| Message ID | 20221216091514.6298-1-johan+linaro@kernel.org |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:e747:0:0:0:0:0 with SMTP id c7csp866277wrn;
Fri, 16 Dec 2022 01:39:19 -0800 (PST)
X-Google-Smtp-Source:
AA0mqf7k21ryuHPPQVKvJ63pQGejr/8tQJ4ldYYj34zJSGu52km6jR6d2v8Ebw2A1KWN+VhPcTZL
X-Received: by 2002:a05:6a20:958b:b0:a3:ca9a:ff82 with SMTP id
iu11-20020a056a20958b00b000a3ca9aff82mr42024365pzb.61.1671183559240;
Fri, 16 Dec 2022 01:39:19 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1671183559; cv=none;
d=google.com; s=arc-20160816;
b=ktd72x1CYdMueJnZzoJLClSVZqcuQJOO0ICBoiVRcynrfjOTYuMsSfievM4TY+QJlP
HplbRqFzIcAP81jGBqhsA+Wzt2s2TRiVgb850mCyO1ihbmg6DuwOgon3q3An7l0hvR34
gcCQ/lzWc0HzgiZeD0Q2jtdjYngQADz/RUgJw/K6SFNdtS+Rmo6RnUnDAmF0Pi/vy85i
ih0GAYt2EC6QouHIsZlkRtjCjl6qqFFJrh7FXwz4BunYhMGXUrxSZataIYN7CMt44cte
56+oGX2naPJh+BLY8paGZ9JQaPqvuoOeCjONMxC2OV+w+EKUSqZxRoD1DLxMPyh0O0MD
rz1A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=nA1HgAm2qVjlkyZ03/ymROJs0AjG3Y60d+MwNcPBH5g=;
b=Obzd+pR7S3kkRl4nY4X3uIwRBcjeNoFp4h2oBQJ5Wm5rOg08yJsfZkFfByHrQBQ70L
MxM4W6D5QCOZRpv+EguuXXdtnu5vJSaHvbgRgQA6TWyNDl3utPURrFwgxK2FdjwNJYwc
8hitIUxQzMpJNk+nij+FQDgZKkf55oqMi53QzYO1iyT5EB05biWUxq+r2j8tJr+O+Rt4
ut62A+nDOEGWkvLEe4kd1WvDDkCGI4R0OkCqm89lN/HjdMapHZ30RSFj2TmkBcCXFRP+
arJaeRIGgnAlehzDLaZ2eriv5e1xkyKMESBdds9GGAT/yrmdYlUGlUwrNwDYzVCND7iF
Kz+Q==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NluIm6tj;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
ea28-20020a056a004c1c00b0055fdb74973esi1713272pfb.140.2022.12.16.01.39.05;
Fri, 16 Dec 2022 01:39:19 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@kernel.org header.s=k20201202 header.b=NluIm6tj;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S230115AbiLPJQV (ORCPT <rfc822;jeantsuru.cumc.mandola@gmail.com>
+ 99 others); Fri, 16 Dec 2022 04:16:21 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55484 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S229453AbiLPJQT (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Fri, 16 Dec 2022 04:16:19 -0500
Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AEC6829CA5;
Fri, 16 Dec 2022 01:16:17 -0800 (PST)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by dfw.source.kernel.org (Postfix) with ESMTPS id 54B3761F58;
Fri, 16 Dec 2022 09:16:17 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id AE0FAC433EF;
Fri, 16 Dec 2022 09:16:16 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
s=k20201202; t=1671182176;
bh=LQ6WvU/8VYqSkymhRGk1M2D2cUZNcEEJNASg72U+chI=;
h=From:To:Cc:Subject:Date:From;
b=NluIm6tjLFbZNvYdy96AFVqdQT5NtNGdq5Mjn0NZ+eBB6pkCdPBtei86AVcdpIhMK
fTtzB6lZTDNJtYPtFOH0zT7Ci5CcHk1Kf49fX06LRh/PKaQx+yfkOY1vhy96ciR9wi
P7mN94QuOX2BowB5KiqrtXf6NTG+Rv0G8Ea/VtIjvVv253t2HPbd7CI2fCHsBtwvdG
VOs8+M0Fhxuh380DuclnDF0TNMiPuf2a8JyZ37tlbBI5c1wY40REqf+rLCXAqZRmeh
HwVpxo983Ap2Z2CbwaEejGHudCmXwoHykMVIr5fLPx5cTV9wDqDYT+RtEHJPVHopb7
FIWicAS0T5wag==
Received: from johan by xi.lan with local (Exim 4.94.2)
(envelope-from <johan+linaro@kernel.org>)
id 1p66pl-0001ei-IZ; Fri, 16 Dec 2022 10:16:50 +0100
From: Johan Hovold <johan+linaro@kernel.org>
To: Ard Biesheuvel <ardb@kernel.org>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>, linux-efi@vger.kernel.org,
linux-kernel@vger.kernel.org,
Johan Hovold <johan+linaro@kernel.org>,
Steev Klimaszewski <steev@kali.org>,
Bjorn Andersson <andersson@kernel.org>
Subject: [PATCH] efi: random: fix NULL-deref when refreshing seed
Date: Fri, 16 Dec 2022 10:15:14 +0100
Message-Id: <20221216091514.6298-1-johan+linaro@kernel.org>
X-Mailer: git-send-email 2.37.4
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1752362972116902960?=
X-GMAIL-MSGID: =?utf-8?q?1752362972116902960?=
|
| Series |
efi: random: fix NULL-deref when refreshing seed
|
|
Commit Message
Johan Hovold
Dec. 16, 2022, 9:15 a.m. UTC
Do not try to refresh the RNG seed in case the firmware does not support
setting variables.
This is specifically needed to prevent a NULL-pointer dereference on the
Lenovo X13s with some firmware revisions.
Fixes: e7b813b32a42 ("efi: random: refresh non-volatile random seed when RNG is initialized")
Reported-by: Steev Klimaszewski <steev@kali.org>
Reported-by: Bjorn Andersson <andersson@kernel.org>
Signed-off-by: Johan Hovold <johan+linaro@kernel.org>
---
drivers/firmware/efi/efi.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Comments
On Fri, Dec 16, 2022 at 10:15:14AM +0100, Johan Hovold wrote: > Do not try to refresh the RNG seed in case the firmware does not support > setting variables. > > This is specifically needed to prevent a NULL-pointer dereference on the > Lenovo X13s with some firmware revisions. > > Fixes: e7b813b32a42 ("efi: random: refresh non-volatile random seed when RNG is initialized") > Reported-by: Steev Klimaszewski <steev@kali.org> > Reported-by: Bjorn Andersson <andersson@kernel.org> > Signed-off-by: Johan Hovold <johan+linaro@kernel.org> Tested-by: Andrew Halaney <ahalaney@redhat.com> # sc8280xp-lenovo-thinkpad-x13s Thanks Johan, this fixes the boot issue I was blindly fighting yesterday. > --- > drivers/firmware/efi/efi.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c > index 2e168e5b97de..1a9e2f70c550 100644 > --- a/drivers/firmware/efi/efi.c > +++ b/drivers/firmware/efi/efi.c > @@ -432,7 +432,9 @@ static int __init efisubsys_init(void) > platform_device_register_simple("efi_secret", 0, NULL, 0); > #endif > > - execute_with_initialized_rng(&refresh_nv_rng_seed_nb); > + if (efi_rt_services_supported(EFI_RT_SUPPORTED_SET_VARIABLE)) > + execute_with_initialized_rng(&refresh_nv_rng_seed_nb); > + > return 0; > > err_remove_group: > -- > 2.37.4 >
On Fri, Dec 16, 2022 at 10:15:14AM +0100, Johan Hovold wrote: > Do not try to refresh the RNG seed in case the firmware does not support > setting variables. > > This is specifically needed to prevent a NULL-pointer dereference on the > Lenovo X13s with some firmware revisions. > > Fixes: e7b813b32a42 ("efi: random: refresh non-volatile random seed when RNG is initialized") > Reported-by: Steev Klimaszewski <steev@kali.org> > Reported-by: Bjorn Andersson <andersson@kernel.org> > Signed-off-by: Johan Hovold <johan+linaro@kernel.org> > --- Thanks very much for this, and sorry for the breakage. I'll try to get this in before rc1 is cut, as I've got some other changes scheduled for late in the merge window to send anyway. Jason
On Fri, Dec 16, 2022 at 12:39:56PM -0700, Jason A. Donenfeld wrote: > On Fri, Dec 16, 2022 at 10:15:14AM +0100, Johan Hovold wrote: > > Do not try to refresh the RNG seed in case the firmware does not support > > setting variables. > > > > This is specifically needed to prevent a NULL-pointer dereference on the > > Lenovo X13s with some firmware revisions. > > > > Fixes: e7b813b32a42 ("efi: random: refresh non-volatile random seed when RNG is initialized") > > Reported-by: Steev Klimaszewski <steev@kali.org> > > Reported-by: Bjorn Andersson <andersson@kernel.org> > > Signed-off-by: Johan Hovold <johan+linaro@kernel.org> > > --- > > Thanks very much for this, and sorry for the breakage. I'll try to get > this in before rc1 is cut, as I've got some other changes scheduled for > late in the merge window to send anyway. In case this one hasn't been picked up yet (it's not in linux-next), I just sent a v2 with an amended commit message with an explicit mention that as this is needed whenever the runtime services have been disabled (e.g. with PREEMPT_RT): https://lore.kernel.org/lkml/20221219101237.9872-1-johan+linaro@kernel.org/ Johan
diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index 2e168e5b97de..1a9e2f70c550 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -432,7 +432,9 @@ static int __init efisubsys_init(void) platform_device_register_simple("efi_secret", 0, NULL, 0); #endif - execute_with_initialized_rng(&refresh_nv_rng_seed_nb); + if (efi_rt_services_supported(EFI_RT_SUPPORTED_SET_VARIABLE)) + execute_with_initialized_rng(&refresh_nv_rng_seed_nb); + return 0; err_remove_group: