[PATCH 3/4 v2] efi_runtime: Do not pass user addresses to firmware
Borislav Petkov
bp at alien8.de
Mon Apr 7 19:49:21 UTC 2014
On Fri, Apr 04, 2014 at 04:26:42PM +0100, Matt Fleming wrote:
> From: Matt Fleming <matt.fleming at intel.com>
>
> Currently there's some inconsistency with how arguments are passed to
> the firmware from the efi_runtime driver. Some values have the standard
> get_user()/put_user() calls, others do not.
>
> Passing userspace pointers directly to the firmware is a bug because
> those addresses may fault. And if they are going to fault we'd like to
> know about it in the kernel rather than at some later time when
> executing in firmware context.
>
> Furthermore, beginning with v3.14 of the kernel the current tests
> actually cause the kernel to crash because firmware calls are now done
> with their own, entirely separate, page tables - no user addresses are
> mapped during execution of runtime services.
>
> This change doesn't require predication on a particular kernel version
> because the efi_runtime should really have always done this copying
> to/from userspace for every argument of the runtime services.
>
> This patch is heavily based on one from Borislav.
>
> Cc: Borislav Petkov <bp at alien8.de>
> Signed-off-by: Matt Fleming <matt.fleming at intel.com>
> ---
>
> Changes in v2:
>
> - Delete the unused put_ucs2() function
> - Rename get_ucs"* to copy_ucs2_* to dodge the reference counting
> implications of the names
> - Change function arguments to copy_ucs2_from_user_len() to mirror
> copy_from_user() instead of put_user() to avoid confusion
> - Expand comments for new helper functions
Acked-by: Borislav Petkov <bp at suse.de>
--
Regards/Gruss,
Boris.
Sent from a fat crate under my desk. Formatting is fine.
--
More information about the fwts-devel
mailing list