未验证 提交 ea3ee0df 编写于 作者: O openeuler-ci-bot 提交者: Gitee

!1194 fix memleak with efi_fake_mem

Merge Pull Request from: @ci-robot 
 
PR sync from: Wupeng Ma <mawupeng1@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/JDE2LDXAOHQR2RGYUMOGCZOLNJGVO7EW/ 
From: Ma Wupeng <mawupeng1@huawei.com>

1. fix memleak with efi_fake_mem
2. disable efi_fake_mem support by default for arm64

Ma Wupeng (2):
  efi: Fix UAF for arm64 when enable efi_fake_mem
  config: Disable EFI_FAKE_MEMMAP support for arm64 by default


-- 
2.25.1
 
 
Link:https://gitee.com/openeuler/kernel/pulls/1194 

Reviewed-by: Kefeng Wang <wangkefeng.wang@huawei.com> 
Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com> 
......@@ -657,8 +657,7 @@ CONFIG_FW_CFG_SYSFS=y
CONFIG_EFI_ESRT=y
CONFIG_EFI_VARS_PSTORE=y
CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE=y
CONFIG_EFI_FAKE_MEMMAP=y
CONFIG_EFI_MAX_FAKE_MEM=8
# CONFIG_EFI_FAKE_MEMMAP is not set
CONFIG_EFI_SOFT_RESERVE=y
CONFIG_EFI_PARAMS_FROM_FDT=y
CONFIG_EFI_RUNTIME_WRAPPERS=y
......
......@@ -61,6 +61,19 @@ static void __init efi_fake_range(struct efi_mem_range *efi_range)
/* swap into new EFI memmap */
early_memunmap(new_memmap, data.size);
#ifdef CONFIG_ARM64
/*
* Efi fake mem support for arm64 is introduced for debug propose
* only. However efi_memmap_init_late in arm_enable_runtime_services
* will free this memory which will lead to UAF on efi.memmap.map.
*
* In order to slove this, clear efi.memmap.flags to skip free.
* Since efi map is never freed in arm64, this will not lead to
* memroy leak.
*/
data.flags &= ~(EFI_MEMMAP_SLAB | EFI_MEMMAP_MEMBLOCK);
#endif
efi_memmap_install(&data);
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册