1. 05 Jun, 2018 1 commit
  2. 31 May, 2017 2 commits
    • Kees Cook's avatar
      pstore: Populate pstore record->time field · c7f3c595
      Kees Cook authored
      
      
      The current time will be initially available in the record->time field
      for all pstore_read() and pstore_write() calls. Backends can either
      update the field during read(), or use the field during write() instead
      of fetching time themselves.
      
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      c7f3c595
    • Kees Cook's avatar
      efi-pstore: Refactor erase routine · efb74e4b
      Kees Cook authored
      
      
      Right now, every pass through the EFI variables during erase would build
      a copy of the old format variable name. Instead, try each name one time
      through the EFI variables list. Additionally bump up the buffer size to
      avoid truncation in pathological cases, and wipe the write name buffer.
      
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      efb74e4b
  3. 22 May, 2017 1 commit
  4. 16 May, 2017 1 commit
  5. 05 Apr, 2017 1 commit
  6. 07 Mar, 2017 3 commits
  7. 09 Sep, 2016 1 commit
    • Sylvain Chouleur's avatar
      efi: Don't use spinlocks for efi vars · 21b3ddd3
      Sylvain Chouleur authored
      
      
      All efivars operations are protected by a spinlock which prevents
      interruptions and preemption. This is too restricted, we just need a
      lock preventing concurrency.
      The idea is to use a semaphore of count 1 and to have two ways of
      locking, depending on the context:
      - In interrupt context, we call down_trylock(), if it fails we return
        an error
      - In normal context, we call down_interruptible()
      
      We don't use a mutex here because the mutex_trylock() function must not
      be called from interrupt context, whereas the down_trylock() can.
      
      Signed-off-by: default avatarSylvain Chouleur <sylvain.chouleur@intel.com>
      Signed-off-by: default avatarArd Biesheuvel <ard.biesheuvel@linaro.org>
      Cc: Leif Lindholm <leif.lindholm@linaro.org>
      Cc: Mark Rutland <mark.rutland@arm.com>
      Cc: Sylvain Chouleur <sylvain.chouleur@gmail.com>
      Signed-off-by: default avatarMatt Fleming <matt@codeblueprint.co.uk>
      21b3ddd3
  8. 08 Sep, 2016 1 commit
    • Namhyung Kim's avatar
      pstore: Split pstore fragile flags · c950fd6f
      Namhyung Kim authored
      
      
      This patch adds new PSTORE_FLAGS for each pstore type so that they can
      be enabled separately.  This is a preparation for ongoing virtio-pstore
      work to support those types flexibly.
      
      The PSTORE_FLAGS_FRAGILE is changed to PSTORE_FLAGS_DMESG to preserve the
      original behavior.
      
      Cc: Anton Vorontsov <anton@enomsg.org>
      Cc: Colin Cross <ccross@android.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Tony Luck <tony.luck@intel.com>
      Cc: "Rafael J. Wysocki" <rjw@rjwysocki.net>
      Cc: Len Brown <lenb@kernel.org>
      Cc: Matt Fleming <matt@codeblueprint.co.uk>
      Cc: linux-acpi@vger.kernel.org
      Cc: linux-efi@vger.kernel.org
      Signed-off-by: default avatarNamhyung Kim <namhyung@kernel.org>
      [kees: retained "FRAGILE" for now to make merges easier]
      Signed-off-by: default avatarKees Cook <keescook@chromium.org>
      c950fd6f
  9. 02 Jun, 2016 2 commits
  10. 02 Nov, 2015 1 commit
  11. 12 Oct, 2015 1 commit
  12. 27 Jun, 2014 1 commit
    • Andrzej Zaborowski's avatar
      efi-pstore: Fix an overflow on 32-bit builds · 783ee431
      Andrzej Zaborowski authored
      
      
      In generic_id the long int timestamp is multiplied by 100000 and needs
      an explicit cast to u64.
      
      Without that the id in the resulting pstore filename is wrong and
      userspace may have problems parsing it, but more importantly files in
      pstore can never be deleted and may fill the EFI flash (brick device?).
      This happens because when generic pstore code wants to delete a file,
      it passes the id to the EFI backend which reinterpretes it and a wrong
      variable name is attempted to be deleted.  There's no error message but
      after remounting pstore, deleted files would reappear.
      
      Signed-off-by: default avatarAndrew Zaborowski <andrew.zaborowski@intel.com>
      Acked-by: default avatarDavid Rientjes <rientjes@google.com>
      Cc: <stable@vger.kernel.org>
      Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
      783ee431
  13. 20 Dec, 2013 1 commit
  14. 29 Nov, 2013 1 commit
  15. 28 Nov, 2013 1 commit
    • Seiji Aguchi's avatar
      efivars, efi-pstore: Hold off deletion of sysfs entry until the scan is completed · e0d59733
      Seiji Aguchi authored
      
      
      Currently, when mounting pstore file system, a read callback of
      efi_pstore driver runs mutiple times as below.
      
      - In the first read callback, scan efivar_sysfs_list from head and pass
        a kmsg buffer of a entry to an upper pstore layer.
      - In the second read callback, rescan efivar_sysfs_list from the entry
        and pass another kmsg buffer to it.
      - Repeat the scan and pass until the end of efivar_sysfs_list.
      
      In this process, an entry is read across the multiple read function
      calls. To avoid race between the read and erasion, the whole process
      above is protected by a spinlock, holding in open() and releasing in
      close().
      
      At the same time, kmemdup() is called to pass the buffer to pstore
      filesystem during it. And then, it causes a following lockdep warning.
      
      To make the dynamic memory allocation runnable without taking spinlock,
      holding off a deletion of sysfs entry if it happens while scanning it
      via efi_pstore, and deleting it after the scan is completed.
      
      To implement it, this patch introduces two flags, scanning and deleting,
      to efivar_entry.
      
      On the code basis, it seems that all the scanning and deleting logic is
      not needed because __efivars->lock are not dropped when reading from the
      EFI variable store.
      
      But, the scanning and deleting logic is still needed because an
      efi-pstore and a pstore filesystem works as follows.
      
      In case an entry(A) is found, the pointer is saved to psi->data.  And
      efi_pstore_read() passes the entry(A) to a pstore filesystem by
      releasing  __efivars->lock.
      
      And then, the pstore filesystem calls efi_pstore_read() again and the
      same entry(A), which is saved to psi->data, is used for resuming to scan
      a sysfs-list.
      
      So, to protect the entry(A), the logic is needed.
      
      [    1.143710] ------------[ cut here ]------------
      [    1.144058] WARNING: CPU: 1 PID: 1 at kernel/lockdep.c:2740 lockdep_trace_alloc+0x104/0x110()
      [    1.144058] DEBUG_LOCKS_WARN_ON(irqs_disabled_flags(flags))
      [    1.144058] Modules linked in:
      [    1.144058] CPU: 1 PID: 1 Comm: systemd Not tainted 3.11.0-rc5 #2
      [    1.144058]  0000000000000009 ffff8800797e9ae0 ffffffff816614a5 ffff8800797e9b28
      [    1.144058]  ffff8800797e9b18 ffffffff8105510d 0000000000000080 0000000000000046
      [    1.144058]  00000000000000d0 00000000000003af ffffffff81ccd0c0 ffff8800797e9b78
      [    1.144058] Call Trace:
      [    1.144058]  [<ffffffff816614a5>] dump_stack+0x54/0x74
      [    1.144058]  [<ffffffff8105510d>] warn_slowpath_common+0x7d/0xa0
      [    1.144058]  [<ffffffff8105517c>] warn_slowpath_fmt+0x4c/0x50
      [    1.144058]  [<ffffffff8131290f>] ? vsscanf+0x57f/0x7b0
      [    1.144058]  [<ffffffff810bbd74>] lockdep_trace_alloc+0x104/0x110
      [    1.144058]  [<ffffffff81192da0>] __kmalloc_track_caller+0x50/0x280
      [    1.144058]  [<ffffffff815147bb>] ? efi_pstore_read_func.part.1+0x12b/0x170
      [    1.144058]  [<ffffffff8115b260>] kmemdup+0x20/0x50
      [    1.144058]  [<ffffffff815147bb>] efi_pstore_read_func.part.1+0x12b/0x170
      [    1.144058]  [<ffffffff81514800>] ? efi_pstore_read_func.part.1+0x170/0x170
      [    1.144058]  [<ffffffff815148b4>] efi_pstore_read_func+0xb4/0xe0
      [    1.144058]  [<ffffffff81512b7b>] __efivar_entry_iter+0xfb/0x120
      [    1.144058]  [<ffffffff8151428f>] efi_pstore_read+0x3f/0x50
      [    1.144058]  [<ffffffff8128d7ba>] pstore_get_records+0x9a/0x150
      [    1.158207]  [<ffffffff812af25c>] ? selinux_d_instantiate+0x1c/0x20
      [    1.158207]  [<ffffffff8128ce30>] ? parse_options+0x80/0x80
      [    1.158207]  [<ffffffff8128ced5>] pstore_fill_super+0xa5/0xc0
      [    1.158207]  [<ffffffff811ae7d2>] mount_single+0xa2/0xd0
      [    1.158207]  [<ffffffff8128ccf8>] pstore_mount+0x18/0x20
      [    1.158207]  [<ffffffff811ae8b9>] mount_fs+0x39/0x1b0
      [    1.158207]  [<ffffffff81160550>] ? __alloc_percpu+0x10/0x20
      [    1.158207]  [<ffffffff811c9493>] vfs_kern_mount+0x63/0xf0
      [    1.158207]  [<ffffffff811cbb0e>] do_mount+0x23e/0xa20
      [    1.158207]  [<ffffffff8115b51b>] ? strndup_user+0x4b/0xf0
      [    1.158207]  [<ffffffff811cc373>] SyS_mount+0x83/0xc0
      [    1.158207]  [<ffffffff81673cc2>] system_call_fastpath+0x16/0x1b
      [    1.158207] ---[ end trace 61981bc62de9f6f4 ]---
      
      Signed-off-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
      Tested-by: default avatarMadper Xie <cxie@redhat.com>
      Cc: stable@kernel.org
      Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
      e0d59733
  16. 19 Aug, 2013 3 commits
  17. 01 Jul, 2013 1 commit
  18. 28 Jun, 2013 1 commit
  19. 03 Jun, 2013 1 commit
  20. 30 Apr, 2013 3 commits
    • Matt Fleming's avatar
      efi, pstore: Read data from variable store before memcpy() · 8a415b8c
      Matt Fleming authored
      
      
      Seiji reported getting empty dmesg-* files, because the data was never
      actually read in efi_pstore_read_func(), and so the memcpy() was copying
      garbage data.
      
      This patch necessitated adding __efivar_entry_get() which is callable
      between efivar_entry_iter_{begin,end}(). We can also delete
      __efivar_entry_size() because efi_pstore_read_func() was the only
      caller.
      
      Reported-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
      Tested-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
      Cc: Tony Luck <tony.luck@intel.com>
      Cc: Matthew Garrett <matthew.garrett@nebula.com>
      Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
      8a415b8c
    • Matt Fleming's avatar
      efi, pstore: Remove entry from list when erasing · 12abcfde
      Matt Fleming authored
      
      
      We need to remove the entry from the EFI variable list before we erase
      it from the variable store and free the associated state, otherwise it's
      possible to hit the following crash,
      
        BUG: unable to handle kernel NULL pointer dereference at (null)
        IP: [<ffffffff8142ea0f>] __efivar_entry_iter+0xcf/0x120
        PGD 19483f067 PUD 195426067 PMD 0
        Oops: 0000 [#1] SMP
        [...]
        Call Trace:
         [<ffffffff81430ebf>] efi_pstore_erase+0xef/0x140
         [<ffffffff81003138>] ? math_error+0x288/0x2d0
         [<ffffffff811ea491>] pstore_unlink+0x41/0x60
         [<ffffffff811741ff>] vfs_unlink+0x9f/0x110
         [<ffffffff8117813b>] do_unlinkat+0x18b/0x280
         [<ffffffff8116d7e6>] ? sys_newfstatat+0x36/0x50
         [<ffffffff81178472>] sys_unlinkat+0x22/0x40
         [<ffffffff81543282>] system_call_fastpath+0x16/0x1b
      
      Reported-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
      Tested-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
      Cc: Tony Luck <tony.luck@intel.com>
      Cc: Matthew Garrett <matthew.garrett@nebula.com>
      Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
      12abcfde
    • Matt Fleming's avatar
      efi, pstore: Initialise 'entry' before iterating · 4ee39e97
      Matt Fleming authored
      
      
      Seiji reports hitting the following crash when erasing pstore dump
      variables,
      
        BUG: unable to handle kernel NULL pointer dereference at 0000000000000fa4
        IP: [<ffffffff8142dadf>] __efivar_entry_iter+0x2f/0x120
        PGD 18482a067 PUD 190724067 PMD 0
        Oops: 0000 [#1] SMP
        [...]
        Call Trace:
         [<ffffffff8143001f>] efi_pstore_erase+0xdf/0x130
         [<ffffffff81200038>] ? cap_socket_create+0x8/0x10
         [<ffffffff811ea491>] pstore_unlink+0x41/0x60
         [<ffffffff811741ff>] vfs_unlink+0x9f/0x110
         [<ffffffff8117813b>] do_unlinkat+0x18b/0x280
         [<ffffffff81178472>] sys_unlinkat+0x22/0x40
         [<ffffffff81542402>] system_call_fastpath+0x16/0x1b
      
      'entry' needs to be initialised in efi_pstore_erase() when iterating
      with __efivar_entry_iter(), otherwise the garbage pointer will be
      dereferenced, leading to crashes like the above.
      
      Reported-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
      Tested-by: default avatarSeiji Aguchi <seiji.aguchi@hds.com>
      Cc: Tony Luck <tony.luck@intel.com>
      Cc: Matthew Garrett <matthew.garrett@nebula.com>
      Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
      4ee39e97
  21. 17 Apr, 2013 1 commit
    • Matt Fleming's avatar
      efivars: Move pstore code into the new EFI directory · 04851772
      Matt Fleming authored
      
      
      efivars.c has grown far too large and needs to be divided up. Create a
      new directory and move the persistence storage code to efi-pstore.c now
      that it uses the new efivar API. This helps us to greatly reduce the
      size of efivars.c and paves the way for moving other code out of
      efivars.c.
      
      Note that because CONFIG_EFI_VARS can be built as a module efi-pstore
      must also include support for building as a module.
      
      Reviewed-by: default avatarTom Gundersen <teg@jklm.no>
      Tested-by: default avatarTom Gundersen <teg@jklm.no>
      Cc: Seiji Aguchi <seiji.aguchi@hds.com>
      Cc: Anton Vorontsov <cbouatmailru@gmail.com>
      Cc: Colin Cross <ccross@android.com>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: Matthew Garrett <mjg59@srcf.ucam.org>
      Cc: Tony Luck <tony.luck@intel.com>
      Signed-off-by: default avatarMatt Fleming <matt.fleming@intel.com>
      04851772