From: Ingo Molnar <mingo@kernel.org>
To: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Thomas Gleixner <tglx@linutronix.de>,
"H . Peter Anvin" <hpa@zytor.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, "Lee,
Chun-Yi" <jlee@suse.com>, Matthew Garrett <mjg59@coreos.com>,
Peter Jones <pjones@redhat.com>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: [GIT PULL 0/5] EFI urgent fixes
Date: Tue, 16 Feb 2016 13:15:45 +0100 [thread overview]
Message-ID: <20160216121545.GA9395@gmail.com> (raw)
In-Reply-To: <1455276432-9931-1-git-send-email-matt@codeblueprint.co.uk>
* Matt Fleming <matt@codeblueprint.co.uk> wrote:
> Folks,
>
> Please pull the following EFI patches from Peter that prevent
> accidental deletion of EFI variables through efivarfs which can lead
> to bricked machines.
>
> These obviously need backporting to stable, so I'll take care of
> sending the backports separately because we don't need to send the
> entire 5 patch series.
>
> The following changes since commit 59fd1214561921343305a0e9dc218bf3d40068f3:
>
> x86/mm/numa: Fix 32-bit memblock range truncation bug on 32-bit NUMA kernels (2016-02-08 12:10:03 +0100)
>
> are available in the git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi.git tags/efi-urgent
>
> for you to fetch changes up to ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879:
>
> efi: Make efivarfs entries immutable by default (2016-02-10 16:25:52 +0000)
>
> ----------------------------------------------------------------
> * Prevent accidental deletion of EFI variables through efivarfs that
> may brick machines. We use a whitelist of known-safe variables to
> allow things like installing distributions to work out of the box, and
> instead restrict vendor-specific variable deletion by making
> non-whitelist variables immutable - Peter Jones
>
> ----------------------------------------------------------------
> Peter Jones (5):
> lib/ucs2_string: Add ucs2 -> utf8 helper functions
> efi: Use ucs2_as_utf8 in efivarfs instead of open coding a bad version
> efi: Do variable name validation tests in utf8
> efi: Make our variable validation list include the guid
> efi: Make efivarfs entries immutable by default
>
> Documentation/filesystems/efivarfs.txt | 7 ++
> drivers/firmware/efi/efivars.c | 35 +++---
> drivers/firmware/efi/vars.c | 143 ++++++++++++++++++-------
> fs/efivarfs/file.c | 70 ++++++++++++
> fs/efivarfs/inode.c | 30 ++++--
> fs/efivarfs/internal.h | 3 +-
> fs/efivarfs/super.c | 16 +--
> include/linux/efi.h | 5 +-
> include/linux/ucs2_string.h | 4 +
> lib/ucs2_string.c | 62 +++++++++++
> tools/testing/selftests/efivarfs/efivarfs.sh | 19 +++-
> tools/testing/selftests/efivarfs/open-unlink.c | 72 ++++++++++++-
> 12 files changed, 383 insertions(+), 83 deletions(-)
Pulled, thanks Matt!
Ingo
next prev parent reply other threads:[~2016-02-16 12:15 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-12 11:27 [GIT PULL 0/5] EFI urgent fixes Matt Fleming
2016-02-12 11:27 ` Matt Fleming
2016-02-12 11:27 ` [PATCH 2/5] efi: Use ucs2_as_utf8 in efivarfs instead of open coding a bad version Matt Fleming
[not found] ` <1455276432-9931-3-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-18 5:34 ` H. Peter Anvin
2016-02-18 5:34 ` H. Peter Anvin
[not found] ` <12473B1F-5227-4E83-BAF9-06B69CF74D77-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2016-02-18 6:09 ` Matthew Garrett
[not found] ` <CAPeXnHuoQgrz1-_zkBKcskNE24jK2L5DSyWjbBoU+ceVzGZe0Q-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-02-18 9:36 ` H. Peter Anvin
[not found] ` <1455276432-9931-1-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-12 11:27 ` [PATCH 1/5] lib/ucs2_string: Add ucs2 -> utf8 helper functions Matt Fleming
2016-02-12 11:27 ` Matt Fleming
2016-02-12 11:27 ` [PATCH 3/5] efi: Do variable name validation tests in utf8 Matt Fleming
2016-02-12 11:27 ` Matt Fleming
2016-02-12 11:27 ` [PATCH 4/5] efi: Make our variable validation list include the guid Matt Fleming
2016-02-12 11:27 ` [PATCH 5/5] efi: Make efivarfs entries immutable by default Matt Fleming
[not found] ` <1455276432-9931-6-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-15 10:50 ` Matt Fleming
2016-02-15 10:50 ` Matt Fleming
2016-02-16 12:15 ` Ingo Molnar [this message]
2016-02-16 12:52 ` [GIT PULL 0/5] EFI urgent fixes Matt Fleming
[not found] ` <20160216125236.GB2769-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-17 7:59 ` Ingo Molnar
2016-02-17 7:59 ` Ingo Molnar
2016-02-17 10:16 ` Matt Fleming
-- strict thread matches above, loose matches on Subject: below --
2017-05-26 11:36 Matt Fleming
2017-05-26 11:36 ` Matt Fleming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160216121545.GA9395@gmail.com \
--to=mingo@kernel.org \
--cc=ard.biesheuvel@linaro.org \
--cc=hpa@zytor.com \
--cc=jlee@suse.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matt@codeblueprint.co.uk \
--cc=mjg59@coreos.com \
--cc=pjones@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.