From nobody Sat May 18 08:46:57 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+109768+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+109768+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1697649883; cv=none; d=zohomail.com; s=zohoarc; b=X5v4xC253b8Z0uB4R8R+DwAXYc7rIAhSBLgBTrVjbF62EPlm+O+ybhyL6L6UJDwLXw/8H4OgaJYgmfROyb90VcDWK2sqbVrS6kUrndm/SIWrf67YY2QHkDwmtFxNFFUN2MIwxBLrNhESJHoF3iGIjaX2j8nGd/1ROujtb5vfUE8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1697649883; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:Sender:Subject:Subject:To:To:Message-Id; bh=IbqcyP27UHaS6yXnbtgAg1WAl32SrbHK096hCedfYXg=; b=llGP22oAVO8kuCtHl+QfdDxdcKYe9sRkmOmNydTTwKL/3n6KnpVnZgknopXP1f+z3YaqxFIOtbMIb2mlNcdl2wJM3FKFl9uzU/Di5GjWNvv1F4p63XO9KACKE28vBCZb5SyS2z26ZgFepinZBQY7N37JdBq53DF5k9re5Hmaj+E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+109768+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 169764988370289.31226687595847; Wed, 18 Oct 2023 10:24:43 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=IbqcyP27UHaS6yXnbtgAg1WAl32SrbHK096hCedfYXg=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20140610; t=1697649883; v=1; b=d3pxQWG8u2DUzLlBTZhgcrWoug6EjlJfDBuHH+59QQnsmbO279qWbHCAAQmaQzy40aGhKvI0 fRszzuhHO4Ntni58jUWgPZkFdYt3eMEKmtcbpCleVYfgs5xe7NithNnXcnnFZKN28xALRlRtxQE FU+I+XfAu8hqPbNqaBrWuvZk= X-Received: by 127.0.0.2 with SMTP id VCmdYY1788612xqW8iPSK0Bc; Wed, 18 Oct 2023 10:24:43 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.groups.io with SMTP id smtpd.web10.287821.1697649882695958553 for ; Wed, 18 Oct 2023 10:24:42 -0700 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-433-CaoJcdzbMgmDgmgOYGx32g-1; Wed, 18 Oct 2023 13:24:38 -0400 X-MC-Unique: CaoJcdzbMgmDgmgOYGx32g-1 X-Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5535988B7A2; Wed, 18 Oct 2023 17:24:38 +0000 (UTC) X-Received: from lacos-laptop-9.usersys.redhat.com (unknown [10.39.192.202]) by smtp.corp.redhat.com (Postfix) with ESMTP id A28FD492BEE; Wed, 18 Oct 2023 17:24:36 +0000 (UTC) From: "Laszlo Ersek" To: devel@edk2.groups.io Cc: Ard Biesheuvel , Gerd Hoffmann , Jiewen Yao , Jordan Justen Subject: [edk2-devel] [PATCH] OvmfPkg/VirtioFsDxe: tolerate opening an abs. pathname rel. to a reg. file Date: Wed, 18 Oct 2023 19:24:34 +0200 Message-Id: <20231018172434.91280-1-lersek@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: q72WW2hoEcNxOeRFDk2WN1RPx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1697649884362100003 Content-Type: text/plain; charset="utf-8"; x-default="true" Referring to a file relative to a regular file makes no sense (or at least it cannot be implemented consistently with how a file is referred to relative to a directory). VirtioFsSimpleFileOpen() has enforced this strictly since the beginning, and a few months ago I reported USWG Mantis ticket #2367 [1] too, for clearing up the related confusion in the UEFI spec. Unfortunately, the shim boot loader contains such a bug [2] [3]. I don't believe the shim bug is ever going to be fixed. We can however relax the check in VirtioFsSimpleFileOpen() a bit: if the pathname that's being opened relative to a regular file is absolute, then the base file is going to be ignored anyway, so we can let the caller's bug slide. This happens to make shim work. Why this matters: UEFI-bootable Linux installer ISOs tend to come with shim and grub in the embedded (ElTorito) FAT image (ESP). Sometimes you want to build upstream shim/grub binaries, but boot the same ISO otherwise. The fastest way for overriding the ESP for this purpose is to copy its original contents to a virtio filesystem, then overwrite the shim and grub binaries from the host side. Note that this is different from direct-booting a kernel (via fw_cfg); the point is to check whether the just-built shim and grub are able to boot the rest of the ISO. [1] https://mantis.uefi.org/mantis/view.php?id=3D2367 [2] https://bugzilla.redhat.com/show_bug.cgi?id=3D1966973 [3] https://github.com/rhboot/shim/issues/382 Cc: Ard Biesheuvel Cc: Gerd Hoffmann Cc: Jiewen Yao Cc: Jordan Justen Signed-off-by: Laszlo Ersek Acked-by: Pedro Falcato Reviewed-by: Gerd Hoffmann Tested-by: Gerd Hoffmann --- Notes: context:-U4 OvmfPkg/VirtioFsDxe/SimpleFsOpen.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/OvmfPkg/VirtioFsDxe/SimpleFsOpen.c b/OvmfPkg/VirtioFsDxe/Simpl= eFsOpen.c index a13d4f6a1e2d..2ecf3d6c2325 100644 --- a/OvmfPkg/VirtioFsDxe/SimpleFsOpen.c +++ b/OvmfPkg/VirtioFsDxe/SimpleFsOpen.c @@ -394,22 +394,33 @@ VirtioFsSimpleFileOpen ( =20 // // Referring to a file relative to a regular file makes no sense (or at = least // it cannot be implemented consistently with how a file is referred to - // relative to a directory). + // relative to a directory). See USWG Mantis ticket #2367. // if (!VirtioFsFile->IsDirectory) { + BOOLEAN BugCompat; + + // + // Tolerate this bug in the caller if FileName is absolute. If FileNam= e is + // absolute, then VirtioFsAppendPath() below will disregard + // VirtioFsFile->CanonicalPathname. + // + BugCompat =3D (FileName[0] =3D=3D L'\\'); + DEBUG (( - DEBUG_ERROR, + BugCompat ? DEBUG_WARN : DEBUG_ERROR, ("%a: Label=3D\"%s\" CanonicalPathname=3D\"%a\" FileName=3D\"%s\": " "nonsensical request to open a file or directory relative to a regu= lar " "file\n"), __func__, VirtioFs->Label, VirtioFsFile->CanonicalPathname, FileName )); - return EFI_INVALID_PARAMETER; + if (!BugCompat) { + return EFI_INVALID_PARAMETER; + } } =20 // // Allocate the new VIRTIO_FS_FILE object. -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109768): https://edk2.groups.io/g/devel/message/109768 Mute This Topic: https://groups.io/mt/102044004/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/3901457/1787277/102458076= /xyzzy [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-