lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 8 Mar 2018 18:34:58 +0000
From:   Ard Biesheuvel <ard.biesheuvel@...aro.org>
To:     Tyler Baicar <tbaicar@...eaurora.org>,
        Peter Jones <pjones@...hat.com>
Cc:     Dave Young <dyoung@...hat.com>, linux-efi@...r.kernel.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Jeff Hugo <jhugo@...eaurora.org>,
        Sameer Goel <sgoel@...eaurora.org>,
        AKASHI Takahiro <takahiro.akashi@...aro.org>,
        Timur Tabi <timur@...eaurora.org>
Subject: Re: [PATCH 1/2] efi/esrt: fix unsupported version initialization failure

On 8 March 2018 at 18:15, Ard Biesheuvel <ard.biesheuvel@...aro.org> wrote:
> On 8 March 2018 at 18:00, Ard Biesheuvel <ard.biesheuvel@...aro.org> wrote:
>> On 8 March 2018 at 16:11, Tyler Baicar <tbaicar@...eaurora.org> wrote:
>>> On 2/24/2018 2:20 AM, Dave Young wrote:
>>>>
>>>> On 02/23/18 at 12:42pm, Tyler Baicar wrote:
>>>>>
>>>>> If ESRT initialization fails due to an unsupported version, the
>>>>> early_memremap allocation is never unmapped. This will cause an
>>>>> early ioremap leak. So, make sure to unmap the memory allocation
>>>>> before returning from efi_esrt_init().
>>>>>
>>>>> Signed-off-by: Tyler Baicar <tbaicar@...eaurora.org>
>>>>> ---
>>>>>   drivers/firmware/efi/esrt.c | 2 +-
>>>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/drivers/firmware/efi/esrt.c b/drivers/firmware/efi/esrt.c
>>>>> index c47e0c6..504f3c3 100644
>>>>> --- a/drivers/firmware/efi/esrt.c
>>>>> +++ b/drivers/firmware/efi/esrt.c
>>>>> @@ -285,7 +285,7 @@ void __init efi_esrt_init(void)
>>>>>         } else {
>>>>>                 pr_err("Unsupported ESRT version %lld.\n",
>>>>>                        tmpesrt.fw_resource_version);
>>>>> -               return;
>>>>> +               goto err_memunmap;
>>>>>         }
>>>>>         if (tmpesrt.fw_resource_count > 0 && max - size < entry_size) {
>>>>> --
>>>>
>>>> Reviewed-by: Dave Young <dyoung@...hat.com>
>>>
>>> Thank you Dave for your review here and input on the other patch.
>>>
>>> Ard,
>>>
>>> Can this patch be picked up? I understand patch 2 is not acceptable, but
>>> this one should
>>> be good to go I think.
>>>
>>
>> Yeah you're right. I'll pick it up as a bugfix.
>
> Actually, on second thought, could you respin this patch, and just
> move the memunamp() to right after the memcpy()? That way, we can get
> rid of all the 'goto err_memunmap's afaict
>

OK, now I'm confused. Does anyone have a clue why in efi_esrt_init()
the memremap() is done a second time? AFAICT it just reserves the
region, it does not actually access the second mapping at all.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ