[GIT PULL 0/5] EFI urgent fixes
From: Matt Fleming
Date: Fri Feb 12 2016 - 06:28:08 EST
Folks,
Please pull the following EFI patches from Peter that prevent
accidental deletion of EFI variables through efivarfs which can lead
to bricked machines.
These obviously need backporting to stable, so I'll take care of
sending the backports separately because we don't need to send the
entire 5 patch series.
The following changes since commit 59fd1214561921343305a0e9dc218bf3d40068f3:
x86/mm/numa: Fix 32-bit memblock range truncation bug on 32-bit NUMA kernels (2016-02-08 12:10:03 +0100)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/mfleming/efi.git tags/efi-urgent
for you to fetch changes up to ed8b0de5a33d2a2557dce7f9429dca8cb5bc5879:
efi: Make efivarfs entries immutable by default (2016-02-10 16:25:52 +0000)
----------------------------------------------------------------
* Prevent accidental deletion of EFI variables through efivarfs that
may brick machines. We use a whitelist of known-safe variables to
allow things like installing distributions to work out of the box, and
instead restrict vendor-specific variable deletion by making
non-whitelist variables immutable - Peter Jones
----------------------------------------------------------------
Peter Jones (5):
lib/ucs2_string: Add ucs2 -> utf8 helper functions
efi: Use ucs2_as_utf8 in efivarfs instead of open coding a bad version
efi: Do variable name validation tests in utf8
efi: Make our variable validation list include the guid
efi: Make efivarfs entries immutable by default
Documentation/filesystems/efivarfs.txt | 7 ++
drivers/firmware/efi/efivars.c | 35 +++---
drivers/firmware/efi/vars.c | 143 ++++++++++++++++++-------
fs/efivarfs/file.c | 70 ++++++++++++
fs/efivarfs/inode.c | 30 ++++--
fs/efivarfs/internal.h | 3 +-
fs/efivarfs/super.c | 16 +--
include/linux/efi.h | 5 +-
include/linux/ucs2_string.h | 4 +
lib/ucs2_string.c | 62 +++++++++++
tools/testing/selftests/efivarfs/efivarfs.sh | 19 +++-
tools/testing/selftests/efivarfs/open-unlink.c | 72 ++++++++++++-
12 files changed, 383 insertions(+), 83 deletions(-)