On Mon, 17 Feb 2020 at 13:34, Jason A. Donenfeld Jason@zx2c4.com wrote:
This function is consistent with using size instead of seed->size (except for one place that this patch fixes), but it reads seed->size without using READ_ONCE, which means the compiler might still do something unwanted. So, this commit simply adds the READ_ONCE wrapper.
Signed-off-by: Jason A. Donenfeld Jason@zx2c4.com Cc: Ard Biesheuvel ardb@kernel.org Cc: stable@vger.kernel.org
Thanks Jason
I've queued this in efi/urgent with a fixes: tag rather than a cc: stable, since it only applies clean to v5.4 and later. We'll need a backport to 4.14 and 4.19 as well, which has a trivial conflict (s/add_bootloader_randomness/add_device_randomness/) but we'll need to wait for this patch to hit Linus's tree first.
drivers/firmware/efi/efi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c index 621220ab3d0e..21ea99f65113 100644 --- a/drivers/firmware/efi/efi.c +++ b/drivers/firmware/efi/efi.c @@ -552,7 +552,7 @@ int __init efi_config_parse_tables(void *config_tables, int count, int sz,
seed = early_memremap(efi.rng_seed, sizeof(*seed)); if (seed != NULL) {
size = seed->size;
size = READ_ONCE(seed->size); early_memunmap(seed, sizeof(*seed)); } else { pr_err("Could not map UEFI random seed!\n");@@ -562,7 +562,7 @@ int __init efi_config_parse_tables(void *config_tables, int count, int sz, sizeof(*seed) + size); if (seed != NULL) { pr_notice("seeding entropy pool\n");
add_bootloader_randomness(seed->bits, seed->size);
add_bootloader_randomness(seed->bits, size); early_memunmap(seed, sizeof(*seed) + size); } else { pr_err("Could not map UEFI random seed!\n");-- 2.25.0