korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-15 08:14:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
45b14a4ffc
linux/drivers/firmware/efi
History
Ross Lagerwall 45b14a4ffc efi: cper: Fix possible out-of-bounds access 
When checking a generic status block, we iterate over all the generic
data blocks. The loop condition only checks that the start of the
generic data block is valid (within estatus->data_length) but not the
whole block. Because the size of data blocks (excluding error data) may
vary depending on the revision and the revision is contained within the
data block, ensure that enough of the current data block is valid before
dereferencing any members otherwise an out-of-bounds access may occur if
estatus->data_length is invalid.

This relies on the fact that struct acpi_hest_generic_data_v300 is a
superset of the earlier version.  Also rework the other checks to avoid
potential underflow.

Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Acked-by: Borislav Petkov <bp@suse.de>
Tested-by: Tyler Baicar <baicar.tyler@gmail.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
2019-02-20 10:34:35 +01:00
..
libstub Merge branch 'efi-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-12-26 13:38:38 -08:00
test Remove 'type' argument from access_ok() function 2019-01-03 18:57:57 -08:00
apple-properties.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
arm-init.c efi/arm: Revert deferred unmap of early memmap mapping 2018-11-15 10:04:46 +01:00
arm-runtime.c arm64: mm: Introduce DEFAULT_MAP_WINDOW 2018-12-10 18:42:17 +00:00
capsule-loader.c efi/capsule-loader: Don't output reset log when reset flags are not set 2018-05-14 08:57:49 +02:00
capsule.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
cper-arm.c efi/cper: Remove the INDENT_SP silliness 2018-05-14 08:57:47 +02:00
cper-x86.c efi: Decode IA32/X64 Context Info structure 2018-05-14 08:57:48 +02:00
cper.c efi: cper: Fix possible out-of-bounds access 2019-02-20 10:34:35 +01:00
dev-path-parser.c efi: Add device path parser 2016-11-13 08:23:15 +01:00
efi-bgrt.c efi/bgrt: Drop __initdata from bgrt_image_size 2018-07-03 17:43:10 +02:00
efi-pstore.c pstore: Convert buf_lock to semaphore 2018-12-03 17:11:02 -08:00
efi.c efi: Reduce the amount of memblock reservations for persistent allocations 2018-11-30 09:37:57 +01:00
efibc.c efibc: Report more information in the error messages 2016-06-27 13:06:54 +02:00
efivars.c compat: Cleanup in_compat_syscall() callers 2018-11-01 13:02:21 +01:00
esrt.c efi/esrt: Only call efi_mem_reserve() for boot services memory 2018-07-17 09:15:05 +02:00
fake_mem.c x86/efi: Don't allocate memmap through memblock after mm_init() 2017-01-07 08:58:07 +01:00
Kconfig efi/libstub/arm: default EFI_ARMSTUB_DTB_LOADER to y 2018-09-12 16:41:41 +02:00
Makefile efi: Decode IA32/X64 Processor Error Section 2018-05-14 08:57:47 +02:00
memattr.c x86/efi: Add support for EFI_MEMORY_ATTRIBUTES_TABLE 2017-02-01 08:45:44 +01:00
memmap.c efi/arm: Revert deferred unmap of early memmap mapping 2018-11-15 10:04:46 +01:00
reboot.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
runtime-map.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
runtime-wrappers.c efi: Fix debugobjects warning on 'efi_rts_work' 2018-11-15 10:04:45 +01:00
tpm.c efi: call get_event_log before ExitBootServices 2018-01-08 12:58:35 +02:00
vars.c firmware/efi: Add NULL pointer checks in efivars API functions 2018-11-30 09:06:32 +01:00