diff options
| author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2018-05-04 01:59:58 -0400 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2018-05-14 02:56:29 -0400 |
| commit | 0b3225ab9407f557a8e20f23f37aa7236c10a9b1 (patch) | |
| tree | 22d16961238b4d1afd1b8813229ce001956889f6 | |
| parent | 67b8d5c7081221efa252e111cd52532ec6d4266f (diff) | |
efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode
Mixed mode allows a kernel built for x86_64 to interact with 32-bit
EFI firmware, but requires us to define all struct definitions carefully
when it comes to pointer sizes.
'struct efi_pci_io_protocol_32' currently uses a 'void *' for the
'romimage' field, which will be interpreted as a 64-bit field
on such kernels, potentially resulting in bogus memory references
and subsequent crashes.
Tested-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: <stable@vger.kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/20180504060003.19618-13-ard.biesheuvel@linaro.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
| -rw-r--r-- | arch/x86/boot/compressed/eboot.c | 6 | ||||
| -rw-r--r-- | include/linux/efi.h | 8 |
2 files changed, 8 insertions, 6 deletions
diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c index 47d3efff6805..09f36c0d9d4f 100644 --- a/arch/x86/boot/compressed/eboot.c +++ b/arch/x86/boot/compressed/eboot.c | |||
| @@ -163,7 +163,8 @@ __setup_efi_pci32(efi_pci_io_protocol_32 *pci, struct pci_setup_rom **__rom) | |||
| 163 | if (status != EFI_SUCCESS) | 163 | if (status != EFI_SUCCESS) |
| 164 | goto free_struct; | 164 | goto free_struct; |
| 165 | 165 | ||
| 166 | memcpy(rom->romdata, pci->romimage, pci->romsize); | 166 | memcpy(rom->romdata, (void *)(unsigned long)pci->romimage, |
| 167 | pci->romsize); | ||
| 167 | return status; | 168 | return status; |
| 168 | 169 | ||
| 169 | free_struct: | 170 | free_struct: |
| @@ -269,7 +270,8 @@ __setup_efi_pci64(efi_pci_io_protocol_64 *pci, struct pci_setup_rom **__rom) | |||
| 269 | if (status != EFI_SUCCESS) | 270 | if (status != EFI_SUCCESS) |
| 270 | goto free_struct; | 271 | goto free_struct; |
| 271 | 272 | ||
| 272 | memcpy(rom->romdata, pci->romimage, pci->romsize); | 273 | memcpy(rom->romdata, (void *)(unsigned long)pci->romimage, |
| 274 | pci->romsize); | ||
| 273 | return status; | 275 | return status; |
| 274 | 276 | ||
| 275 | free_struct: | 277 | free_struct: |
diff --git a/include/linux/efi.h b/include/linux/efi.h index f1b7d68ac460..3016d8c456bc 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h | |||
| @@ -395,8 +395,8 @@ typedef struct { | |||
| 395 | u32 attributes; | 395 | u32 attributes; |
| 396 | u32 get_bar_attributes; | 396 | u32 get_bar_attributes; |
| 397 | u32 set_bar_attributes; | 397 | u32 set_bar_attributes; |
| 398 | uint64_t romsize; | 398 | u64 romsize; |
| 399 | void *romimage; | 399 | u32 romimage; |
| 400 | } efi_pci_io_protocol_32; | 400 | } efi_pci_io_protocol_32; |
| 401 | 401 | ||
| 402 | typedef struct { | 402 | typedef struct { |
| @@ -415,8 +415,8 @@ typedef struct { | |||
| 415 | u64 attributes; | 415 | u64 attributes; |
| 416 | u64 get_bar_attributes; | 416 | u64 get_bar_attributes; |
| 417 | u64 set_bar_attributes; | 417 | u64 set_bar_attributes; |
| 418 | uint64_t romsize; | 418 | u64 romsize; |
| 419 | void *romimage; | 419 | u64 romimage; |
| 420 | } efi_pci_io_protocol_64; | 420 | } efi_pci_io_protocol_64; |
| 421 | 421 | ||
| 422 | typedef struct { | 422 | typedef struct { |