Commit 354ad5e4 authored by Ben Hutchings's avatar Ben Hutchings Committed by Greg Kroah-Hartman

x86/efi: Fix dummy variable buffer allocation

commit b8cb62f8 upstream.

1. Check for allocation failure
2. Clear the buffer contents, as they may actually be written to flash
3. Don't leak the buffer

Compile-tested only.

[ Tested successfully on my buggy ASUS machine - Matt ]
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
Cc: Rui Xiang <rui.xiang@huawei.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent f4f009b0
...@@ -1020,7 +1020,10 @@ efi_status_t efi_query_variable_store(u32 attributes, unsigned long size) ...@@ -1020,7 +1020,10 @@ efi_status_t efi_query_variable_store(u32 attributes, unsigned long size)
* that by attempting to use more space than is available. * that by attempting to use more space than is available.
*/ */
unsigned long dummy_size = remaining_size + 1024; unsigned long dummy_size = remaining_size + 1024;
void *dummy = kmalloc(dummy_size, GFP_ATOMIC); void *dummy = kzalloc(dummy_size, GFP_ATOMIC);
if (!dummy)
return EFI_OUT_OF_RESOURCES;
status = efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID, status = efi.set_variable(efi_dummy_name, &EFI_DUMMY_GUID,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_NON_VOLATILE |
...@@ -1040,6 +1043,8 @@ efi_status_t efi_query_variable_store(u32 attributes, unsigned long size) ...@@ -1040,6 +1043,8 @@ efi_status_t efi_query_variable_store(u32 attributes, unsigned long size)
0, dummy); 0, dummy);
} }
kfree(dummy);
/* /*
* The runtime code may now have triggered a garbage collection * The runtime code may now have triggered a garbage collection
* run, so check the variable info again * run, so check the variable info again
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment