[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Ping: [PATCH] EFI: adjust cfg file buffer freeing

  • To: Jan Beulich <jbeulich@xxxxxxxx>, Marek Marczykowski <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
  • From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 5 May 2026 16:39:23 -0400
  • Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1778013568; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; bh=KOuaFhoFvTlT5kNzqoeorQp/xZ922AkKTe5UI5FSTls=; b=Wp6VG+dGY5y7YDr8fs31QaSzxoxv0B7+8hcG7KhdG3yjiJXTxhDt4tSiUJs0WvlYhK7yrIkfW2PzKDOx8w+bVeQ1iJuYam3zywX2i087td8Ux8+ljrobpJeY0IniCbvgVRpbmPXlQTjs0FmNhge0VspnjiQEgYxRDMd+epnF9Rw=
  • Arc-seal: i=1; a=rsa-sha256; t=1778013568; cv=none; d=zohomail.com; s=zohoarc; b=fdvo+7ThLN5jMZJStd9qYcScfM3HotMoTGfOsksKBK57IamhYTHwIU+JJB7od9l84jV1jIJdeDS+3LYoDiGgWQc3/UaIuSMVuwZLgX+pOpIcEImCcbOigakt87KCUqalnhlefeWiOR7rFOKp4WxukwivKkj73Rhecuq5ZjwOMFI=
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=zoho header.d=apertussolutions.com header.i="dpsmith@xxxxxxxxxxxxxxxxxxxx" header.h="Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Content-Type:Content-Transfer-Encoding"
  • Autocrypt: addr=dpsmith@xxxxxxxxxxxxxxxxxxxx; keydata= xsJuBFYrueARCACPWL3r2bCSI6TrkIE/aRzj4ksFYPzLkJbWLZGBRlv7HQLvs6i/K4y/b4fs JDq5eL4e9BdfdnZm/b+K+Gweyc0Px2poDWwKVTFFRgxKWq9R7McwNnvuZ4nyXJBVn7PTEn/Z G7D08iZg94ZsnUdeXfgYdJrqmdiWA6iX9u84ARHUtb0K4r5WpLUMcQ8PVmnv1vVrs/3Wy/Rb foxebZNWxgUiSx+d02e3Ad0aEIur1SYXXv71mqKwyi/40CBSHq2jk9eF6zmEhaoFi5+MMMgX X0i+fcBkvmT0N88W4yCtHhHQds+RDbTPLGm8NBVJb7R5zbJmuQX7ADBVuNYIU8hx3dF3AQCm 601w0oZJ0jGOV1vXQgHqZYJGHg5wuImhzhZJCRESIwf+PJxik7TJOgBicko1hUVOxJBZxoe0 x+/SO6tn+s8wKlR1Yxy8gYN9ZRqV2I83JsWZbBXMG1kLzV0SAfk/wq0PAppA1VzrQ3JqXg7T MZ3tFgxvxkYqUP11tO2vrgys+InkZAfjBVMjqXWHokyQPpihUaW0a8mr40w9Qui6DoJj7+Gg DtDWDZ7Zcn2hoyrypuht88rUuh1JuGYD434Q6qwQjUDlY+4lgrUxKdMD8R7JJWt38MNlTWvy rMVscvZUNc7gxcmnFUn41NPSKqzp4DDRbmf37Iz/fL7i01y7IGFTXaYaF3nEACyIUTr/xxi+ MD1FVtEtJncZNkRn7WBcVFGKMAf+NEeaeQdGYQ6mGgk++i/vJZxkrC/a9ZXme7BhWRP485U5 sXpFoGjdpMn4VlC7TFk2qsnJi3yF0pXCKVRy1ukEls8o+4PF2JiKrtkCrWCimB6jxGPIG3lk 3SuKVS/din3RHz+7Sr1lXWFcGYDENmPd/jTwr1A1FiHrSj+u21hnJEHi8eTa9029F1KRfocp ig+k0zUEKmFPDabpanI323O5Tahsy7hwf2WOQwTDLvQ+eqQu40wbb6NocmCNFjtRhNZWGKJS b5GrGDGu/No5U6w73adighEuNcCSNBsLyUe48CE0uTO7eAL6Vd+2k28ezi6XY4Y0mgASJslb NwW54LzSSM0uRGFuaWVsIFAuIFNtaXRoIDxkcHNtaXRoQGFwZXJ0dXNzb2x1dGlvbnMuY29t PsJ6BBMRCAAiBQJWK7ngAhsjBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBTc6WbYpR8 KrQ9AP94+xjtFfJ8gj5c7PVx06Zv9rcmFUqQspZ5wSEkvxOuQQEAg6qEsPYegI7iByLVzNEg 7B7fUG7pqWIfMqFwFghYhQzOwU0EViu54BAIAL6MXXNlrJ5tRUf+KMBtVz1LJQZRt/uxWrCb T06nZjnbp2UcceuYNbISOVHGXTzu38r55YzpkEA8eURQf+5hjtvlrOiHxvpD+Z6WcpV6rrMB kcAKWiZTQihW2HoGgVB3gwG9dCh+n0X5OzliAMiGK2a5iqnIZi3o0SeW6aME94bSkTkuj6/7 OmH9KAzK8UnlhfkoMg3tXW8L6/5CGn2VyrjbB/rcrbIR4mCQ+yCUlocuOjFCJhBd10AG1IcX OXUa/ux+/OAV9S5mkr5Fh3kQxYCTcTRt8RY7+of9RGBk10txi94dXiU2SjPbassvagvu/hEi twNHms8rpkSJIeeq0/cAAwUH/jV3tXpaYubwcL2tkk5ggL9Do+/Yo2WPzXmbp8vDiJPCvSJW rz2NrYkd/RoX+42DGqjfu8Y04F9XehN1zZAFmCDUqBMa4tEJ7kOT1FKJTqzNVcgeKNBGcT7q 27+wsqbAerM4A0X/F/ctjYcKwNtXck1Bmd/T8kiw2IgyeOC+cjyTOSwKJr2gCwZXGi5g+2V8 NhJ8n72ISPnOh5KCMoAJXmCF+SYaJ6hIIFARmnuessCIGw4ylCRIU/TiXK94soilx5aCqb1z ke943EIUts9CmFAHt8cNPYOPRd20pPu4VFNBuT4fv9Ys0iv0XGCEP+sos7/pgJ3gV3pCOric p15jV4PCYQQYEQgACQUCViu54AIbDAAKCRBTc6WbYpR8Khu7AP9NJrBUn94C/3PeNbtQlEGZ NV46Mx5HF0P27lH3sFpNrwD/dVdZ5PCnHQYBZ287ZxVfVr4Zuxjo5yJbRjT93Hl0vMY=
  • Cc: Bernhard Kaindl <bernhard.kaindl@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 05 May 2026 20:39:42 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 5/4/26 09:30, Jan Beulich wrote:

On 22.04.2026 13:51, Jan Beulich wrote:

The boot services FreePages() needs passing the size. Since we allocated
one more byte to put a trailing nul there, we also need to bump the size
passed there. Make a small helper function to centralize this.

Note that there's no permanent memory leak because of the oversight: The
allocation is done using EfiLoaderData, and all memory of that type is
later reclaimed anyway.

Fixes: df75f77092c1 ("EFI: avoid OOB config file reads")
Reported-by: Bernhard Kaindl <bernhard.kaindl@xxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>


Marek, Daniel?

Thanks, Jan


---
This is an alternative proposal to
https://lists.xen.org/archives/html/xen-devel/2026-04/msg01044.html.

--- a/xen/common/efi/boot.c
+++ b/xen/common/efi/boot.c
@@ -778,6 +778,16 @@ static void __init efi_relocate_esrt(EFI
   */
  #include "efi-boot.h"
+static void __init free_cfg(void) 
+{
+    if ( !cfg.need_to_free )
+        return;
+
+    /* One extra byte was allocated to put a nul character there. */
+    efi_bs->FreePages(cfg.addr, PFN_UP(cfg.size + 1));
+    cfg.need_to_free = false;
+}
+
  void __init noreturn blexit(const CHAR16 *str)
  {
      if ( str )
@@ -787,8 +797,7 @@ void __init noreturn blexit(const CHAR16
      if ( !efi_bs )
          efi_arch_halt();
- if ( cfg.need_to_free ) 
-        efi_bs->FreePages(cfg.addr, PFN_UP(cfg.size));
+    free_cfg();
      if ( kernel.need_to_free )
          efi_bs->FreePages(kernel.addr, PFN_UP(kernel.size));
      if ( ramdisk.need_to_free )
@@ -1557,11 +1566,7 @@ void EFIAPI __init noreturn efi_start(EF
              name.s = get_value(&cfg, "global", "chain");
              if ( !name.s )
                  break;
-            if ( cfg.need_to_free )
-            {
-                efi_bs->FreePages(cfg.addr, PFN_UP(cfg.size));
-                cfg.need_to_free = false;
-            }
+            free_cfg();
              if ( !read_file(dir_handle, s2w(&name), &cfg, NULL) )
              {
                  PrintStr(L"Chained configuration file '");
@@ -1631,11 +1636,7 @@ void EFIAPI __init noreturn efi_start(EF
efi_arch_cfg_file_late(loaded_image, dir_handle, section.s); - if ( cfg.need_to_free ) 
-        {
-            efi_bs->FreePages(cfg.addr, PFN_UP(cfg.size));
-            cfg.need_to_free = false;
-        }
+        free_cfg();
if ( dir_handle ) 
              dir_handle->Close(dir_handle);




Acked-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.