From: Ilias Apalodimas <ilias.apalodimas@linaro.org>
To: Dan Carpenter <dan.carpenter@linaro.org>
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>, u-boot@lists.denx.de
Subject: Re: [PATCH v2] efi_loader: Fix memory corruption on 32bit systems
Date: Thu, 27 Jul 2023 11:22:15 +0300 [thread overview]
Message-ID: <ZMIpN+cdRlYXsWGV@hades> (raw)
In-Reply-To: <aeee8dc2-e83a-4624-a12b-5065eb797ed4@moroto.mountain>
Hi Dan,
[...]
> @@ -313,7 +313,7 @@ static int cmp_pe_section(const void *arg1, const void *arg2)
> *
> * Return: valid pointer to a image, return NULL if allocation fails.
> */
> -void *efi_prepare_aligned_image(void *efi, u64 *efi_size)
> +void *efi_prepare_aligned_image(void *efi, size_t *efi_size)
> {
> size_t new_efi_size;
> void *new_efi;
> @@ -600,7 +600,7 @@ static bool efi_image_authenticate(void *efi, size_t efi_size)
> if (!efi_secure_boot_enabled())
> return true;
>
> - new_efi = efi_prepare_aligned_image(efi, (u64 *)&efi_size);
> + new_efi = efi_prepare_aligned_image(efi, &efi_size);
> if (!new_efi)
> return false;
>
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index 49f8a5e77cbf..d57afd0c498b 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -882,7 +882,7 @@ out:
> *
> * Return: status code
> */
> -static efi_status_t tcg2_hash_pe_image(void *efi, u64 efi_size,
> +static efi_status_t tcg2_hash_pe_image(void *efi, size_t efi_size,
> struct tpml_digest_values *digest_list)
Unfortunately the rabbit hole is a bit deeper with this one.
tcg2_hash_pe_image() is called in
- tcg2_measure_pe_image(). This one is called in efi_load_pe() and the type
is indeed a size_t there, so that's fine
- efi_tcg2_hash_log_extend_event(), this one is different...
The function is described by the EFI spec [0] which mandates a u64... I
think that was the reason efi_prepare_aligned_image() is using a u64 to
begin with. This one uses the size only though not the pointer, but in a
32bit platform it would truncate s size > UINT_MAX.
[0] https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf
Regards
/Ilias
> {
> WIN_CERTIFICATE *wincerts = NULL;
> --
> 2.39.2
>
next prev parent reply other threads:[~2023-07-27 8:22 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-27 7:11 [PATCH v2] efi_loader: Fix memory corruption on 32bit systems Dan Carpenter
2023-07-27 8:22 ` Ilias Apalodimas [this message]
2023-07-27 9:49 ` Dan Carpenter
2023-07-28 1:51 ` Simon Glass
2023-07-28 4:52 ` Heinrich Schuchardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZMIpN+cdRlYXsWGV@hades \
--to=ilias.apalodimas@linaro.org \
--cc=dan.carpenter@linaro.org \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox