From: Greg Kroah-Hartman Date: Fri, 29 Mar 2024 13:17:59 +0000 (+0100) Subject: 4.19-stable patches X-Git-Tag: v6.7.12~145 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c3672123cc4e2c21c4574057422092ba5c997aa1;p=thirdparty%2Fkernel%2Fstable-queue.git 4.19-stable patches added patches: efivarfs-request-at-most-512-bytes-for-variable-names.patch --- diff --git a/queue-4.19/efivarfs-request-at-most-512-bytes-for-variable-names.patch b/queue-4.19/efivarfs-request-at-most-512-bytes-for-variable-names.patch new file mode 100644 index 00000000000..e994b1abedd --- /dev/null +++ b/queue-4.19/efivarfs-request-at-most-512-bytes-for-variable-names.patch @@ -0,0 +1,76 @@ +From f45812cc23fb74bef62d4eb8a69fe7218f4b9f2a Mon Sep 17 00:00:00 2001 +From: Tim Schumacher +Date: Fri, 26 Jan 2024 17:25:23 +0100 +Subject: efivarfs: Request at most 512 bytes for variable names + +From: Tim Schumacher + +commit f45812cc23fb74bef62d4eb8a69fe7218f4b9f2a upstream. + +Work around a quirk in a few old (2011-ish) UEFI implementations, where +a call to `GetNextVariableName` with a buffer size larger than 512 bytes +will always return EFI_INVALID_PARAMETER. + +There is some lore around EFI variable names being up to 1024 bytes in +size, but this has no basis in the UEFI specification, and the upper +bounds are typically platform specific, and apply to the entire variable +(name plus payload). + +Given that Linux does not permit creating files with names longer than +NAME_MAX (255) bytes, 512 bytes (== 256 UTF-16 characters) is a +reasonable limit. + +Cc: # 6.1+ +Signed-off-by: Tim Schumacher +Signed-off-by: Ard Biesheuvel +[timschumi@gmx.de: adjusted diff for changed context and code move] +Signed-off-by: Tim Schumacher +Signed-off-by: Greg Kroah-Hartman +--- + drivers/firmware/efi/vars.c | 17 +++++++++++------ + 1 file changed, 11 insertions(+), 6 deletions(-) + +--- a/drivers/firmware/efi/vars.c ++++ b/drivers/firmware/efi/vars.c +@@ -440,7 +440,7 @@ int efivar_init(int (*func)(efi_char16_t + void *data, bool duplicates, struct list_head *head) + { + const struct efivar_operations *ops; +- unsigned long variable_name_size = 1024; ++ unsigned long variable_name_size = 512; + efi_char16_t *variable_name; + efi_status_t status; + efi_guid_t vendor_guid; +@@ -463,12 +463,13 @@ int efivar_init(int (*func)(efi_char16_t + } + + /* +- * Per EFI spec, the maximum storage allocated for both +- * the variable name and variable data is 1024 bytes. ++ * A small set of old UEFI implementations reject sizes ++ * above a certain threshold, the lowest seen in the wild ++ * is 512. + */ + + do { +- variable_name_size = 1024; ++ variable_name_size = 512; + + status = ops->get_next_variable(&variable_name_size, + variable_name, +@@ -512,9 +513,13 @@ int efivar_init(int (*func)(efi_char16_t + break; + case EFI_NOT_FOUND: + break; ++ case EFI_BUFFER_TOO_SMALL: ++ pr_warn("efivars: Variable name size exceeds maximum (%lu > 512)\n", ++ variable_name_size); ++ status = EFI_NOT_FOUND; ++ break; + default: +- printk(KERN_WARNING "efivars: get_next_variable: status=%lx\n", +- status); ++ pr_warn("efivars: get_next_variable: status=%lx\n", status); + status = EFI_NOT_FOUND; + break; + } diff --git a/queue-4.19/series b/queue-4.19/series index 001c8f60dc1..d38eed6da16 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -86,6 +86,7 @@ loop-factor-out-setting-loop-device-size.patch loop-refactor-loop_set_status-size-calculation.patch loop-properly-observe-rotational-flag-of-underlying-device.patch perf-core-fix-reentry-problem-in-perf_output_read_group.patch +efivarfs-request-at-most-512-bytes-for-variable-names.patch loop-factor-out-configuring-loop-from-status.patch loop-check-for-overflow-while-configuring-loop.patch loop-loop_set_status_from_info-check-before-assignment.patch