From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 16 Mar 2020 15:58:26 +0000 (+0100)
Subject: 4.9-stable patches
X-Git-Tag: v4.19.111~9
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=00c541ed96746a88928cb8b17fd150a675425eef;p=thirdparty%2Fkernel%2Fstable-queue.git

4.9-stable patches

added patches:
	efi-add-a-sanity-check-to-efivar_store_raw.patch
---

diff --git a/queue-4.9/efi-add-a-sanity-check-to-efivar_store_raw.patch b/queue-4.9/efi-add-a-sanity-check-to-efivar_store_raw.patch
new file mode 100644
index 00000000000..41d36ec91e1
--- /dev/null
+++ b/queue-4.9/efi-add-a-sanity-check-to-efivar_store_raw.patch
@@ -0,0 +1,37 @@
+From d6c066fda90d578aacdf19771a027ed484a79825 Mon Sep 17 00:00:00 2001
+From: Vladis Dronov <vdronov@redhat.com>
+Date: Sun, 8 Mar 2020 09:08:55 +0100
+Subject: efi: Add a sanity check to efivar_store_raw()
+
+From: Vladis Dronov <vdronov@redhat.com>
+
+commit d6c066fda90d578aacdf19771a027ed484a79825 upstream.
+
+Add a sanity check to efivar_store_raw() the same way
+efivar_{attr,size,data}_read() and efivar_show_raw() have it.
+
+Signed-off-by: Vladis Dronov <vdronov@redhat.com>
+Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
+Signed-off-by: Ingo Molnar <mingo@kernel.org>
+Cc: <stable@vger.kernel.org>
+Link: https://lore.kernel.org/r/20200305084041.24053-3-vdronov@redhat.com
+Link: https://lore.kernel.org/r/20200308080859.21568-25-ardb@kernel.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+---
+ drivers/firmware/efi/efivars.c |    3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/drivers/firmware/efi/efivars.c
++++ b/drivers/firmware/efi/efivars.c
+@@ -272,6 +272,9 @@ efivar_store_raw(struct efivar_entry *en
+ 	u8 *data;
+ 	int err;
+ 
++	if (!entry || !buf)
++		return -EINVAL;
++
+ 	if (is_compat()) {
+ 		struct compat_efi_variable *compat;
+ 
diff --git a/queue-4.9/series b/queue-4.9/series
index 47a058093d9..56243115131 100644
--- a/queue-4.9/series
+++ b/queue-4.9/series
@@ -48,3 +48,4 @@ mwifiex-fix-heap-overflow-in-mmwifiex_process_tdls_action_frame.patch
 iommu-vt-d-fix-the-wrong-printing-in-rhsa-parsing.patch
 iommu-vt-d-ignore-devices-with-out-of-spec-domain-number.patch
 ipv6-restrict-ipv6_addrform-operation.patch
+efi-add-a-sanity-check-to-efivar_store_raw.patch