[PATCH 0/4] efi_loader: validate device path length in boot manager

Heinrich Schuchardt xypron.glpk at gmx.de
Sun Aug 23 11:26:22 CEST 2020


Bootxxxx variables are provided by the user and therefore cannot be
trusted. We have to validate them before usage.

A device path provided by a Bootxxxx variable must have an end node within
the indicated device path length.

* Provide function efi_dp_check_length() to check the length of device
  paths.
* Provide a unit test of the function.
* Use the function in the boot manager to check device paths.

Heinrich Schuchardt (4):
  include: kernel.h: define SSIZE_MAX
  efi_loader: efi_dp_check_length()
  test: unit test for efi_dp_check_length()
  efi_loader: validate device path length in boot manager

 include/efi_loader.h             |  2 ++
 include/linux/kernel.h           |  3 ++
 lib/efi_loader/efi_bootmgr.c     |  6 ++--
 lib/efi_loader/efi_device_path.c | 33 +++++++++++++++++++++
 test/lib/Makefile                |  1 +
 test/lib/efi_device_path.c       | 50 ++++++++++++++++++++++++++++++++
 6 files changed, 91 insertions(+), 4 deletions(-)
 create mode 100644 test/lib/efi_device_path.c

--
2.28.0



More information about the U-Boot mailing list