Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp4637982ybf;
        Wed, 4 Mar 2020 07:48:16 -0800 (PST)
X-Google-Smtp-Source: ADFU+vuRlHiDUEJS4e1NDb3dXTMwSN79hLd54Cu4ygMiyZfuWnQcR6MJtXL/YDH1QgCwW4/lMwPM
X-Received: by 2002:aca:d68a:: with SMTP id n132mr2244238oig.40.1583336896213;
        Wed, 04 Mar 2020 07:48:16 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1583336896; cv=none;
        d=google.com; s=arc-20160816;
        b=t7b24yTIJ78Qa0ARvsjUQC3NTINoo6ntPhRV9tzr9nLvgIew6U2wwURnSmDKoz97Rf
         nE36qV/P7wtv7+zbT+P0T4xt/EdoDjXj1BbjPw61zqofFGrZbTGXe51d/9j0dH5mW48K
         IzT9AOT9rch5P4h9F7Ti1Y/mEWuSweMrUmMYG7DZa7KOLhglKIIrGiajiiEqDDake0qt
         Lhty7O3RgvGaFcAnKCWH3yPIEOLqCBjG5N6JhX6G50Fd4KcetZz+PoqaTMYJLR0yWm+F
         H2C0izHcCVKVugbMNwbxE/nRIUSJuV8G/swnhzpF0gSGQfhxZW1yG6Uftl7NUjqZPoGz
         lpTA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=f2zxh8G5/PluGbSKBsmaWoGRc8nqKWvdgyQhhQS7a4s=;
        b=H8I9NU+64RaoJzoxH/b+bqLbC4GgqjO46fJ/Lcs0nobaQiWjQlL0ZkceR/SZRLbGHM
         YY9SZYs7n0UAlPRXy07PUl9VYCZreA/J6fv0fSlppu27+8D0YR2+HygCnzeTWjmb5wNC
         kYk9jbsMjaxN5H+vK+Ypkoem8x/AbOLpUU9VjFznbZS1GUoA9HlLzaL4yWgc+wxe7lIB
         Q6EjKtdzLJ9CdXt5Lhh3cZYBYcHvbkIFaOUNuHA6eKNSKUBHv0/4nlub46Cm7rvBnDFC
         jZcmyurPMjnWyqqlxKs5wOSNdmTAM8Aw/P4TmpT71pQYeWjY53CaHl2BvkbUEDSWNUw6
         +YcA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=vpiqGui5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id l9si1417400otd.134.2020.03.04.07.48.04;
        Wed, 04 Mar 2020 07:48:16 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=vpiqGui5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729720AbgCDPrs (ORCPT <rfc822;epontan@gmail.com> + 99 others);
        Wed, 4 Mar 2020 10:47:48 -0500
Received: from mail.kernel.org ([198.145.29.99]:46382 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729675AbgCDPrs (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 4 Mar 2020 10:47:48 -0500
Received: from mail-wm1-f42.google.com (mail-wm1-f42.google.com [209.85.128.42])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id BF06C2166E
        for <linux-kernel@vger.kernel.org>; Wed,  4 Mar 2020 15:47:47 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1583336868;
        bh=f2zxh8G5/PluGbSKBsmaWoGRc8nqKWvdgyQhhQS7a4s=;
        h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
        b=vpiqGui5BfnLnr6xPgBCZI8TP/xts5SKofEFsTfrnMsVlJJlj7ezagg+FlVctO2+W
         twsQBtpz4iSEWV1irL6O2VEkGikGcggq8BWDL743rhYRJaedrSdRO9ED/XpEWQbs1P
         F6MsHFjKUPjODEuE+p00dR2BVlonPX2cjzri7G+M=
Received: by mail-wm1-f42.google.com with SMTP id a25so5020545wmm.0
        for <linux-kernel@vger.kernel.org>; Wed, 04 Mar 2020 07:47:47 -0800 (PST)
X-Gm-Message-State: ANhLgQ09sC7os4Q/clbFtYFJ5Wv8FvgjCuMvuGIxBFYMu0yZCbLNTVIK
        ea3au/Y66zLtPFD73Sm7zVJDdxyejyu02yFgybu+eQ==
X-Received: by 2002:a05:600c:da:: with SMTP id u26mr4128059wmm.40.1583336866226;
 Wed, 04 Mar 2020 07:47:46 -0800 (PST)
MIME-Version: 1.0
References: <20200303085528.27658-1-vdronov@redhat.com> <CAKv+Gu_3ZRRcoAcLTVVQe26q5x9KALmztaNQF=e=KqWaAwxtpA@mail.gmail.com>
 <925307051.13073500.1583336716147.JavaMail.zimbra@redhat.com>
In-Reply-To: <925307051.13073500.1583336716147.JavaMail.zimbra@redhat.com>
From:   Ard Biesheuvel <ardb@kernel.org>
Date:   Wed, 4 Mar 2020 16:47:34 +0100
X-Gmail-Original-Message-ID: <CAKv+Gu9pDiaOUipnH_=YmWNUo+G4V_HxL6rzXML0hih4yetN8w@mail.gmail.com>
Message-ID: <CAKv+Gu9pDiaOUipnH_=YmWNUo+G4V_HxL6rzXML0hih4yetN8w@mail.gmail.com>
Subject: Re: [PATCH] efi: fix a race and a buffer overflow while reading
 efivars via sysfs
To:     Vladis Dronov <vdronov@redhat.com>
Cc:     linux-efi <linux-efi@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 4 Mar 2020 at 16:45, Vladis Dronov <vdronov@redhat.com> wrote:
>
> Hello, Ard,
>
> > Wouldn't it be easier to pass a var_data_size stack variable into
> > efivar_entry_get(), and only update the value in 'var' if it is <=
> > 1024?
>
> I have prepared a v2 patch with an approach you suggest and will send it
> out shortly. It indeed simpler and fixes only the overflow bug mentioned.
>
> Could you, please, review it and if you like it, probably, accept it?
> In case I've implemented your idea incorrectly, could you, please,
> correct me?
>

Absolutely! Thanks for taking the time to fix these bugs, your
contributions are most welcome (and apologies if my responses
suggested otherwise)