From: Matt Fleming <matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
To: Peter Jones <pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Cc: linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 2/5] efi: use ucs2_as_utf8 in efivarfs instead of open coding a bad version
Date: Wed, 3 Feb 2016 16:42:45 +0000 [thread overview]
Message-ID: <20160203164245.GA15385@codeblueprint.co.uk> (raw)
In-Reply-To: <1454504567-2826-2-git-send-email-pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
On Wed, 03 Feb, at 08:02:44AM, Peter Jones wrote:
> Translate EFI's UCS-2 variable names to UTF-8 instead of just assuming
> all variable names fit in ASCII.
>
> Signed-off-by: Peter Jones <pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
> ---
> drivers/firmware/efi/efivars.c | 13 ++++---------
> fs/efivarfs/super.c | 7 +++----
> 2 files changed, 7 insertions(+), 13 deletions(-)
This patch causes the following Oops on my test grid,
[ 1.331926] EFI Variables Facility v0.08 2004-May-17
[ 1.341570] hidraw: raw HID events driver (C) Jiri Kosina
[ 1.343291] general protection fault: 0000 [#1] SMP
[ 1.343400] Modules linked in:
[ 1.343550] CPU: 1 PID: 181 Comm: kworker/u4:4 Not tainted 4.4.0-rc2+ #1
[ 1.343726] Workqueue: events_unbound call_usermodehelper_exec_work
[ 1.343821] task: ffff88003f84d080 ti: ffff88003df48000 task.ti: ffff88003df48000
[ 1.343915] RIP: 0010:[<ffffffff8116399c>] [<ffffffff8116399c>] __kmalloc_track_caller+0x8c/0x170
[ 1.344039] RSP: 0018:ffff88003df4bbc8 EFLAGS: 00000286
[ 1.344039] RAX: 0000000000000000 RBX: 0000000000000018 RCX: 0000000000000d46
[ 1.344039] RDX: 0000000000000d45 RSI: 0000000000000000 RDI: 0000000000000002
[ 1.344039] RBP: ffff88003df4bbf8 R08: 00000000000182e0 R09: 000000003fb0f401
[ 1.344039] R10: 0000000000000003 R11: ffff88003df99480 R12: 00000000024000c0
[ 1.344039] R13: 0000000000000018 R14: 3061612d32643131 R15: ffff88003dc01c00
[ 1.344039] FS: 0000000000000000(0000) GS:ffff88003e100000(0000) knlGS:0000000000000000
[ 1.344039] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 1.344039] CR2: 0000000000000000 CR3: 0000000001e0b000 CR4: 00000000000006e0
[ 1.344039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1.344039] DR3: 0000000000000000 DR6: 0000000000000000 DR7: 0000000000000000
[ 1.344039] Stack:
[ 1.344039] ffffffff812adda6 0000000000000018 ffff88003df8b480 ffff88003dee0780
[ 1.344039] ffff88003fb0f480 ffffffff81065ed0 ffff88003df4bc18 ffffffff811304fb
[ 1.344039] ffff88003fb0f480 00000000024000c0 ffff88003df4bc30 ffffffff812adda6
[ 1.344039] Call Trace:
[ 1.344039] [<ffffffff812adda6>] ? selinux_cred_prepare+0x16/0x30
[ 1.344039] [<ffffffff81065ed0>] ? call_usermodehelper_exec_work+0xb0/0xb0
[ 1.344039] [<ffffffff811304fb>] kmemdup+0x1b/0x40
[ 1.344039] [<ffffffff812adda6>] selinux_cred_prepare+0x16/0x30
[ 1.344039] [<ffffffff812a9c9e>] security_prepare_creds+0x3e/0x60
[ 1.344039] [<ffffffff8107077d>] prepare_creds+0xdd/0x180
[ 1.344039] [<ffffffff81070cc2>] copy_creds+0x22/0x110
[ 1.344039] [<ffffffff81051771>] copy_process+0x311/0x1dc0
[ 1.344039] [<ffffffff81035c22>] ? native_smp_send_reschedule+0x42/0x60
[ 1.344039] [<ffffffff8107722a>] ? resched_curr+0x8a/0xb0
[ 1.344039] [<ffffffff8105338d>] _do_fork+0x7d/0x2d0
[ 1.344039] [<ffffffff8108525e>] ? pick_next_task_fair+0x3fe/0x460
[ 1.344039] [<ffffffff81053604>] kernel_thread+0x24/0x30
[ 1.344039] [<ffffffff81065e46>] call_usermodehelper_exec_work+0x26/0xb0
[ 1.344039] [<ffffffff8186def3>] ? __schedule+0x313/0x870
[ 1.344039] [<ffffffff8106996e>] process_one_work+0x13e/0x3c0
[ 1.344039] [<ffffffff81069d05>] worker_thread+0x115/0x450
[ 1.344039] [<ffffffff8186def3>] ? __schedule+0x313/0x870
[ 1.344039] [<ffffffff81069bf0>] ? process_one_work+0x3c0/0x3c0
[ 1.344039] [<ffffffff8106ed64>] kthread+0xc4/0xe0
[ 1.344039] [<ffffffff8106eca0>] ? kthread_park+0x50/0x50
[ 1.344039] [<ffffffff81871adf>] ret_from_fork+0x3f/0x70
[ 1.344039] [<ffffffff8106eca0>] ? kthread_park+0x50/0x50
[ 1.344039] Code: 4c 03 05 a0 67 ea 7e 4d 8b 30 49 8b 40 10 4d 85 f6 0f 84 8e 00 00 00 48 85 c0 0f 84 85 00 00 00 49 63 47 20 48 8d 4a 01 4d 8b 07 <49> 8b 1c 06 4c 89 f0 65 49 0f c7 08 0f 94 c0 84 c0 74 b9 49 63
[ 1.344039] RIP [<ffffffff8116399c>] __kmalloc_track_caller+0x8c/0x170
[ 1.344039] RSP <ffff88003df4bbc8>
[ 1.348190] ---[ end trace ed036c029f24ae69 ]---
I suspect the length calculations we're doing are now wrong and we're
overwriting kmalloc metadata, probably in the efivars code.
next prev parent reply other threads:[~2016-02-03 16:42 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-03 13:02 [PATCH 1/5] Add ucs2 -> utf8 helper functions Peter Jones
[not found] ` <1454504567-2826-1-git-send-email-pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-02-03 13:02 ` [PATCH 2/5] efi: use ucs2_as_utf8 in efivarfs instead of open coding a bad version Peter Jones
[not found] ` <1454504567-2826-2-git-send-email-pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-02-03 16:42 ` Matt Fleming [this message]
[not found] ` <20160203164245.GA15385-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-03 16:55 ` [PATCH] efi: use ucs2_as_utf8 in efivarfs instead of open coding a bad version (v2) Peter Jones
2016-02-03 13:02 ` [PATCH 3/5] efi: do variable name validation tests in utf8 Peter Jones
2016-02-03 13:02 ` [PATCH 4/5] efi: make our variable validation list include the guid Peter Jones
2016-02-03 13:02 ` [PATCH 5/5] efi: Make efivarfs entries immutable by default Peter Jones
[not found] ` <1454504567-2826-5-git-send-email-pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-02-03 14:13 ` Matt Fleming
[not found] ` <20160203141354.GH2597-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-03 14:20 ` Steve McIntyre
[not found] ` <20160203141959.GA3319-nt0JYOx6u4DQT0dZR+AlfA@public.gmane.org>
2016-02-03 14:50 ` Leif Lindholm
[not found] ` <20160203145005.GH10351-t77nlHhSwNqAroYi2ySoxKxOck334EZe@public.gmane.org>
2016-02-03 14:56 ` Matt Fleming
[not found] ` <20160203145621.GI2597-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-03 15:00 ` Steve McIntyre
-- strict thread matches above, loose matches on Subject: below --
2016-02-12 11:27 [GIT PULL 0/5] EFI urgent fixes Matt Fleming
2016-02-12 11:27 ` [PATCH 2/5] efi: Use ucs2_as_utf8 in efivarfs instead of open coding a bad version Matt Fleming
[not found] ` <1455276432-9931-3-git-send-email-matt-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2016-02-18 5:34 ` H. Peter Anvin
[not found] ` <12473B1F-5227-4E83-BAF9-06B69CF74D77-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>
2016-02-18 6:09 ` Matthew Garrett
[not found] ` <CAPeXnHuoQgrz1-_zkBKcskNE24jK2L5DSyWjbBoU+ceVzGZe0Q-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-02-18 9:36 ` H. Peter Anvin
2016-02-03 16:43 [PATCH 1/5] Add ucs2 -> utf8 helper functions Peter Jones
[not found] ` <1454517834-13736-1-git-send-email-pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-02-03 16:43 ` [PATCH 2/5] efi: use ucs2_as_utf8 in efivarfs instead of open coding a bad version Peter Jones
2016-02-02 22:33 Preventing "rm -rf /sys/firmware/efi/efivars/" from damage Peter Jones
[not found] ` <1454452386-27709-1-git-send-email-pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-02-02 22:33 ` [PATCH 2/5] efi: use ucs2_as_utf8 in efivarfs instead of open coding a bad version Peter Jones
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160203164245.GA15385@codeblueprint.co.uk \
--to=matt-mf/unelci9gs6ibeejttw/xrex20p6io@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).