| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Dec 2020 19:01:21 +0200
From: Ilias Apalodimas <ilias.apalodimas@...aro.org>
To: ard.biesheuvel@....com
Cc: Ilias Apalodimas <ilias.apalodimas@...aro.org>,
Ard Biesheuvel <ardb@...nel.org>,
Arvind Sankar <nivedita@...m.mit.edu>,
Ingo Molnar <mingo@...nel.org>,
Heinrich Schuchardt <xypron.glpk@....de>,
linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] efi/libstub: Allow EFI_NOT_FOUND on LOAD_FILE2_PROTOCOL calls for initrd
At the moment the EFI stub tries to load an initrd from the
cmdline provided option only if the LoadFile2 protocol does not exist
on the initrd device path.
This might prove problematic for EFI installers that need their own
version of initrd to start the installation process and the firmware
installs the protocol but doesn't have a file to back it up (yet).
Although some firmware implementations return EFI_NOT_FOUND, we
currently return EFI_LOAD_ERROR in efi_load_initrd_dev_path() which
stops the cmdline provided initrd to load.
So let's change the behavior slightly here and explicitly respect the
firmware in case it returns EFI_NOT_FOUND. This way we can load the
cmdline provided initrd.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@...aro.org>
---
drivers/firmware/efi/libstub/efi-stub-helper.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c
index aa8da0a49829..391aae2f0cde 100644
--- a/drivers/firmware/efi/libstub/efi-stub-helper.c
+++ b/drivers/firmware/efi/libstub/efi-stub-helper.c
@@ -560,6 +560,7 @@ static const struct {
* * %EFI_SUCCESS if the initrd was loaded successfully, in which
* case @load_addr and @load_size are assigned accordingly
* * %EFI_NOT_FOUND if no LoadFile2 protocol exists on the initrd device path
+ * or if the firmware provides LoadFile2 but can't find a file to load
* * %EFI_INVALID_PARAMETER if load_addr == NULL or load_size == NULL
* * %EFI_OUT_OF_RESOURCES if memory allocation failed
* * %EFI_LOAD_ERROR in all other cases
@@ -599,7 +600,14 @@ efi_status_t efi_load_initrd_dev_path(unsigned long *load_addr,
(void *)initrd_addr);
if (status != EFI_SUCCESS) {
efi_free(initrd_size, initrd_addr);
- return EFI_LOAD_ERROR;
+ /*
+ * Some firmware implementations might install the EFI
+ * protocol without checking the file is present and return
+ * EFI_NOT_FOUND when trying to load the file.
+ * If that's the case, allow the cmdline defined initrd to
+ * load.
+ */
+ return status == EFI_NOT_FOUND ? status : EFI_LOAD_ERROR;
}
*load_addr = initrd_addr;
--
2.29.2
Powered by blists - more mailing lists