Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

2017-10-11 Thread Jarkko Sakkinen 
On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> 
> > The way I've agreed with James Morris to have my tree is to be rooted to
> > security trees next branch.
> > 
> > James, what actions should we take?
> 
> This process has changed recently -- I posted to lsm but forgot to post to 
> linux-integrity.
> 
> http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> 
> Summary: please track the next-general branch in my tree for your 
> development, it replaces 'next'.
> 
> 
> - James
> -- 
> James Morris
> 

Ah I'm subscribed to that list but lately been busy getting a huge patch
set to platform-driver-x86 [1] for review, which has prioritized out
reading much else than linux-integrity.

Thank you. I'll retry the patches tomorrow.

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH v3 4/5] efi: call get_event_log before ExitBootServices

2017-10-11 Thread Jarkko Sakkinen 
On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> > 
> > > The way I've agreed with James Morris to have my tree is to be rooted to
> > > security trees next branch.
> > > 
> > > James, what actions should we take?
> > 
> > This process has changed recently -- I posted to lsm but forgot to post to 
> > linux-integrity.
> > 
> > http://kernsec.org/pipermail/linux-security-module-archive/2017-September/003356.html
> > 
> > Summary: please track the next-general branch in my tree for your 
> > development, it replaces 'next'.
> > 
> > 
> > - James
> > -- 
> > James Morris
> > 
> 
> Ah I'm subscribed to that list but lately been busy getting a huge patch
> set to platform-driver-x86 [1] for review, which has prioritized out
> reading much else than linux-integrity.
> 
> Thank you. I'll retry the patches tomorrow.
> 
> /Jarkko

[1] http://www.spinics.net/lists/platform-driver-x86/msg13260.html

/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: ACK: [PATCH] efi/efi_test: Prevent an Oops in efi_runtime_query_capsulecaps()

2017-10-11 Thread Matt Fleming 
On Wed, 11 Oct, at 02:26:57PM, Ivan Hu wrote:
> 
> 
> On 10/06/2017 08:19 PM, Matt Fleming wrote:
> >On Sat, 30 Sep, at 11:17:32AM, Dan Carpenter wrote:
> >>If "qcaps.capsule_count" is ULONG_MAX then "qcaps.capsule_count + 1"
> >>will overflow to zero and kcalloc() will return the ZERO_SIZE_PTR.  We
> >>try to dereference it inside the loop and crash.
> >>
> >>Fixes: ff6301dabc3c ("efi: Add efi_test driver for exporting UEFI runtime 
> >>service interfaces")
> >>Signed-off-by: Dan Carpenter 
> >>
> >>diff --git a/drivers/firmware/efi/test/efi_test.c 
> >>b/drivers/firmware/efi/test/efi_test.c
> >>index 08129b7b80ab..41c48a1e8baa 100644
> >>--- a/drivers/firmware/efi/test/efi_test.c
> >>+++ b/drivers/firmware/efi/test/efi_test.c
> >>@@ -593,6 +593,9 @@ static long efi_runtime_query_capsulecaps(unsigned long 
> >>arg)
> >>if (copy_from_user(, qcaps_user, sizeof(qcaps)))
> >>return -EFAULT;
> >>+   if (qcaps.capsule_count == ULONG_MAX)
> >>+   return -EINVAL;
> >>+
> >>capsules = kcalloc(qcaps.capsule_count + 1,
> >>   sizeof(efi_capsule_header_t), GFP_KERNEL);
> >>if (!capsules)
> >
> >This looks OK to me. Ivan?
> >
> 
> 
> Acked-by: Ivan Hu 

Thanks, applied.
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

ACK: [PATCH] efi/efi_test: Prevent an Oops in efi_runtime_query_capsulecaps()

2017-10-11 Thread ivanhu 



On 10/06/2017 08:19 PM, Matt Fleming wrote:

On Sat, 30 Sep, at 11:17:32AM, Dan Carpenter wrote:

If "qcaps.capsule_count" is ULONG_MAX then "qcaps.capsule_count + 1"
will overflow to zero and kcalloc() will return the ZERO_SIZE_PTR.  We
try to dereference it inside the loop and crash.

Fixes: ff6301dabc3c ("efi: Add efi_test driver for exporting UEFI runtime service 
interfaces")
Signed-off-by: Dan Carpenter 

diff --git a/drivers/firmware/efi/test/efi_test.c 
b/drivers/firmware/efi/test/efi_test.c
index 08129b7b80ab..41c48a1e8baa 100644
--- a/drivers/firmware/efi/test/efi_test.c
+++ b/drivers/firmware/efi/test/efi_test.c
@@ -593,6 +593,9 @@ static long efi_runtime_query_capsulecaps(unsigned long arg)
if (copy_from_user(, qcaps_user, sizeof(qcaps)))
return -EFAULT;
  
+	if (qcaps.capsule_count == ULONG_MAX)

+   return -EINVAL;
+
capsules = kcalloc(qcaps.capsule_count + 1,
   sizeof(efi_capsule_header_t), GFP_KERNEL);
if (!capsules)


This looks OK to me. Ivan?




Acked-by: Ivan Hu 
--
To unsubscribe from this list: send the line "unsubscribe linux-efi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html