From patchwork Fri Mar 24 13:24:07 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 9642809 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 4A7CE601E9 for ; Fri, 24 Mar 2017 13:24:44 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3976927E5A for ; Fri, 24 Mar 2017 13:24:44 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2DF6A27F81; Fri, 24 Mar 2017 13:24:44 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 5427027E5A for ; Fri, 24 Mar 2017 13:24:43 +0000 (UTC) Received: (qmail 19525 invoked by uid 550); 24 Mar 2017 13:24:41 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 17912 invoked from network); 24 Mar 2017 13:24:32 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=ff4hQUtQmqYHUaLpVoZ9JEJ65lK1TiqAHW+FNJv26tA=; b=YX0YdgpM2s2V63l4UNRz7PpnJc0/k7yca3tZUytQInDmTsWyzrevrfy4mwh/x3BL8B UIhVk6wwxdKcPP8Iz90cWjHwPgfJ/IYZteQZd5yQGkwWlN1xH6BvX6jEtQ5a2BmKYGoZ LEbQVOzg6q+QeyblvWmWvI8GEmMcgb0b6yd9s= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=ff4hQUtQmqYHUaLpVoZ9JEJ65lK1TiqAHW+FNJv26tA=; b=CjvY64qSS+/PkOY+DDCyj+cA1RLXxo1AYSoHZhDiOdCA/bwlwH62cOefQWtNtmlYX2 1aZWGBKtsoADwaAXyJ0agrPItlEtdm8HOTceY/Mpy/u3SxQMRUeDQWB9ankWQ6UBdIOL eh8267nWiwMnYHvgi9xxcgMuytkmieSaZTEgLRsaVpwTxFZyZTuG0qMKqW67s4TDnfQT NijZDFTcIPTdy+0d/QenPxDCs5FShfSCLqTerqY0A/P6gv9HjsG3Cli4qQ3bLBbKcQXE LTm7uqNQvTHx7JNd3hPcu60zSM1dTveJKk5VohizrvgY1Us9fSdAW+0sfuzFyaaqqgis MeSA== X-Gm-Message-State: AFeK/H3DDAFPn38ST6WFnYiT12j3iiu00uzX4jhgddw9a/YBo0zfOhL/PnYugZMutRzYvvZM X-Received: by 10.28.173.193 with SMTP id w184mr3188956wme.106.1490361861392; Fri, 24 Mar 2017 06:24:21 -0700 (PDT) From: Ard Biesheuvel To: linux-efi@vger.kernel.org Cc: linux-arm-kernel@lists.infradead.org, matt@codeblueprint.co.uk, leif.lindholm@linaro.org, rfranz@cavium.com, mingo@kernel.org, bp@alien8.de, mark.rutland@arm.com, kernel-hardening@lists.openwall.com, Ard Biesheuvel Date: Fri, 24 Mar 2017 13:24:07 +0000 Message-Id: <20170324132410.16628-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.9.3 In-Reply-To: <20170324132410.16628-1-ard.biesheuvel@linaro.org> References: <20170324132410.16628-1-ard.biesheuvel@linaro.org> Subject: [kernel-hardening] [PATCH 1/4] efi/libstub: fix harmless command line parsing bug X-Virus-Scanned: ClamAV using ClamSMTP When we parse the 'efi=' command line parameter in the stub, we fail to take spaces into account. Currently, the only way this could result in unexpected behavior is when the string 'nochunk' appears as a separate command line argument after 'efi=xxx,yyy,zzz ', so this is harmless in practice. But let's fix it nonetheless. Cc: Matt Fleming Signed-off-by: Ard Biesheuvel --- drivers/firmware/efi/libstub/efi-stub-helper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/firmware/efi/libstub/efi-stub-helper.c b/drivers/firmware/efi/libstub/efi-stub-helper.c index 919822b7773d..3290fae0b38f 100644 --- a/drivers/firmware/efi/libstub/efi-stub-helper.c +++ b/drivers/firmware/efi/libstub/efi-stub-helper.c @@ -436,14 +436,14 @@ efi_status_t efi_parse_options(char *cmdline) * Remember, because efi= is also used by the kernel we need to * skip over arguments we don't understand. */ - while (*str) { + while (*str && *str != ' ') { if (!strncmp(str, "nochunk", 7)) { str += strlen("nochunk"); __chunk_size = -1UL; } /* Group words together, delimited by "," */ - while (*str && *str != ',') + while (*str && *str != ' ' && *str != ',') str++; if (*str == ',')