Patchwork [hardy,lucid/ti-omap4,CVE,1/1] Validate size of EFI GUID partition entries.

login
register
mail settings
Submitter Andy Whitcroft
Date Sept. 14, 2011, 11:48 a.m.
Message ID <1316000900-1542-2-git-send-email-apw@canonical.com>
Download mbox | patch
Permalink /patch/114665/
State New
Headers show

Comments

Andy Whitcroft - Sept. 14, 2011, 11:48 a.m.
From: Timo Warns <Warns@pre-sense.de>

Otherwise corrupted EFI partition tables can cause total confusion.

Signed-off-by: Timo Warns <warns@pre-sense.de>
Cc: stable@kernel.org
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

(backported from commit fa039d5f6b126fbd65eefa05db2f67e44df8f121)
CVE-2011-1776
BugLink: http://bugs.launchpad.net/bugs/844365
Signed-off-by: Andy Whitcroft <apw@canonical.com>
---
 fs/partitions/efi.c |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)

Patch

diff --git a/fs/partitions/efi.c b/fs/partitions/efi.c
index 46e9f47..9e86a34 100644
--- a/fs/partitions/efi.c
+++ b/fs/partitions/efi.c
@@ -360,6 +360,12 @@  is_gpt_valid(struct block_device *bdev, u64 lba,
 		goto fail;
 	}
 
+	/* Check that sizeof_partition_entry has the correct value */
+	if (le32_to_cpu((*gpt)->sizeof_partition_entry) != sizeof(gpt_entry)) {
+		pr_debug("GUID Partitition Entry Size check failed.\n");
+		goto fail;
+	}
+
 	if (!(*ptes = alloc_read_gpt_entries(bdev, *gpt)))
 		goto fail;