From patchwork Fri Nov 12 13:05:15 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masami Hiramatsu X-Patchwork-Id: 519128 Delivered-To: patch@linaro.org Received: by 2002:ac0:c605:0:0:0:0:0 with SMTP id p5csp1658667imj; Fri, 12 Nov 2021 05:05:29 -0800 (PST) X-Google-Smtp-Source: ABdhPJzYjSs8C79ZpHBZxmod1iAkxTOk+0/2soCzkXEt+Gu2xi3BV2Y4u2/0S00o0CIEKp3ONS9/ X-Received: by 2002:a17:907:9495:: with SMTP id dm21mr19432445ejc.478.1636722329707; Fri, 12 Nov 2021 05:05:29 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1636722329; cv=none; d=google.com; s=arc-20160816; b=UeT40Ip6oC0lVvYXfuD7zZtMxJbBXZ7FnFWM7JPJCKTCuLjasKms8j++XZ/56HnM6b UMwMtfFcVG/SHw6lFEqypA4ZKyRWYdrtGhdyqjCqPZHL1pTY4mHICgU48D/pdkN8F7lS dRo916dtjN55JCecyAGKz54CAOMTubB/GSdbZdgm90CDPLTZ6iX+ghMHobzRvzuPswVj 6awtniBPcVQi67mhVV1aJGi1T+1cOiurfhvZa0wb7KYN64dlOq9b5Cx76I9iNNJ6kyGD i6xWPtZsQgWrZrmN0Ocd4RRxq6QH+w5bsfLqumA37dijQgL9niPxX0PdIS8OKyNgBnUy 2cKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:user-agent:message-id:date:subject:cc:to:from :dkim-signature; bh=s9/H/EMMhW090AiiTeEuUG+BZQUZZb+LWX21k+dnkUM=; b=MJ/qcbdP2e1NtGubDhLkdlRtFuboISphgUvx0huOmSIcqdErXH3do1Uw+OPNpr+wpa cK0Tr2MynyjVRWJANyG99yAYdvuloijfnJh9gLT1cFENkNirYutDwktHl/zx7vNrcuSW xScON4yfoMG6lyeo2I35ezGNLP3rEvHxLcl5e8XuFF1RFfix+1KyILvzEREV0i/uVb/M h5uVlX29TeqZDClpOauDjT0XZZLpDo0kA8y1C9jsMtACe+a/0sLxLNmSSmLHqMvvwr8+ nTM3JnY+j8W6R0sug+bn3/6dr/FwiJCusE07bfUGIiyVXpBTMYupFqhXSVUZijkJpWUJ AwmA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=eJpPd7vX; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id dr15si16499894ejc.195.2021.11.12.05.05.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Nov 2021 05:05:29 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=eJpPd7vX; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id AF1CC82F93; Fri, 12 Nov 2021 14:05:25 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="eJpPd7vX"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 9399B82F98; Fri, 12 Nov 2021 14:05:24 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x534.google.com (mail-pg1-x534.google.com [IPv6:2607:f8b0:4864:20::534]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id EA16082DA1 for ; Fri, 12 Nov 2021 14:05:20 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masami.hiramatsu@linaro.org Received: by mail-pg1-x534.google.com with SMTP id m15so4072313pgu.11 for ; Fri, 12 Nov 2021 05:05:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:user-agent:mime-version :content-transfer-encoding; bh=s9/H/EMMhW090AiiTeEuUG+BZQUZZb+LWX21k+dnkUM=; b=eJpPd7vXQahrZKg9lsEwvhVC5Mi+iB+A4ouSkNkuEbwb3ondfN+fxc8nvS15JV0Ti4 h+KtTY3uKWqcv16iLWOUo7Xf+6LGaPjEtRL/LJAVC+mmn7NLeBkezVH0SoAtgBCi2zRz DrKFCSC145lJnVPKLCxlVLe9CVShPrxS5SlkspfAsaxZ93xQMz/TCvdc/+yF673+jxsX TQpQTLo56hjlKkZnyxKaDlhLHIrnxhuh6f9tBdWtC9HuCoF4rgiKWrDpR5w5Q0KEP5DQ icPyfPCw2gtQMou82/KN0GbMGDycwtDX9PI/uvsEunH4QHXrqaXiXwwvPdSegqXZ/k7K p2yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:user-agent :mime-version:content-transfer-encoding; bh=s9/H/EMMhW090AiiTeEuUG+BZQUZZb+LWX21k+dnkUM=; b=0qGJISBSLTRpk/OkEz4IOafUytgUCA4Vvv0EMPCXMFRhkUncdbULx8JQyPVe1AnTDh aiTP8J6gejnLi4WK4s+A/73gLk7PuBpzhJIu4iIorNwmNXWtEbMJs7cL2p4SMJO8bnHW HHv+9ng0VV5emLfKqCtKiqOZdJnl6EqnWtP8UFoT3DDvoDWBmYJ6/pcGlmjBN0kzVAiD insOpIelfvsLGICykgYP/ddKg2E7BY5MVWyNJHn1zwy22bJcPjtp9WFETsoziwjF8ksa pThre2QJrLCOhzNY5ghOv3HQKUv8cWcTK87W6ty7yioqPdFzHPq5sN2rN5SBqEJ8YTuW lhqA== X-Gm-Message-State: AOAM532bSKsnKxphpY/XY0BpG9tQPHDBTZAgHQ2FtO2ju0JQVJwNE2CQ Au0PjmS9GDxq9itOMMcEXM0XwQ== X-Received: by 2002:a63:88c8:: with SMTP id l191mr9827527pgd.369.1636722318844; Fri, 12 Nov 2021 05:05:18 -0800 (PST) Received: from localhost.localdomain (122x208x150x49.ap122.ftth.ucom.ne.jp. [122.208.150.49]) by smtp.gmail.com with ESMTPSA id v16sm4973620pgo.71.2021.11.12.05.05.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Nov 2021 05:05:18 -0800 (PST) From: Masami Hiramatsu To: Heinrich Schuchardt , Takahiro Akashi Cc: Masami Hiramatsu , Jassi Brar , Ilias Apalodimas , Masahisa Kojima , u-boot@lists.denx.de Subject: [PATCH] efi_loader: capsule: Record capsule result only if capsule is read Date: Fri, 12 Nov 2021 22:05:15 +0900 Message-Id: <163672231514.111863.5335945815077457121.stgit@localhost> X-Mailer: git-send-email 2.25.1 User-Agent: StGit/0.19 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.35 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Record capsule update result only if the capsule file is successfully read, because the capsule GUID is not sure when the file can not be read or the file is not a capsule. Without this fix, if user puts a dummy (non-capsule) file under (ESP)EFI/UpdateCapsule, U-Boot causes a synchronous abort. This also fixes use-after-free bug of the 'capsule' variable. Fixes: c74cd8bd08d1 ("efi_loader: capsule: add capsule_on_disk support") Signed-off-by: Masami Hiramatsu Reviewed-by: Ilias Apalodimas --- lib/efi_loader/efi_capsule.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index 850937fd12..502bcfca6e 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -1108,13 +1108,13 @@ efi_status_t efi_launch_capsules(void) log_err("Applying capsule %ls failed\n", files[i]); + /* create CapsuleXXXX */ + set_capsule_result(index, capsule, ret); + free(capsule); } else { log_err("Reading capsule %ls failed\n", files[i]); } - /* create CapsuleXXXX */ - set_capsule_result(index, capsule, ret); - /* delete a capsule either in case of success or failure */ ret = efi_capsule_delete_file(files[i]); if (ret != EFI_SUCCESS)