From: Sasha Levin <sashal@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
stable <stable@vger.kernel.org>,
Gen Zhang <blackgod016574@gmail.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Peter Zijlstra <peterz@infradead.org>,
Rob Bradford <robert.bradford@intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
linux-efi <linux-efi@vger.kernel.org>,
Ingo Molnar <mingo@kernel.org>,
platform-driver-x86@vger.kernel.org
Subject: Re: [PATCH AUTOSEL 4.19 17/49] efi/x86/Add missing error handling to old_memmap 1:1 mapping code
Date: Wed, 19 Jun 2019 16:58:12 -0400 [thread overview]
Message-ID: <20190619205812.GE2226@sasha-vm> (raw)
In-Reply-To: <CAKv+Gu9ZJ42=NJWDX4+DgkMWaSEakNw-yYiUtsUE48D-V6=7-w@mail.gmail.com>
On Sun, Jun 09, 2019 at 08:14:29PM +0200, Ard Biesheuvel wrote:
>On Sat, 8 Jun 2019 at 13:43, Sasha Levin <sashal@kernel.org> wrote:
>>
>> From: Gen Zhang <blackgod016574@gmail.com>
>>
>> [ Upstream commit 4e78921ba4dd0aca1cc89168f45039add4183f8e ]
>>
>> The old_memmap flow in efi_call_phys_prolog() performs numerous memory
>> allocations, and either does not check for failure at all, or it does
>> but fails to propagate it back to the caller, which may end up calling
>> into the firmware with an incomplete 1:1 mapping.
>>
>> So let's fix this by returning NULL from efi_call_phys_prolog() on
>> memory allocation failures only, and by handling this condition in the
>> caller. Also, clean up any half baked sets of page tables that we may
>> have created before returning with a NULL return value.
>>
>> Note that any failure at this level will trigger a panic() two levels
>> up, so none of this makes a huge difference, but it is a nice cleanup
>> nonetheless.
>>
>> [ardb: update commit log, add efi_call_phys_epilog() call on error path]
>>
>> Signed-off-by: Gen Zhang <blackgod016574@gmail.com>
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> Cc: Linus Torvalds <torvalds@linux-foundation.org>
>> Cc: Peter Zijlstra <peterz@infradead.org>
>> Cc: Rob Bradford <robert.bradford@intel.com>
>> Cc: Thomas Gleixner <tglx@linutronix.de>
>> Cc: linux-efi@vger.kernel.org
>> Link: http://lkml.kernel.org/r/20190525112559.7917-2-ard.biesheuvel@linaro.org
>> Signed-off-by: Ingo Molnar <mingo@kernel.org>
>> Signed-off-by: Sasha Levin <sashal@kernel.org>
>
>This was already discussed in the thread that proposed this patch for
>stable: please don't queue this right now, the patches are more likely
>to harm than hurt, and they certainly don't fix a security
>vulnerability, as has been claimed.
I've dropped this, thank you.
--
Thanks,
Sasha
next prev parent reply other threads:[~2019-06-19 20:58 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-08 11:41 [PATCH AUTOSEL 4.19 01/49] iio: dac: ds4422/ds4424 fix chip verification Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 02/49] iio: adc: ti-ads8688: fix timestamp is not updated in buffer Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 03/49] Staging: vc04_services: Fix a couple error codes Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 04/49] perf/x86/intel/ds: Fix EVENT vs. UEVENT PEBS constraints Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 05/49] netfilter: nf_queue: fix reinject verdict handling Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 06/49] ipvs: Fix use-after-free in ip_vs_in Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 07/49] selftests: netfilter: missing error check when setting up veth interface Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 08/49] clk: ti: clkctrl: Fix clkdm_clk handling Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 09/49] powerpc/powernv: Return for invalid IMC domain Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 10/49] usb: xhci: Fix a potential null pointer dereference in xhci_debugfs_create_endpoint() Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 11/49] mISDN: make sure device name is NUL terminated Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 12/49] x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 13/49] perf/ring_buffer: Fix exposing a temporarily decreased data_head Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 14/49] perf/ring_buffer: Add ordering to rb->nest increment Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 15/49] perf/ring-buffer: Always use {READ,WRITE}_ONCE() for rb->user_page data Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 16/49] gpio: fix gpio-adp5588 build errors Sasha Levin
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 17/49] efi/x86/Add missing error handling to old_memmap 1:1 mapping code Sasha Levin
2019-06-09 18:14 ` Ard Biesheuvel
2019-06-19 20:58 ` Sasha Levin [this message]
2019-06-08 11:41 ` [PATCH AUTOSEL 4.19 18/49] net: stmmac: update rx tail pointer register to fix rx dma hang issue Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 19/49] net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 20/49] ACPI/PCI: PM: Add missing wakeup.flags.valid checks Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 21/49] PCI: PM: Avoid possible suspend-to-idle issue Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 22/49] loop: Don't change loop device under exclusive opener Sasha Levin
2019-06-10 9:00 ` Jan Kara
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 23/49] drm/etnaviv: lock MMU while dumping core Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 24/49] net: aquantia: tx clean budget logic error Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 25/49] net: aquantia: fix LRO with FCS error Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 26/49] i2c: dev: fix potential memory leak in i2cdev_ioctl_rdwr Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 27/49] i2c: mlxcpld: Fix wrong initialization order in probe Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 28/49] ALSA: hda - Force polling mode on CNL for fixing codec communication Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 29/49] configfs: Fix use-after-free when accessing sd->s_dentry Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 30/49] perf data: Fix 'strncat may truncate' build failure with recent gcc Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 31/49] perf namespace: Protect reading thread's namespace Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 32/49] perf record: Fix s390 missing module symbol and warning for non-root users Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 33/49] ia64: fix build errors by exporting paddr_to_nid() Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 34/49] xen/pvcalls: Remove set but not used variable Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 35/49] xenbus: Avoid deadlock during suspend due to open transactions Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 36/49] KVM: PPC: Book3S: Use new mutex to synchronize access to rtas token list Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 37/49] KVM: PPC: Book3S HV: Don't take kvm->lock around kvm_for_each_vcpu Sasha Levin
2019-06-08 11:42 ` [PATCH AUTOSEL 4.19 38/49] arm64: fix syscall_fn_t type Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190619205812.GE2226@sasha-vm \
--to=sashal@kernel.org \
--cc=ard.biesheuvel@linaro.org \
--cc=blackgod016574@gmail.com \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=peterz@infradead.org \
--cc=platform-driver-x86@vger.kernel.org \
--cc=robert.bradford@intel.com \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox