lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20150728205157.GD2773@codeblueprint.co.uk>
Date:	Tue, 28 Jul 2015 21:51:57 +0100
From:	Matt Fleming <matt@...eblueprint.co.uk>
To:	Sebastian Andrzej Siewior <bigeasy@...utronix.de>
Cc:	Matt Fleming <matt.fleming@...el.com>, x86@...nel.org,
	linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org,
	Josh Triplett <josh@...htriplett.org>
Subject: Re: [PATCH] x86/mm, efi: Check for valid image type

(Pulling in Josh)

On Wed, 22 Jul, at 05:32:44PM, Sebastian Andrzej Siewior wrote:
> I usually see
> |Ignoring BGRT: failed to allocate memory for image (wanted 264301314 bytes)
> |Ignoring BGRT: failed to allocate memory for image (wanted 3925872891 bytes)
> 
> sometimes I get
> 
> |------------[ cut here ]------------
> |WARNING: CPU: 0 PID: 0 at mm/early_ioremap.c:136 __early_ioremap.constprop.0+0x113/0x1d3()
> …
> | [<ffffffff81b3de8c>] __early_ioremap.constprop.0+0x113/0x1d3
> | [<ffffffff81b3e106>] early_ioremap+0x13/0x15
> | [<ffffffff81b2c4a9>] efi_bgrt_init+0x1e2/0x27d
> …
> 
> now and then. The data behind that pointer changes on each boot because
> nobody preserves the content across kexec.
> 
> Signed-off-by: Sebastian Andrzej Siewior <bigeasy@...utronix.de>
> ---
> 
> I don't know much about the requirement of having the .bmp in memory all the
> time. Would it be a bad thing to compress the bmp and uncompress on cat from
> userland? In my case the bmp has 272 KiB and LZO gets it down to 12KiB,
> XZ 7.4KiB.

The usual use for BGRT is to display it during kernel boot, so
interacting with userland doesn't help you there.

>  arch/x86/platform/efi/efi-bgrt.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/arch/x86/platform/efi/efi-bgrt.c b/arch/x86/platform/efi/efi-bgrt.c
> index d7f997f7c26d..59710f0875bb 100644
> --- a/arch/x86/platform/efi/efi-bgrt.c
> +++ b/arch/x86/platform/efi/efi-bgrt.c
> @@ -79,6 +79,10 @@ void __init efi_bgrt_init(void)
>  	memcpy_fromio(&bmp_header, image, sizeof(bmp_header));
>  	if (ioremapped)
>  		early_iounmap(image, sizeof(bmp_header));
> +	if (bmp_header.id != 0x4d42) {
> +		pr_err("BGRT: Not a valid BMP file.\n");
> +		return;
> +	}
>  	bgrt_image_size = bmp_header.size;
>  
>  	bgrt_image = kmalloc(bgrt_image_size, GFP_KERNEL | __GFP_NOWARN);

I'm confused, is the BMP image valid on your machine or not? You add a
validity check but talk about compressing it above.

-- 
Matt Fleming, Intel Open Source Technology Center
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ