From: Josh Triplett <josh-iaAMLnmF4UmaiuxdJuQwMA@public.gmane.org>
To: Matt Fleming <matt-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org>
Cc: Jan Beulich <JBeulich-IBi9RG/b67k@public.gmane.org>,
mjg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
mingo-X9Un+BFzKDI@public.gmane.org,
tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org,
linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org
Subject: Re: [PATCH] x86/EFI: check table header length in efi_bgrt_init()
Date: Tue, 13 Nov 2012 16:33:42 -0800 [thread overview]
Message-ID: <20121114003341.GA7858@jtriplet-mobl1> (raw)
In-Reply-To: <1352837295.15747.72.camel-ZqTwcBeJ+wsBof6jY8KHXm7IUlhRatedral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
On Tue, Nov 13, 2012 at 08:08:15PM +0000, Matt Fleming wrote:
> On Wed, 2012-11-07 at 16:46 +0000, Jan Beulich wrote:
> > Header length should be validated for all ACPI tables before accessing
> > any non-header field.
> >
> > Signed-off-by: Jan Beulich <jbeulich-IBi9RG/b67k@public.gmane.org>
> >
> > ---
> > arch/x86/platform/efi/efi-bgrt.c | 2 ++
> > 1 file changed, 2 insertions(+)
> >
> > --- 3.7-rc4/arch/x86/platform/efi/efi-bgrt.c
> > +++ 3.7-rc4-x86-EFI-BGRT-checks/arch/x86/platform/efi/efi-bgrt.c
> > @@ -39,6 +39,8 @@ void efi_bgrt_init(void)
> > if (ACPI_FAILURE(status))
> > return;
> >
> > + if (bgrt_tab->header.length < sizeof(*bgrt_tab))
> > + return;
> > if (bgrt_tab->version != 1)
> > return;
> > if (bgrt_tab->image_type != 0 || !bgrt_tab->image_address)
>
> Guys, do you want me to take this into the efi tree? Jan, have you see
> machines that actually trip up without this check? I'm trying to gauge
> the urgency of this patch.
I'd expect this to either go through efi or through tip, whichever you
prefer. If Jan has a system that would fail this check, then this patch
seems urgent; otherwise, it could potentially wait until the merge
window, but as a bugfix it doesn't necessarily need to.
- Josh Triplett
next prev parent reply other threads:[~2012-11-14 0:33 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-07 16:46 [PATCH] x86/EFI: check table header length in efi_bgrt_init() Jan Beulich
[not found] ` <509A9E6002000078000A7079-ce6RLXgGx+vWGUEhTRrCg1aTQe2KTcn/@public.gmane.org>
2012-11-07 18:46 ` Josh Triplett
2012-11-13 20:08 ` Matt Fleming
[not found] ` <1352837295.15747.72.camel-ZqTwcBeJ+wsBof6jY8KHXm7IUlhRatedral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2012-11-14 0:33 ` Josh Triplett [this message]
2012-11-14 9:10 ` Jan Beulich
[not found] ` <50A36E1202000078000A8679-ce6RLXgGx+vWGUEhTRrCg1aTQe2KTcn/@public.gmane.org>
2012-11-14 9:55 ` Matt Fleming
2012-11-14 17:34 ` [tip:core/efi] x86, efi: Check " tip-bot for Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121114003341.GA7858@jtriplet-mobl1 \
--to=josh-iaamlnmf4umaiuxdjuqwma@public.gmane.org \
--cc=JBeulich-IBi9RG/b67k@public.gmane.org \
--cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=matt-HNK1S37rvNbeXh+fF434Mdi2O/JbrIOy@public.gmane.org \
--cc=mingo-X9Un+BFzKDI@public.gmane.org \
--cc=mjg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.