Merge tag 'efi-urgent' of git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi into x86/urgent

Pull EFI fixes from Matt Fleming: * Prevent accidental deletion of EFI variables through efivarfs that may brick machines. We use a whitelist of known-safe variables to allow things like installing distributions to work out of the box, and instead restrict vendor-specific variable deletion by making non-whitelist variables immutable (Peter Jones) Signed-off-by: Ingo Molnar <mingo@kernel.org>
author: Ingo Molnar <mingo@kernel.org> 2016-02-16 07:14:57 -0500
committer: Ingo Molnar <mingo@kernel.org> 2016-02-16 07:14:57 -0500
commit: 4682c211a80ee93214b72d95f861b0f6e90e5445 (patch)
tree: eac511760095ae87cce978b369c80c079d347448 /tools
parent: 1926e54f115725a9248d0c4c65c22acaf94de4c4 (diff)
parent: ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879 (diff)
2 files changed, 87 insertions, 4 deletions
diff --git a/tools/testing/selftests/efivarfs/efivarfs.sh b/tools/testing/selftests/efivarfs/efivarfs.sh
index 77edcdcc016b..057278448515 100755
--- a/tools/testing/selftests/efivarfs/efivarfs.sh
+++ b/tools/testing/selftests/efivarfs/efivarfs.sh
@@ -88,7 +88,11 @@ test_delete()
                exit 1
        fi
-        rm $file
+        rm $file 2>/dev/null
+        if [ $? -ne 0 ]; then
+                chattr -i $file
+                rm $file
+        fi
        if [ -e $file ]; then
                echo "$file couldn't be deleted" >&2
@@ -111,6 +115,7 @@ test_zero_size_delete()
                exit 1
        fi
+        chattr -i $file
        printf "$attrs" > $file
        if [ -e $file ]; then
@@ -141,7 +146,11 @@ test_valid_filenames()
                        echo "$file could not be created" >&2
                        ret=1
                else
-                        rm $file
+                        rm $file 2>/dev/null
+                        if [ $? -ne 0 ]; then
+                                chattr -i $file
+                                rm $file
+                        fi
                fi
        done
@@ -174,7 +183,11 @@ test_invalid_filenames()
                if [ -e $file ]; then
                        echo "Creating $file should have failed" >&2
-                        rm $file
+                        rm $file 2>/dev/null
+                        if [ $? -ne 0 ]; then
+                                chattr -i $file
+                                rm $file
+                        fi
                        ret=1
                fi
        done
diff --git a/tools/testing/selftests/efivarfs/open-unlink.c b/tools/testing/selftests/efivarfs/open-unlink.c
index 8c0764407b3c..4af74f733036 100644
--- a/tools/testing/selftests/efivarfs/open-unlink.c
+++ b/tools/testing/selftests/efivarfs/open-unlink.c
@@ -1,10 +1,68 @@
+#include <errno.h>
 #include <stdio.h>
 #include <stdint.h>
 #include <stdlib.h>
 #include <unistd.h>
+#include <sys/ioctl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
+#include <linux/fs.h>
+static int set_immutable(const char *path, int immutable)
+{
+        unsigned int flags;
+        int fd;
+        int rc;
+        int error;
+        fd = open(path, O_RDONLY);
+        if (fd < 0)
+                return fd;
+        rc = ioctl(fd, FS_IOC_GETFLAGS, &flags);
+        if (rc < 0) {
+                error = errno;
+                close(fd);
+                errno = error;
+                return rc;
+        }
+        if (immutable)
+                flags |= FS_IMMUTABLE_FL;
+        else
+                flags &= ~FS_IMMUTABLE_FL;
+        rc = ioctl(fd, FS_IOC_SETFLAGS, &flags);
+        error = errno;
+        close(fd);
+        errno = error;
+        return rc;
+}
+static int get_immutable(const char *path)
+{
+        unsigned int flags;
+        int fd;
+        int rc;
+        int error;
+        fd = open(path, O_RDONLY);
+        if (fd < 0)
+                return fd;
+        rc = ioctl(fd, FS_IOC_GETFLAGS, &flags);
+        if (rc < 0) {
+                error = errno;
+                close(fd);
+                errno = error;
+                return rc;
+        }
+        close(fd);
+        if (flags & FS_IMMUTABLE_FL)
+                return 1;
+        return 0;
+}
 int main(int argc, char **argv)
 {
@@ -27,7 +85,7 @@ int main(int argc, char **argv)
        buf[4] = 0;
        /* create a test variable */
-        fd = open(path, O_WRONLY | O_CREAT);
+        fd = open(path, O_WRONLY | O_CREAT, 0600);
        if (fd < 0) {
                perror("open(O_WRONLY)");
                return EXIT_FAILURE;
@@ -41,6 +99,18 @@ int main(int argc, char **argv)
        close(fd);
+        rc = get_immutable(path);
+        if (rc < 0) {
+                perror("ioctl(FS_IOC_GETFLAGS)");
+                return EXIT_FAILURE;
+        } else if (rc) {
+                rc = set_immutable(path, 0);
+                if (rc < 0) {
+                        perror("ioctl(FS_IOC_SETFLAGS)");
+                        return EXIT_FAILURE;
+                }
+        }
        fd = open(path, O_RDONLY);
        if (fd < 0) {
                perror("open");
author	Ingo Molnar <mingo@kernel.org>	2016-02-16 07:14:57 -0500
committer	Ingo Molnar <mingo@kernel.org>	2016-02-16 07:14:57 -0500
commit	4682c211a80ee93214b72d95f861b0f6e90e5445 (patch)
tree	eac511760095ae87cce978b369c80c079d347448 /tools
parent	1926e54f115725a9248d0c4c65c22acaf94de4c4 (diff)
parent	ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879 (diff)

diff --git a/tools/testing/selftests/efivarfs/efivarfs.sh b/tools/testing/selftests/efivarfs/efivarfs.sh index 77edcdcc016b..057278448515 100755 --- a/tools/testing/selftests/efivarfs/efivarfs.sh +++ b/tools/testing/selftests/efivarfs/efivarfs.sh
@@ -88,7 +88,11 @@ test_delete()
88	exit 1	88	exit 1
89	fi	89	fi
90		90
91	rm $file	91	rm $file 2>/dev/null
		92	if [ $? -ne 0 ]; then
		93	chattr -i $file
		94	rm $file
		95	fi
92		96
93	if [ -e $file ]; then	97	if [ -e $file ]; then
94	echo "$file couldn't be deleted" >&2	98	echo "$file couldn't be deleted" >&2
@@ -111,6 +115,7 @@ test_zero_size_delete()
111	exit 1	115	exit 1
112	fi	116	fi
113		117
		118	chattr -i $file
114	printf "$attrs" > $file	119	printf "$attrs" > $file
115		120
116	if [ -e $file ]; then	121	if [ -e $file ]; then
@@ -141,7 +146,11 @@ test_valid_filenames()
141	echo "$file could not be created" >&2	146	echo "$file could not be created" >&2
142	ret=1	147	ret=1
143	else	148	else
144	rm $file	149	rm $file 2>/dev/null
		150	if [ $? -ne 0 ]; then
		151	chattr -i $file
		152	rm $file
		153	fi
145	fi	154	fi
146	done	155	done
147		156
@@ -174,7 +183,11 @@ test_invalid_filenames()
174		183
175	if [ -e $file ]; then	184	if [ -e $file ]; then
176	echo "Creating $file should have failed" >&2	185	echo "Creating $file should have failed" >&2
177	rm $file	186	rm $file 2>/dev/null
		187	if [ $? -ne 0 ]; then
		188	chattr -i $file
		189	rm $file
		190	fi
178	ret=1	191	ret=1
179	fi	192	fi
180	done	193	done


diff --git a/tools/testing/selftests/efivarfs/open-unlink.c b/tools/testing/selftests/efivarfs/open-unlink.c index 8c0764407b3c..4af74f733036 100644 --- a/tools/testing/selftests/efivarfs/open-unlink.c +++ b/tools/testing/selftests/efivarfs/open-unlink.c
@@ -1,10 +1,68 @@
		1	#include <errno.h>
1	#include <stdio.h>	2	#include <stdio.h>
2	#include <stdint.h>	3	#include <stdint.h>
3	#include <stdlib.h>	4	#include <stdlib.h>
4	#include <unistd.h>	5	#include <unistd.h>
		6	#include <sys/ioctl.h>
5	#include <sys/types.h>	7	#include <sys/types.h>
6	#include <sys/stat.h>	8	#include <sys/stat.h>
7	#include <fcntl.h>	9	#include <fcntl.h>
		10	#include <linux/fs.h>
		11
		12	static int set_immutable(const char *path, int immutable)
		13	{
		14	unsigned int flags;
		15	int fd;
		16	int rc;
		17	int error;
		18
		19	fd = open(path, O_RDONLY);
		20	if (fd < 0)
		21	return fd;
		22
		23	rc = ioctl(fd, FS_IOC_GETFLAGS, &flags);
		24	if (rc < 0) {
		25	error = errno;
		26	close(fd);
		27	errno = error;
		28	return rc;
		29	}
		30
		31	if (immutable)
		32	flags \|= FS_IMMUTABLE_FL;
		33	else
		34	flags &= ~FS_IMMUTABLE_FL;
		35
		36	rc = ioctl(fd, FS_IOC_SETFLAGS, &flags);
		37	error = errno;
		38	close(fd);
		39	errno = error;
		40	return rc;
		41	}
		42
		43	static int get_immutable(const char *path)
		44	{
		45	unsigned int flags;
		46	int fd;
		47	int rc;
		48	int error;
		49
		50	fd = open(path, O_RDONLY);
		51	if (fd < 0)
		52	return fd;
		53
		54	rc = ioctl(fd, FS_IOC_GETFLAGS, &flags);
		55	if (rc < 0) {
		56	error = errno;
		57	close(fd);
		58	errno = error;
		59	return rc;
		60	}
		61	close(fd);
		62	if (flags & FS_IMMUTABLE_FL)
		63	return 1;
		64	return 0;
		65	}
8		66
9	int main(int argc, char **argv)	67	int main(int argc, char **argv)
10	{	68	{
@@ -27,7 +85,7 @@ int main(int argc, char **argv)
27	buf[4] = 0;	85	buf[4] = 0;
28		86
29	/* create a test variable */	87	/* create a test variable */
30	fd = open(path, O_WRONLY \| O_CREAT);	88	fd = open(path, O_WRONLY \| O_CREAT, 0600);
31	if (fd < 0) {	89	if (fd < 0) {
32	perror("open(O_WRONLY)");	90	perror("open(O_WRONLY)");
33	return EXIT_FAILURE;	91	return EXIT_FAILURE;
@@ -41,6 +99,18 @@ int main(int argc, char **argv)
41		99
42	close(fd);	100	close(fd);
43		101
		102	rc = get_immutable(path);
		103	if (rc < 0) {
		104	perror("ioctl(FS_IOC_GETFLAGS)");
		105	return EXIT_FAILURE;
		106	} else if (rc) {
		107	rc = set_immutable(path, 0);
		108	if (rc < 0) {
		109	perror("ioctl(FS_IOC_SETFLAGS)");
		110	return EXIT_FAILURE;
		111	}
		112	}
		113
44	fd = open(path, O_RDONLY);	114	fd = open(path, O_RDONLY);
45	if (fd < 0) {	115	if (fd < 0) {
46	perror("open");	116	perror("open");