
+ pr_err("failed to allocate efivar entry");
+ return -1;
+ }
- ret = efivar_entry_set(&entry,
+ efibc_str_to_str16(name, entry->var.VariableName);
+ efibc_str_to_str16(value, (efi_char16_t *)entry->var.Data);
+ memcpy(&entry->var.VendorGuid, &guid, sizeof(guid));
+
+ ret = efivar_entry_set(entry,
EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS,
- size, entry.var.Data, NULL);
+ size, entry->var.Data, NULL);
if (ret)
pr_err("failed to set %s EFI variable: 0x%x\n",
name, ret);
+
+ kfree(entry);
+ return ret;
}
static int efibc_reboot_notifier_call(struct notifier_block *notifier,
unsigned long event, void *data)
{
const char *reason = "shutdown";
+ int ret;
if (event == SYS_RESTART)
reason = "reboot";
- efibc_set_variable("LoaderEntryRebootReason", reason);
-
- if (!data)
- return NOTIFY_DONE;
+ ret = efibc_set_variable("LoaderEntryRebootReason", reason);
+ if (ret || !data)
+ return NOTIFY_DONE;
efibc_set_variable("LoaderEntryOneShot", (char *)data);
--
1.9.1
[-- Attachment #3: Type: text/plain, Size: 45 bytes --]
Jérémy
--
One Emacs to rule them all
next prev parent reply other threads:[~2016-04-29 13:55 UTC|newest]
Thread overview: 97+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-25 20:06 [GIT PULL 00/40] EFI changes for v4.7 Matt Fleming
2016-04-25 20:06 ` [PATCH 01/40] efi: Get rid of EFI_SYSTEM_TABLES status bit Matt Fleming
2016-04-28 10:30 ` [tip:efi/core] efi: Get rid of the " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 02/40] efi/arm*: Drop writable mapping of the UEFI System table Matt Fleming
2016-04-28 10:30 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 03/40] x86/mm/pat: Document the (currently) EFI-only code path Matt Fleming
2016-04-28 10:31 ` [tip:efi/core] " tip-bot for Matt Fleming
2016-04-25 20:06 ` [PATCH 04/40] efi/arm64: Report unexpected errors when determining Secure Boot status Matt Fleming
2016-04-28 10:31 ` [tip:efi/core] " tip-bot for Linn Crosetto
2016-04-25 20:06 ` [PATCH 05/40] efi/arm64: Check SetupMode " Matt Fleming
2016-04-28 10:31 ` [tip:efi/core] " tip-bot for Linn Crosetto
2016-04-25 20:06 ` [PATCH 06/40] efi: Iterate over efi.memmap in for_each_efi_memory_desc Matt Fleming
2016-04-28 10:32 ` [tip:efi/core] efi: Iterate over efi.memmap in for_each_efi_memory_desc() tip-bot for Matt Fleming
2016-04-25 20:06 ` [PATCH 07/40] efi: Remove global 'memmap' Matt Fleming
2016-04-28 10:32 ` [tip:efi/core] efi: Remove global 'memmap' EFI memory map tip-bot for Matt Fleming
2016-04-29 8:31 ` [PATCH] efi: Remove unnecessary (and buggy) .memmap initialization from the Xen EFI driver Ingo Molnar
2016-04-29 8:39 ` Matt Fleming
2016-04-29 9:53 ` [tip:efi/core] " tip-bot for Ingo Molnar
2016-04-25 20:06 ` [PATCH 08/40] efi: Check EFI_MEMORY_DESCRIPTOR version explicitly Matt Fleming
2016-04-28 10:33 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 09/40] efi/arm*: Use memremap() to create the persistent memmap mapping Matt Fleming
2016-04-28 10:33 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 10/40] ARM: efi: Apply strict permissons for UEFI Runtime Services regions Matt Fleming
2016-04-28 10:33 ` [tip:efi/core] ARM/efi: Apply strict permissions " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 11/40] arm64: efi: Apply strict permissons " Matt Fleming
2016-04-28 10:34 ` [tip:efi/core] arm64/efi: Apply strict permissions to " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 12/40] efi: Add support for the EFI_MEMORY_ATTRIBUTES_TABLE config table Matt Fleming
2016-04-28 10:34 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 13/40] efi: Implement generic support for the Memory Attributes table Matt Fleming
2016-04-28 10:35 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 14/40] efi/arm*: Take the Memory Attributes table into account Matt Fleming
2016-04-28 10:35 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 15/40] x86/efi: Remove the always true EFI_DEBUG symbol Matt Fleming
2016-04-28 10:36 ` [tip:efi/core] " tip-bot for Matt Fleming
2016-04-25 20:06 ` [PATCH 16/40] x86/efi: Prepare GOP handling code for reuse as generic code Matt Fleming
2016-04-28 10:36 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 17/40] efi/libstub: Move Graphics Output Protocol handling to " Matt Fleming
2016-04-28 10:36 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 18/40] x86/efi: efifb: Move DMI based quirks handling out of " Matt Fleming
2016-04-28 10:37 ` [tip:efi/core] x86/efi/efifb: " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 19/40] efifb: Use builtin_platform_driver and drop unused includes Matt Fleming
2016-04-28 10:37 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 20/40] arm64/efi: libstub: Make screen_info accessible to the UEFI stub Matt Fleming
2016-04-28 10:38 ` [tip:efi/core] arm64/efi/libstub: " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 21/40] efi/arm: libstub: " Matt Fleming
2016-04-28 10:38 ` [tip:efi/core] efi/arm/libstub: " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 22/40] efi/arm*: libstub: Wire up GOP protocol to struct screen_info Matt Fleming
2016-04-28 10:38 ` [tip:efi/core] efi/arm*/libstub: Wire up GOP protocol to 'struct screen_info' tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 23/40] efi/arm*: Wire up struct screen_info to efi-framebuffer platform device Matt Fleming
2016-04-28 10:39 ` [tip:efi/core] efi/arm*: Wire up 'struct screen_info' " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 24/40] efifb: Enable the efi-framebuffer platform driver for ARM and arm64 Matt Fleming
2016-04-28 10:39 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:06 ` [PATCH 25/40] efibc: EFI Bootloader Control Matt Fleming
2016-04-28 10:40 ` [tip:efi/core] efibc: Add EFI Bootloader Control module tip-bot for Compostella, Jeremy
2016-04-29 9:53 ` Ingo Molnar
2016-04-29 10:30 ` Matt Fleming
2016-04-29 11:36 ` Compostella, Jeremy
2016-04-29 12:16 ` Matt Fleming
2016-04-29 13:53 ` Compostella, Jeremy [this message]
2016-04-29 19:46 ` Ingo Molnar
2016-04-30 8:33 ` Compostella, Jeremy
2016-04-30 20:01 ` Matt Fleming
2016-04-30 20:08 ` Matt Fleming
2016-05-02 7:56 ` Compostella, Jeremy
2016-05-03 14:41 ` Matt Fleming
2016-05-01 8:03 ` Ard Biesheuvel
2016-05-01 13:13 ` Matt Fleming
2016-04-25 20:06 ` [PATCH 26/40] efi: Move efi_status_to_err() to drivers/firmware/efi/ Matt Fleming
2016-04-28 10:40 ` [tip:efi/core] " tip-bot for Matt Fleming
2016-04-25 20:06 ` [PATCH 27/40] efi: Capsule update support Matt Fleming
2016-04-28 10:40 ` [tip:efi/core] efi: Add 'capsule' " tip-bot for Matt Fleming
2016-04-25 20:07 ` [PATCH 28/40] x86/efi: Force EFI reboot to process pending capsules Matt Fleming
2016-04-28 10:41 ` [tip:efi/core] " tip-bot for Matt Fleming
2016-04-25 20:07 ` [PATCH 29/40] efi: A misc char interface to update EFI firmware Matt Fleming
2016-04-28 10:41 ` [tip:efi/core] efi: Add misc char driver " tip-bot for Kweh, Hock Leong
2016-04-25 20:07 ` [PATCH 30/40] efi/arm-init: Reserve rather than unmap the memory map for ARM as well Matt Fleming
2016-04-28 10:42 ` [tip:efi/core] " tip-bot for Ard Biesheuvel
2016-04-25 20:07 ` [PATCH 31/40] efi/runtime-wrappers: Add {__,}efi_call_virt templates Matt Fleming
2016-04-28 10:42 ` [tip:efi/core] efi/runtime-wrappers: Add {__,}efi_call_virt() templates tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 32/40] arm64/efi: Move to generic {__,}efi_call_virt Matt Fleming
2016-04-28 10:42 ` [tip:efi/core] arm64/efi: Move to generic {__,}efi_call_virt() tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 33/40] arm/efi: Move to generic {__,}efi_call_virt Matt Fleming
2016-04-28 10:43 ` [tip:efi/core] arm/efi: Move to generic {__,}efi_call_virt() tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 34/40] x86/efi: Move to generic {__,}efi_call_virt Matt Fleming
2016-04-28 10:43 ` [tip:efi/core] x86/efi: Move to generic {__,}efi_call_virt() tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 35/40] efi/runtime-wrappers: Remove redundant ifdefs Matt Fleming
2016-04-28 10:44 ` [tip:efi/core] efi/runtime-wrappers: Remove redundant #ifdefs tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 36/40] efi/runtime-wrappers: Detect firmware irq flag corruption Matt Fleming
2016-04-28 10:44 ` [tip:efi/core] efi/runtime-wrappers: Detect firmware IRQ " tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 37/40] arm64/efi: Enable runtime call flag checking Matt Fleming
2016-04-28 10:44 ` [tip:efi/core] " tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 38/40] arm/efi: " Matt Fleming
2016-04-28 10:45 ` [tip:efi/core] " tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 39/40] x86/efi: " Matt Fleming
2016-04-28 10:45 ` [tip:efi/core] " tip-bot for Mark Rutland
2016-04-25 20:07 ` [PATCH 40/40] efi/runtime-wrappers: Remove ARCH_EFI_IRQ_FLAGS_MASK ifdef Matt Fleming
2016-04-28 10:46 ` [tip:efi/core] efi/runtime-wrappers: Remove ARCH_EFI_IRQ_FLAGS_MASK #ifdef tip-bot for Mark Rutland
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87h9eked24.fsf@jcompost-MOBL1.tl.intel.com \
--to=jeremy.compostella@intel.com \
--cc=ard.biesheuvel@linaro.org \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=matt@codeblueprint.co.uk \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=stefan.stanacar@intel.com \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).