[PATCH] efi_runtime: ensure we don't allocate a zero byte buffer (LP: #1429890)
Ricardo Neri
ricardo.neri-calderon at linux.intel.com
Tue Mar 17 19:49:53 UTC 2015
On Mon, 2015-03-16 at 11:14 +0000, Colin Ian King wrote:
> On 11/03/15 22:11, Ricardo Neri wrote:
> > On Wed, 2015-03-11 at 19:44 +0000, Colin Ian King wrote:
> >> To clarify, which approach are you referring to?
> >>
> >> 1) ZERO_SIZE_PTR being replaced to a NULL or
> >
> > I would suggest that efi_runtime could make dst = NULL if len = 0, no
> > need to call kmalloc. Hopefully, true NULL cases are handled correctly
> > in efi.get_next_variable and we should be able to see how the firmware
> > handles it.
>
> I've checked a handful of implementations on x86 and aarch64, and a NULL
> causes the service to return EFI_INVALID_PARAMETER, which is to be
> expected since it is an invalid parameter. In this case, we are now
> testing the name == NULL validation of the service rather than the len
> == 0 validation. And doing so means we have changed the semantics of
> the original test, as it expects EFI_BUFFER_TOO_SMALL to be returned.
Right. The original test getnextvariable_test4 from the userspace did
have a valid buffer but passes a size=0 with the intention of testing
the behavior of the firmware. This is the only case in which the actual
size of the userspace buffer is different from VariableNameSize. But
efi_runtime does not not know the difference and allocates a zero-size
buffer and we lose the intention of the test. Your v3 patch cleverly
solves the situation :).
More information about the fwts-devel
mailing list