Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp2218784ybh; Fri, 17 Jul 2020 12:09:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyG8qBlWJ8w6CaqmAJpVEynHd/2FedbP7zg1UsOERBxZPDC/4OT8Om82vek45jEr88hWuOC X-Received: by 2002:a05:6402:2c2:: with SMTP id b2mr10578599edx.184.1595012947094; Fri, 17 Jul 2020 12:09:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595012947; cv=none; d=google.com; s=arc-20160816; b=Q0akM8mAObivlYyqB7KBnLdxMH1Bv6NNjaxf3Q8l/Mh1Kddj+iqHEsKxtQidFB+9RS BsacWBar0xec0n9iMryRE9PJkEgfMDKtAIiLwHImwlmtv0/Xtm13i39UPEvrrwVBPhhg NBvAEC/22MXwBvoKGSyrz1sqgfv8ukG07itG/kcD3sgeIP9yVEV1rYOTxVk84KXI0Re4 +0pKRVViFa4anS8F8XzYMg9/e6TH896RaEBbH3Cc1/MLaNji9084v3PCEud0HU0QuQlX 60A7syszIN9F9rtQWNhSCXMk0u+athi4Fc0Eqy3GueUIp/j4gAg8hG3edHZi9Bh5PN1U 2pQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature; bh=Vo1PWad/RfqR/fd/AxYuedHKeK/43VW6RrtpDOaz9v8=; b=uARGDy126srR9lvFOXXb8hrjFTgoOQk3WguNi7uF/wcyxMIcXW/WTO0Cgwgsmskz1E /J+ZH9dU15nYcfq4tRnsBt7tk5/akfiQMJNoz8VP9juuOwDspCZob5/JWwk5dH/hPA05 iWZtDBtjYoygRO0HSBjqWrfd11q36I7O7sbniJZG7ERKuRNPdGZnCaIf3gnh2XZJ4//M UN6N/laAFf3E/5x0qoT6qFvVwGmT2Oev4tKfMTEbwWccc3qcfonH4pJNgDB3Jzbop9z+ AmzaLshkXKUZanh2fup9SnWh+hRxBqd+CJd/hpJfYnVKaPgv9PI6nsV8iiz/LiXYgTpQ 2gjQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@broadcom.com header.s=google header.b=dcvrHKCi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=broadcom.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cm10si5778139edb.208.2020.07.17.12.08.43; Fri, 17 Jul 2020 12:09:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@broadcom.com header.s=google header.b=dcvrHKCi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=broadcom.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728324AbgGQTI2 (ORCPT + 99 others); Fri, 17 Jul 2020 15:08:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59146 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728328AbgGQTI0 (ORCPT ); Fri, 17 Jul 2020 15:08:26 -0400 Received: from mail-wm1-x341.google.com (mail-wm1-x341.google.com [IPv6:2a00:1450:4864:20::341]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E27CEC0619D7 for ; Fri, 17 Jul 2020 12:08:25 -0700 (PDT) Received: by mail-wm1-x341.google.com with SMTP id 17so18760378wmo.1 for ; Fri, 17 Jul 2020 12:08:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=Vo1PWad/RfqR/fd/AxYuedHKeK/43VW6RrtpDOaz9v8=; b=dcvrHKCi7EdXkVVflvWIzJMBuN+o9keHjn/eQMQl9puSF5R7O7DfHZLCUxp+w3PrWg RRv4HZwam1InZBLTuOrqNRz7hhCb/mni2bgXb63cAv3msuRhOVpvy4cEjaPX/8j3HViS qsgnJAxeGvco2ycqJryemyRflNwJm5df8VHLA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=Vo1PWad/RfqR/fd/AxYuedHKeK/43VW6RrtpDOaz9v8=; b=q8KxLA/j2mUvuu5iUSO6rhsWUV2RVSmx+Es+c1Ws1kxj0V4kuln7nNsVR0vo2BGozG Q3YwwUdU0nM91/K0mvXYYPz1Of7VJa5gz9REtKfnz4XQqoqns1gs8+BqJDLWLd0S/kgG 2nde0jJ6PcK2vMoB9ydgAZ/TEjC6G/E91L65p12MfDTcl8/0SK4EdTbh7V9lmfbYjELI QmlnWN0hvHih2kDAuvqxsCZtBKpRvw1d3X4H9n46EIMXrZWMFXJli+CKS+pWdptKMuZ0 giBJ818uA/4vP/ipkqFRya1OrBCD4WgQt5zWbcpTIMEXI2W8BFuV7E802fofbeIAcUUi KhAg== X-Gm-Message-State: AOAM531bl8IQLjwwoEdex7jQ1+wg7YkbXMbDxK8rL/eozn2cQrik4tnH eBC5hLAx2YQdvsYld8Jv+WhPgu3RDCzIBaMCqDi3YbFDnD35lOHDHj2tiFzINxuA+lwKBnLZixJ 1z3YgmBAoR+Isz3eGIJOdZjK0TEe2mxf2kYsUF82lWBEIk8zkn88b8wLoQgupF1dc/IFkKLBaqw CU4ptXWhop X-Received: by 2002:a1c:27c1:: with SMTP id n184mr11044183wmn.6.1595012904136; Fri, 17 Jul 2020 12:08:24 -0700 (PDT) Received: from [10.136.13.65] ([192.19.228.250]) by smtp.gmail.com with ESMTPSA id d132sm15237532wmd.35.2020.07.17.12.08.16 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 17 Jul 2020 12:08:23 -0700 (PDT) Subject: Re: [PATCH 01/13] firmware_loader: EFI firmware loader must handle pre-allocated buffer To: Kees Cook Cc: stable@vger.kernel.org, Mimi Zohar , Matthew Wilcox , James Morris , Luis Chamberlain , Greg Kroah-Hartman , "Rafael J. Wysocki" , Alexander Viro , Jessica Yu , Dmitry Kasatkin , "Serge E. Hallyn" , Casey Schaufler , "Eric W. Biederman" , Peter Zijlstra , Matthew Garrett , David Howells , Mauro Carvalho Chehab , Randy Dunlap , "Joel Fernandes (Google)" , KP Singh , Dave Olsthoorn , Hans de Goede , Peter Jones , Andrew Morton , Stephen Boyd , Paul Moore , Stephen Smalley , linux-security-module@vger.kernel.org, linux-integrity@vger.kernel.org, selinux@vger.kernel.org, linux-fsdevel@vger.kernel.org, kexec@lists.infradead.org, linux-kernel@vger.kernel.org References: <20200717174309.1164575-1-keescook@chromium.org> <20200717174309.1164575-2-keescook@chromium.org> From: Scott Branden Message-ID: Date: Fri, 17 Jul 2020 12:08:14 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20200717174309.1164575-2-keescook@chromium.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020-07-17 10:42 a.m., Kees Cook wrote: > The EFI platform firmware fallback would clobber any pre-allocated > buffers. Instead, correctly refuse to reallocate when too small (as > already done in the sysfs fallback), or perform allocation normally > when needed. > > Fixes: e4c2c0ff00ec ("firmware: Add new platform fallback mechanism and firm ware_request_platform()") > Cc: stable@vger.kernel.org > Signed-off-by: Kees Cook Acked-by: Scott Branden > --- > To aid in backporting, this change is made before moving > kernel_read_file() to separate header/source files. > --- > drivers/base/firmware_loader/fallback_platform.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/drivers/base/firmware_loader/fallback_platform.c b/drivers/base/firmware_loader/fallback_platform.c > index cdd2c9a9f38a..685edb7dd05a 100644 > --- a/drivers/base/firmware_loader/fallback_platform.c > +++ b/drivers/base/firmware_loader/fallback_platform.c > @@ -25,7 +25,10 @@ int firmware_fallback_platform(struct fw_priv *fw_priv, u32 opt_flags) > if (rc) > return rc; /* rc == -ENOENT when the fw was not found */ > > - fw_priv->data = vmalloc(size); > + if (fw_priv->data && size > fw_priv->allocated_size) > + return -ENOMEM; > + if (!fw_priv->data) > + fw_priv->data = vmalloc(size); > if (!fw_priv->data) > return -ENOMEM; >