From patchwork Sun Dec 8 18:34:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Bottomley X-Patchwork-Id: 848335 Received: from bedivere.hansenpartnership.com (bedivere.hansenpartnership.com [96.44.175.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AB11F145324 for ; Sun, 8 Dec 2024 18:34:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=96.44.175.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733682896; cv=none; b=P/qRLaTjVfZMpXDKrH3vjYkqfBbJeu3trFQAmg6XMSBSXqsSQFQSt9l913oauloqIQI6vsSnyh7DL38DYXvfllGmM2AppvKv5MNNQjkY5KABCBiLjEom+gunTFbx3SzDLOgznfFsm7pzs0LITbvYiXiI604jEtMOJLIKM68528Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733682896; c=relaxed/simple; bh=hYCB65UU3N49jOe4GHdnAsHY3QqHLJJXqzm1yAqJo38=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=gUpYHTUL1mueh/J9v2U1NezYgy9M7/w6BT20bNl6Bmcdm8aS7cAXd9sw2bGooy6n5yw1hdf5NtjZhMtizxpZZcuFMhdJxkXaoEjcYp0Y38Rr/nSLX2cUbyvL2hUY0hTn9WVkt2GW8LMZA2h91mca64IgXF69xcl1uU1KFTeCjyE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com; spf=pass smtp.mailfrom=HansenPartnership.com; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b=Yrrilq4s; arc=none smtp.client-ip=96.44.175.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=HansenPartnership.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b="Yrrilq4s" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hansenpartnership.com; s=20151216; t=1733682892; bh=hYCB65UU3N49jOe4GHdnAsHY3QqHLJJXqzm1yAqJo38=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:From; b=Yrrilq4sml6jghzly3UkTBdhaqnaV9vRUyrCHfktRlZBL7vCU6Z2HpHNtq7sgdtKw AEGKHuWcGnbdl+fnMEf3yBGKYEMQKUn+1ilOuQb6ODsREJyjJtTtFf8tsgoUx4jEeF dNCOKyy5EPiAzCvk8P0UUhHdWIhrA8xgU7zfCN1o= Received: from localhost (localhost [127.0.0.1]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id E3ACD1286D5D; Sun, 08 Dec 2024 13:34:52 -0500 (EST) Received: from bedivere.hansenpartnership.com ([127.0.0.1]) by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavis, port 10024) with ESMTP id z1S70wOAEYtO; Sun, 8 Dec 2024 13:34:52 -0500 (EST) Received: from lingrow.int.hansenpartnership.com (unknown [153.66.160.227]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 2BDAE1286D4F; Sun, 08 Dec 2024 13:34:52 -0500 (EST) From: James Bottomley To: linux-efi@vger.kernel.org Cc: Jeremy Kerr , Ard Biesheuvel Subject: [PATCH 1/3] efivarfs: fix error on non-existent file Date: Sun, 8 Dec 2024 13:34:13 -0500 Message-Id: <20241208183415.21181-2-James.Bottomley@HansenPartnership.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20241208183415.21181-1-James.Bottomley@HansenPartnership.com> References: <20241208183415.21181-1-James.Bottomley@HansenPartnership.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 efivarfs returns -EINVAL if the non-existing file .doesn't conform to the NAME-GUID format and -ENOENT if it does. This is caused by efivars_d_hash returning -EINVAL if the name isn't formatted correctly. This error is returned before simple_lookup returns a negative dentry and is what the user sees. Fix by removing this check. If the file doesn't exist, simple_lookup will return a negative dentry leading to -ENOENT and efivarfs_create already has a validity check before it creates an entry (and will correctly return -EINVAL) Signed-off-by: James Bottomley --- fs/efivarfs/super.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/fs/efivarfs/super.c b/fs/efivarfs/super.c index a929f1b613be..beba15673be8 100644 --- a/fs/efivarfs/super.c +++ b/fs/efivarfs/super.c @@ -144,9 +144,6 @@ static int efivarfs_d_hash(const struct dentry *dentry, struct qstr *qstr) const unsigned char *s = qstr->name; unsigned int len = qstr->len; - if (!efivarfs_valid_name(s, len)) - return -EINVAL; - while (len-- > EFI_VARIABLE_GUID_LEN) hash = partial_name_hash(*s++, hash); From patchwork Sun Dec 8 18:34:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Bottomley X-Patchwork-Id: 848487 Received: from bedivere.hansenpartnership.com (bedivere.hansenpartnership.com [96.44.175.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CE1D5145324 for ; Sun, 8 Dec 2024 18:35:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=96.44.175.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733682915; cv=none; b=hvZniFMnSRzKyTUyeRU6n9wpu6iq+TGvZBr/uIowW5OHrjVriBNXs8YOYUJPhd0RK7gRk9p/yvCcG9bGHDkCjSJf1kC557BaMy69QrtyFjPh6BTtkRVdIOXycF0GvaHF7mhk4519bUfIMfnmjqaFcKPHj9Hco1llzaGQ3nL2wK0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733682915; c=relaxed/simple; bh=NKq3J5Pxbsfa6Pgv7I9k7oPyvdFWdaUofPaJD3gulr4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=b/h/egAM7JrTxwIbio8c1el7TdyXvSvJY6SY4i69Nndu8sTd+z5w8HiVROC5fa5l6JFjXTakFn5X3kEJIjwseD1FCiedjQid138DeWEhBufkgY9n4kxn4sB2WYeC5scTDGml0GvmUJtDR0nGXK6axQECSQ+SQU0UZTfIejSEauQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com; spf=pass smtp.mailfrom=HansenPartnership.com; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b=kH1wPd1d; arc=none smtp.client-ip=96.44.175.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=HansenPartnership.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b="kH1wPd1d" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hansenpartnership.com; s=20151216; t=1733682912; bh=NKq3J5Pxbsfa6Pgv7I9k7oPyvdFWdaUofPaJD3gulr4=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:From; b=kH1wPd1d+tQldlINqaaTH6JxNA7FTGaGXg5v12ATBCoFFwq/fkBNjoKV/Tl7GrNGE sPKcbFB7Dgf1rtLp8dK9SyGMcPCQmKk/3yyDXEjSa4JYCor6gF/eFF5vc+rApUe0h9 EYZc/sWS9Iy7MtI10kOnbw5FkgUT4xALOFtj+IGc= Received: from localhost (localhost [127.0.0.1]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 7C194128B0C2; Sun, 08 Dec 2024 13:35:12 -0500 (EST) Received: from bedivere.hansenpartnership.com ([127.0.0.1]) by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavis, port 10024) with ESMTP id mULsY8nTPwnT; Sun, 8 Dec 2024 13:35:12 -0500 (EST) Received: from lingrow.int.hansenpartnership.com (unknown [153.66.160.227]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 9266C128B0C1; Sun, 08 Dec 2024 13:35:11 -0500 (EST) From: James Bottomley To: linux-efi@vger.kernel.org Cc: Jeremy Kerr , Ard Biesheuvel Subject: [PATCH 2/3] efivarfs: fix memory leak on variable removal Date: Sun, 8 Dec 2024 13:34:14 -0500 Message-Id: <20241208183415.21181-3-James.Bottomley@HansenPartnership.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20241208183415.21181-1-James.Bottomley@HansenPartnership.com> References: <20241208183415.21181-1-James.Bottomley@HansenPartnership.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 efivar_entry_delete() doesn't free the entry, it merely removes it from the list. Neither efivarfs_unlink(), nor efivarfs_file_write() free the variable entry meaning it remains as unreferenced but allocated memory. Fix by adding the correct kfree()'s. Signed-off-by: James Bottomley --- fs/efivarfs/file.c | 1 + fs/efivarfs/inode.c | 1 + 2 files changed, 2 insertions(+) diff --git a/fs/efivarfs/file.c b/fs/efivarfs/file.c index 23c51d62f902..41b2f5a7239c 100644 --- a/fs/efivarfs/file.c +++ b/fs/efivarfs/file.c @@ -48,6 +48,7 @@ static ssize_t efivarfs_file_write(struct file *file, drop_nlink(inode); d_delete(file->f_path.dentry); dput(file->f_path.dentry); + kfree(var); } else { inode_lock(inode); i_size_write(inode, datasize + sizeof(attributes)); diff --git a/fs/efivarfs/inode.c b/fs/efivarfs/inode.c index 586446e02ef7..37ff34fab9f7 100644 --- a/fs/efivarfs/inode.c +++ b/fs/efivarfs/inode.c @@ -143,6 +143,7 @@ static int efivarfs_unlink(struct inode *dir, struct dentry *dentry) drop_nlink(d_inode(dentry)); dput(dentry); + kfree(var); return 0; }; From patchwork Sun Dec 8 18:34:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Bottomley X-Patchwork-Id: 848334 Received: from bedivere.hansenpartnership.com (bedivere.hansenpartnership.com [96.44.175.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AC30F145324 for ; Sun, 8 Dec 2024 18:35:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=96.44.175.130 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733682929; cv=none; b=VEF41Q7WZ1vJze4I/gCWWl66iOQSdZvQrYOaJ0hXtkBstPbBsjiNUe2q2SBij7UDeGTXwg5Nh0Ew8O7RFn39jyXcn/Jbi1RWVWSGiwrrBcxZjmQ3CestwHyF6NNhKJZG5HGBaYRbYQjy1v0f+FNXzEAaBuFE2exwURsZuA4PA4w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733682929; c=relaxed/simple; bh=KOHlmiAFZTvd0H67ILWQv96xLNHHmTcIL27QVMw+bPE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=OYk5IoOYQ6Kihtb0dFRWcrpRPGCMJqA/Ul/wdCRimNvy+DYlNucxuWPzwFJlX2RDM12ZIpNYCTwnGgTL77is6hrcUJ6RO6r215I8PTWPz+iG2mKM2FAHw5O3Ady34SBf361QHHA8zfFFzmRZH8s7Qn+KL8ZgmC1xpWK9dkFHQNM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com; spf=pass smtp.mailfrom=HansenPartnership.com; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b=ca+KBrEG; arc=none smtp.client-ip=96.44.175.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=HansenPartnership.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=HansenPartnership.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=hansenpartnership.com header.i=@hansenpartnership.com header.b="ca+KBrEG" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hansenpartnership.com; s=20151216; t=1733682925; bh=KOHlmiAFZTvd0H67ILWQv96xLNHHmTcIL27QVMw+bPE=; h=From:To:Subject:Date:Message-Id:In-Reply-To:References:From; b=ca+KBrEG8nsiL5YzyEskA2UWOorpxGI1OiwNiCRrgjJ8/b1Gm9rmU/r+Gn2dJ6LFS AdXlKi4PD4Z5OOz6rELMnvm0XAbEcoaDJPXsIYIFdgsZ+kMk3q1c9dAvgbucPAcv5a MILW65qX+C2uX+z5oUxz3EY1WMJCFsJONKVYuaeE= Received: from localhost (localhost [127.0.0.1]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id D1A17128B0C3; Sun, 08 Dec 2024 13:35:25 -0500 (EST) Received: from bedivere.hansenpartnership.com ([127.0.0.1]) by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavis, port 10024) with ESMTP id MXR9ZRfW9bvX; Sun, 8 Dec 2024 13:35:25 -0500 (EST) Received: from lingrow.int.hansenpartnership.com (unknown [153.66.160.227]) by bedivere.hansenpartnership.com (Postfix) with ESMTP id 50F0B128B0C1; Sun, 08 Dec 2024 13:35:25 -0500 (EST) From: James Bottomley To: linux-efi@vger.kernel.org Cc: Jeremy Kerr , Ard Biesheuvel Subject: [PATCH 3/3] efivarfs: fix incorrect variable creation Date: Sun, 8 Dec 2024 13:34:15 -0500 Message-Id: <20241208183415.21181-4-James.Bottomley@HansenPartnership.com> X-Mailer: git-send-email 2.35.3 In-Reply-To: <20241208183415.21181-1-James.Bottomley@HansenPartnership.com> References: <20241208183415.21181-1-James.Bottomley@HansenPartnership.com> Precedence: bulk X-Mailing-List: linux-efi@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 If an EFI variable is created by an open and write but returns an error in set_variable, it isn't removed but hangs around in efivarfs with invalid inode attributes. This happens because the entry is created in efivarfs_create but the EFI set_variable problem isn't discovered until efivarfs_file_write(). Fix by having set_variable failure in efivarfs_file_write() check if the variable existed before or is newly created and remove it again on the latter. The signal for a newly created variable is that var.Attributes is empty. This cannot happen for a real variable because one of the flags in EFI_VARIABLE_MASK must be set. Signed-off-by: James Bottomley --- fs/efivarfs/file.c | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/fs/efivarfs/file.c b/fs/efivarfs/file.c index 41b2f5a7239c..5ef88c577e03 100644 --- a/fs/efivarfs/file.c +++ b/fs/efivarfs/file.c @@ -23,18 +23,23 @@ static ssize_t efivarfs_file_write(struct file *file, ssize_t bytes; bool set = false; + bytes = -EINVAL; if (count < sizeof(attributes)) - return -EINVAL; + goto err; + bytes = -EFAULT; if (copy_from_user(&attributes, userbuf, sizeof(attributes))) - return -EFAULT; + goto err; + bytes = -EINVAL; if (attributes & ~(EFI_VARIABLE_MASK)) - return -EINVAL; + goto err; data = memdup_user(userbuf + sizeof(attributes), datasize); - if (IS_ERR(data)) - return PTR_ERR(data); + if (IS_ERR(data)) { + bytes = PTR_ERR(data); + goto err; + } bytes = efivar_entry_set_get_size(var, attributes, &datasize, data, &set); @@ -45,10 +50,7 @@ static ssize_t efivarfs_file_write(struct file *file, } if (bytes == -ENOENT) { - drop_nlink(inode); - d_delete(file->f_path.dentry); - dput(file->f_path.dentry); - kfree(var); + var->var.Attributes = 0; } else { inode_lock(inode); i_size_write(inode, datasize + sizeof(attributes)); @@ -60,6 +62,17 @@ static ssize_t efivarfs_file_write(struct file *file, out: kfree(data); +err: + if (var->var.Attributes == 0) { + /* + * variable got deleted or didn't exist before we + * tried to set it + */ + drop_nlink(inode); + d_delete(file->f_path.dentry); + dput(file->f_path.dentry); + kfree(var); + } return bytes; }