Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp4636511ybf; Wed, 4 Mar 2020 07:46:34 -0800 (PST) X-Google-Smtp-Source: ADFU+vuH9FAPjnIwDQ09qwurPW3fJZLFU5tbcHZ4df1It717stIvDx0v0bjAWJcK0T7s79ToEayH X-Received: by 2002:aca:2303:: with SMTP id e3mr2235820oie.74.1583336794534; Wed, 04 Mar 2020 07:46:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583336794; cv=none; d=google.com; s=arc-20160816; b=mvJQvwvDKnapz2nV1BQH4FxrbTVfRwXCJ9l/SRYSRII0SUAzIADBFFo0Eao6Sfjfjz o8xHRw3dWd//ouobSNQtNssVTGZniuuy8jpQAwRu/hVSjhydmoZsHP/aZj9qTzFWOyOQ 1m6TMtuR6ERDvTce6sDX0TDTrPYaYhZtAsMtldabLJCK5iCQi81JiWDue4zx0wNwCdiw CuezCWL5z5G2s+06uul0xsmrSCzBAkeSNyhOTUfC5zzOGUoz9WFvEmFK0DYJFwdNUwD8 J5cmiy/lwX4crVjnbfIEVxTARlw517LIcln+Bm74fRKZwyifdum2Z83YzgKDuSw+FVDG QR8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:thread-index:thread-topic :content-transfer-encoding:mime-version:subject:references :in-reply-to:message-id:cc:to:from:date:dkim-signature; bh=qCLVGTRxnbfjjeCTr0ddYoiLTCcPK4JAZKp83eU87BU=; b=ifDe1XFVdPrJY+1zwo3vIXDFV9i69hyRvmNUvGXTQciYgya/co+8Y+cOoLVxsrMRhB /KtOkRQVb7a+UP376AMnPzBJ4LRcMfP7sTUD1yFbPCy+fJIoP1FktHBOjOfPLAYG24qs mClY2pSspmKty2Z5Lr8PIzRmQ+rZ7NuLM6PmGkyesfzfmGD6PsN36hpbF6RRzFbDCP5K uijcIUCJcdfK3NMnPT8hxte+AcuZsi19nrClHnbElAZ0C9aFFXjYLkZQYIMduBzZKWxl Eu9yJEEuHCqtWkk8gA9N1GO0L3wI+DbG58tuGsuEiRwGSRaAjnORtyPPJ0FcKmKh4PiC acjA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GtymdUEo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f20si1291513otl.313.2020.03.04.07.46.14; Wed, 04 Mar 2020 07:46:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=GtymdUEo; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729664AbgCDPpU (ORCPT + 99 others); Wed, 4 Mar 2020 10:45:20 -0500 Received: from us-smtp-2.mimecast.com ([205.139.110.61]:60910 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1729538AbgCDPpU (ORCPT ); Wed, 4 Mar 2020 10:45:20 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1583336718; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=qCLVGTRxnbfjjeCTr0ddYoiLTCcPK4JAZKp83eU87BU=; b=GtymdUEo+HJhDlta0BKTDfN7S4rY5HVjZcSpwR9kwWctdMoxNwjbg0hQW1EYlWlop4dWrk 17xWrIJUTltee2jo9DW6nuvGmqtnB0BggaeE2CTfLHUqVs+3oDFrfXgLwBDmJE6PwINJtF q3PLrqXS2VJF8HcERm3oTh0KwFSHXm0= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-122-ObxcWQTKPraYzzAA2DDGeQ-1; Wed, 04 Mar 2020 10:45:17 -0500 X-MC-Unique: ObxcWQTKPraYzzAA2DDGeQ-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4F847800053; Wed, 4 Mar 2020 15:45:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 437375DA2C; Wed, 4 Mar 2020 15:45:16 +0000 (UTC) Received: from zmail21.collab.prod.int.phx2.redhat.com (zmail21.collab.prod.int.phx2.redhat.com [10.5.83.24]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 339A28174D; Wed, 4 Mar 2020 15:45:16 +0000 (UTC) Date: Wed, 4 Mar 2020 10:45:16 -0500 (EST) From: Vladis Dronov To: Ard Biesheuvel Cc: linux-efi , Linux Kernel Mailing List Message-ID: <925307051.13073500.1583336716147.JavaMail.zimbra@redhat.com> In-Reply-To: References: <20200303085528.27658-1-vdronov@redhat.com> Subject: Re: [PATCH] efi: fix a race and a buffer overflow while reading efivars via sysfs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.40.204.205, 10.4.195.6] Thread-Topic: fix a race and a buffer overflow while reading efivars via sysfs Thread-Index: dewbhvzFQPAb58gKxgYvGl/QeO33kQ== X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hello, Ard, > Wouldn't it be easier to pass a var_data_size stack variable into > efivar_entry_get(), and only update the value in 'var' if it is <= > 1024? I have prepared a v2 patch with an approach you suggest and will send it out shortly. It indeed simpler and fixes only the overflow bug mentioned. Could you, please, review it and if you like it, probably, accept it? In case I've implemented your idea incorrectly, could you, please, correct me? Best regards, Vladis Dronov | Red Hat, Inc. | The Core Kernel | Senior Software Engineer