Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp114326ybg; Mon, 8 Jun 2020 18:01:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxEADV9krwhGpuFYbNgf1GSm4XnEnsPymdRWu+n6yuNQ3Cf+TmcQRMnqIxeuAB8lUIuufVo X-Received: by 2002:aa7:da03:: with SMTP id r3mr24667775eds.158.1591664464641; Mon, 08 Jun 2020 18:01:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591664464; cv=none; d=google.com; s=arc-20160816; b=ezlqzZs4boPss+7PnYZsCtNCCptrVBn+UnwCg3vJNAjenyuYdNCUXxGBaChqIfd3bg +VI9RVCXbgNozUCi0Gbn1tVLyI4yXPutLPRdTyW+EDRfEX281pRcH76RPpwgAbYH+r1C W13vYxo5mds5sc9uvVGc2rJPA4eZkV7PKTD7pVnWxuxDxgBCa5RtJIDtA6PFR1fCmUyz p2IkOe97UUm5tg5IyA0tDJoJ5Q04e86wktIipsoyoKTu9m7pBVOIxhmi0GSzO/tuDXwL E2ukhWPi42GeNA1hRbwUIr7Q3vFoo9LN1JZznPZ0zgVdXt61SGj7Xt/wxxZdvwC/pFjK Wu7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ki0me3awbYzZpgSP+ur/sBfLGf0UNxEH0ews8dJrcc4=; b=TR4/JbIxFk4QoCzhYp1FjlrQKAeuCty8RtoWKVc2sQF9ZDmCrYufwCWfrWEUZs0Y4d fh7yOBmvs3DP4Z8jeWy+f6kcTum1nxSJx2oExOtYqxCbWcjWvmVzv9XyYhYAZPLSDmpR Cp7QFFdDL8mhyGn1UJKHE/mfIod1E05JfBTqg8IOaeQR/KoQXVyPdQ40LXbOLekZ4XTp YSu7owMlFf8HHiw095lF7q+RgFfYVV4DYlQfCRt0wpqSXMpb5kjOEeSImUGS04Q5PWQb pNRb2H/2ckXGxgpQOb+uC8qOVFOMT1yLskv1+Vhb2FN5OsAYdsaDLp9U2GJlAUUSL86Q ZFTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=0BRn2WIj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a21si2375386ejf.332.2020.06.08.18.00.41; Mon, 08 Jun 2020 18:01:04 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=0BRn2WIj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726999AbgFIA6B (ORCPT + 99 others); Mon, 8 Jun 2020 20:58:01 -0400 Received: from mail.kernel.org ([198.145.29.99]:54314 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728254AbgFHXIr (ORCPT ); Mon, 8 Jun 2020 19:08:47 -0400 Received: from sasha-vm.mshome.net (c-73-47-72-35.hsd1.nh.comcast.net [73.47.72.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id E31642085B; Mon, 8 Jun 2020 23:08:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1591657727; bh=1nqs4DqbgeZgMHpBxJQRypqiP9gwPyGbe6RIQZ4mk84=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=0BRn2WIjjQ03Ek9hdYmcEyS6PMaWSSzEayPDWM9pRaoeLG1ss2o4h9DQiXH+1f4fh 8Jz7gMlr6EDJD/dzVgyePWHA0qQ9nplP9cB1bjd9LVmLiigFgV6etgbqwbDURjgkmr IxcPAAvo2SwBl8vfnNiPSKJ+NpA4weWL77JxbLFY= From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Ard Biesheuvel , Sasha Levin , linux-efi@vger.kernel.org Subject: [PATCH AUTOSEL 5.7 119/274] efi/libstub/random: Align allocate size to EFI_ALLOC_ALIGN Date: Mon, 8 Jun 2020 19:03:32 -0400 Message-Id: <20200608230607.3361041-119-sashal@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200608230607.3361041-1-sashal@kernel.org> References: <20200608230607.3361041-1-sashal@kernel.org> MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Ard Biesheuvel [ Upstream commit e1df73e2d18b3b7d66f2ec38d81d9566b3a7fb21 ] The EFI stub uses a per-architecture #define for the minimum base and size alignment of page allocations, which is set to 4 KB for all architecures except arm64, which uses 64 KB, to ensure that allocations can always be (un)mapped efficiently, regardless of the page size used by the kernel proper, which could be a kexec'ee The API wrappers around page based allocations assume that this alignment is always taken into account, and so efi_free() will also round up its size argument to EFI_ALLOC_ALIGN. Currently, efi_random_alloc() does not honour this alignment for the allocated size, and so freeing such an allocation may result in unrelated memory to be freed, potentially leading to issues after boot. So let's round up size in efi_random_alloc() as well. Fixes: 2ddbfc81eac84a29 ("efi: stub: add implementation of efi_random_alloc()") Signed-off-by: Ard Biesheuvel Signed-off-by: Sasha Levin --- drivers/firmware/efi/libstub/randomalloc.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/firmware/efi/libstub/randomalloc.c b/drivers/firmware/efi/libstub/randomalloc.c index 4578f59e160c..6200dfa650f5 100644 --- a/drivers/firmware/efi/libstub/randomalloc.c +++ b/drivers/firmware/efi/libstub/randomalloc.c @@ -74,6 +74,8 @@ efi_status_t efi_random_alloc(unsigned long size, if (align < EFI_ALLOC_ALIGN) align = EFI_ALLOC_ALIGN; + size = round_up(size, EFI_ALLOC_ALIGN); + /* count the suitable slots in each memory map entry */ for (map_offset = 0; map_offset < map_size; map_offset += desc_size) { efi_memory_desc_t *md = (void *)memory_map + map_offset; @@ -109,7 +111,7 @@ efi_status_t efi_random_alloc(unsigned long size, } target = round_up(md->phys_addr, align) + target_slot * align; - pages = round_up(size, EFI_PAGE_SIZE) / EFI_PAGE_SIZE; + pages = size / EFI_PAGE_SIZE; status = efi_bs_call(allocate_pages, EFI_ALLOCATE_ADDRESS, EFI_LOADER_DATA, pages, &target); -- 2.25.1