From patchwork Wed Jun 30 05:51:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masami Hiramatsu X-Patchwork-Id: 468682 Delivered-To: patch@linaro.org Received: by 2002:a02:c94a:0:0:0:0:0 with SMTP id u10csp25978jao; Tue, 29 Jun 2021 22:51:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyiEEI/zb+1Q6aQ/z2+6rfUKKARmx3UQz9uxh2/ROrKQBbB+zWyzibZwoF2YSKU1R4BzC2I X-Received: by 2002:aa7:c70d:: with SMTP id i13mr44765299edq.249.1625032315940; Tue, 29 Jun 2021 22:51:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1625032315; cv=none; d=google.com; s=arc-20160816; b=n9zrykQaYs/PKN1xkRrI33rWCR79pgQ0uukSf5cInRG5TMwKR+3a8uK2AngHZrUebB MJR9TYZZBdBCytPdAXQY3cAdpywtLpzL7cmWwfiBI2EQqCBd9sprew8CPZg2/b5BC8rZ nyohb5QFnHXq897TuM17ZNhnDmVGe/wmIEEBHpNaRCeVTd6kMoeFsomsP0j5cPJ9GiDv nh5jYx6jKfnSpGrkBsn/zXdGWm/1PjiA9dmt1WYZnJFuDRcT0LW4ivkGfnN/Z7sLzvO6 oqgkKfgKvBcjlufWeOAeSI9nmzLl7uYI2AQMsOYKL9PrN1aF0teqZ/MfAohJY8aLRwSS 5tqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:user-agent:message-id:date:subject:cc:to:from :dkim-signature; bh=pcmmMqAzkp/ecZOY0i9xpAiUY/gKz9mm9eH7ZQNDiTA=; b=qQ9+hJ5NVIbzQ8r060q2GqvX4NFiSUogY04ghI4tQWCbo4w9dGxLF0K0Xc9pDihc/x lz3wo4EOfLJTrPoAA6nonnaYKnYXgFVvNI83S4Xd3UzLLKooSHYIre00DvQ9XASn75HT 51TI9qZI1tBla5BZ5dy5Ydo6bA0tS52cNiqIM58Jb635kJliKEqG7Y3aps5GfqgPRIlB D7kMIDev3ug+DaM/+RYG6HrbUS5QL28wKQ16x+J8CDKLimTsmrVzUFrVOhHruREhOqkm 0pahp8/UvW0d43w/WQgxAbc89JvXc+cMYEkusKyRgMdq7nRbA/ufw5yw5jjuw9c4Sj29 1EUw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="f/3hYIH6"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id 12si19279980ejh.440.2021.06.29.22.51.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 29 Jun 2021 22:51:55 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="f/3hYIH6"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 63A56831FD; Wed, 30 Jun 2021 07:51:53 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="f/3hYIH6"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id A82D383204; Wed, 30 Jun 2021 07:51:52 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id D905182E55 for ; Wed, 30 Jun 2021 07:51:49 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masami.hiramatsu@linaro.org Received: by mail-pg1-x529.google.com with SMTP id w15so1121694pgk.13 for ; Tue, 29 Jun 2021 22:51:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:user-agent:mime-version :content-transfer-encoding; bh=pcmmMqAzkp/ecZOY0i9xpAiUY/gKz9mm9eH7ZQNDiTA=; b=f/3hYIH65wqi7RldfXCjS62jWLg3KDkweNzMedXdWU7NebF2zRz5cWoCsmBFY9d4yG I/KxGHqv+3lxQA4/aCzHDoNRJ/mheWnFpDoKFLDIK8BYszH1Jqmx3dupygSI7jTeF2LY +ygjJUQf6WAApn3EdEYQVl12R3o9C0hrw6/6wgpfoFt7+myTuxB8msleKCKSzkd3hVUb UDTz1W5mBUk2PRE3VTlWD9wFtftoKWbsp/OGr2F/rBWTMFtxlBCdBg3/SJXbS+weNZXZ ay1zmgIvpb/Qrkub1yQx2atb5F/mos+WhUsQWwJZKMed0NLmUpGertpBJ2UCWHtAWVxU 2jQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:user-agent :mime-version:content-transfer-encoding; bh=pcmmMqAzkp/ecZOY0i9xpAiUY/gKz9mm9eH7ZQNDiTA=; b=TrJpay+LYQcNLfa0N8U7aZDq1gVsNE73VIp/YqruKw4VkMAYvasO6yfwHescXBjyPY 82mnPgjOsNM37jHLIKG2CpZuzxXJ1xHBh7BhsqQ6zpPcNLwSpBz9BOJyB6idsodUUpAF wVZVQ/NKzGZU5E5PSrdpJy47IrwnUqO5zWbXBFq7GskhgjGdDfxZMopYJZVmz5+1Sc45 YZQr0JJ+TsocrgHYeyMD1C4r9S4Yst3kBN4z65wvI8C5SZ4wZ0CAu5wgMquJsXHyloT+ 9veWlIhpuV3gXDhO1XljcxnoypLoKygiCql1RoVj5/+a3uXLg+HRRkQ6oFZTu7sRiqgD dOsQ== X-Gm-Message-State: AOAM530O70Lpr6O9WLj4UtcFCmLPXtG0Q6ZaBzDuQAEvpssZ29ZxHsJ+ 1MJVn62WDLhGnNOzdltZ1Wi7mbWjlcH6ky83 X-Received: by 2002:aa7:8509:0:b029:2e5:8cfe:bc17 with SMTP id v9-20020aa785090000b02902e58cfebc17mr34194671pfn.2.1625032307735; Tue, 29 Jun 2021 22:51:47 -0700 (PDT) Received: from localhost.localdomain (122x208x150x49.ap122.ftth.ucom.ne.jp. [122.208.150.49]) by smtp.gmail.com with ESMTPSA id o15sm21056507pfd.96.2021.06.29.22.51.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 29 Jun 2021 22:51:47 -0700 (PDT) From: Masami Hiramatsu To: u-boot@lists.denx.de Cc: Kazuhiko Sakamoto , Alexander Graf , Ilias Apalodimas , =?utf-8?q?Vincent_Ste?= =?utf-8?q?hl=C3=A9?= , Grant Likely , Heinrich Schuchardt Subject: [PATCH] efi_loader: Improve the parameter check for QueryVariableInfo() Date: Wed, 30 Jun 2021 14:51:44 +0900 Message-Id: <162503230398.71097.12252874424030046803.stgit@localhost> X-Mailer: git-send-email 2.25.1 User-Agent: StGit/0.19 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Improve efi_query_variable_info() to check the parameter settings and return correct error code according to the UEFI spec 2.9. Signed-off-by: Masami Hiramatsu Reported-by: Kazuhiko Sakamoto --- lib/efi_loader/efi_var_common.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/lib/efi_loader/efi_var_common.c b/lib/efi_loader/efi_var_common.c index 83479dd142..62aa7f970c 100644 --- a/lib/efi_loader/efi_var_common.c +++ b/lib/efi_loader/efi_var_common.c @@ -163,10 +163,28 @@ efi_status_t EFIAPI efi_query_variable_info( EFI_ENTRY("%x %p %p %p", attributes, maximum_variable_storage_size, remaining_variable_storage_size, maximum_variable_size); - ret = efi_query_variable_info_int(attributes, + if (attributes == 0 || maximum_variable_storage_size == NULL || + remaining_variable_storage_size == NULL || + maximum_variable_size == NULL) + return EFI_EXIT(EFI_INVALID_PARAMETER); + + if ((attributes & ~(u32)EFI_VARIABLE_MASK) || + (attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) || + (!IS_ENABLED(CONFIG_EFI_SECURE_BOOT) && + (attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS))) { + ret = EFI_UNSUPPORTED; + } else if ((attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) { + /* Runtime accessible variable must also be accessible in bootservices */ + ret = EFI_INVALID_PARAMETER; + } else if ((attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { + /* HW error occurs only on non-volatile variables */ + ret = EFI_INVALID_PARAMETER; + } else { + ret = efi_query_variable_info_int(attributes, maximum_variable_storage_size, remaining_variable_storage_size, maximum_variable_size); + } return EFI_EXIT(ret); }