From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id E0CAC9417C3 for ; Thu, 19 Oct 2023 13:50:45 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=1FL2ljJ6SnnKrEOHV53MqmUdnVRGSsTMWBzgjt8LerU=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type:Content-Transfer-Encoding; s=20140610; t=1697723444; v=1; b=wZZOKgCRE1Vz9UhVLwINR7m0LvHAP5CBJqIoY3ZVxqJeeR3n3QcovQZU+CpT8nKT8rtXfs3L 5UgVUpun108TVM3GsXvYFtimCLlxiAya3ZIg+WnxGZ/2SP7FBKWFpQzQEcUB6tKDFri7bWJUPtc LlfWzcdD7TOrTZSA/yFeTuOw= X-Received: by 127.0.0.2 with SMTP id HFbkYY7687511xoOxLyWKnxZ; Thu, 19 Oct 2023 06:50:44 -0700 X-Received: from mail-vs1-f52.google.com (mail-vs1-f52.google.com [209.85.217.52]) by mx.groups.io with SMTP id smtpd.web10.28394.1697723443827469492 for ; Thu, 19 Oct 2023 06:50:43 -0700 X-Received: by mail-vs1-f52.google.com with SMTP id ada2fe7eead31-4576946ce96so3523893137.0 for ; Thu, 19 Oct 2023 06:50:43 -0700 (PDT) X-Gm-Message-State: yXATvFfefjlxc1kuD3A7vKZNx7686176AA= X-Google-Smtp-Source: AGHT+IFQigfEtFomTuiGP1uy/8Osf7lAdWQ+N73f23Xxu8q7Kl/FzsARr39Z9cFU2b1l43RLIpWKjQg1zvtzYn7ppSU= X-Received: by 2002:a67:e08c:0:b0:457:82be:677c with SMTP id f12-20020a67e08c000000b0045782be677cmr1728418vsl.21.1697723442660; Thu, 19 Oct 2023 06:50:42 -0700 (PDT) MIME-Version: 1.0 References: <20231018172434.91280-1-lersek@redhat.com> In-Reply-To: <20231018172434.91280-1-lersek@redhat.com> From: "Pedro Falcato" Date: Thu, 19 Oct 2023 14:50:31 +0100 Message-ID: Subject: Re: [edk2-devel] [PATCH] OvmfPkg/VirtioFsDxe: tolerate opening an abs. pathname rel. to a reg. file To: devel@edk2.groups.io, lersek@redhat.com Cc: Ard Biesheuvel , Gerd Hoffmann , Jiewen Yao , Jordan Justen Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,pedro.falcato@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=wZZOKgCR; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On Wed, Oct 18, 2023 at 6:24=E2=80=AFPM Laszlo Ersek wr= ote: > > Referring to a file relative to a regular file makes no sense (or at leas= t > it cannot be implemented consistently with how a file is referred to > relative to a directory). VirtioFsSimpleFileOpen() has enforced this > strictly since the beginning, and a few months ago I reported USWG Mantis > ticket #2367 [1] too, for clearing up the related confusion in the UEFI > spec. > > Unfortunately, the shim boot loader contains such a bug [2] [3]. I don't > believe the shim bug is ever going to be fixed. We can however relax the > check in VirtioFsSimpleFileOpen() a bit: if the pathname that's being > opened relative to a regular file is absolute, then the base file is goin= g > to be ignored anyway, so we can let the caller's bug slide. This happens > to make shim work. > > Why this matters: UEFI-bootable Linux installer ISOs tend to come with > shim and grub in the embedded (ElTorito) FAT image (ESP). Sometimes you > want to build upstream shim/grub binaries, but boot the same ISO > otherwise. The fastest way for overriding the ESP for this purpose is to > copy its original contents to a virtio filesystem, then overwrite the shi= m > and grub binaries from the host side. Note that this is different from > direct-booting a kernel (via fw_cfg); the point is to check whether the > just-built shim and grub are able to boot the rest of the ISO. > > [1] https://mantis.uefi.org/mantis/view.php?id=3D2367 > [2] https://bugzilla.redhat.com/show_bug.cgi?id=3D1966973 > [3] https://github.com/rhboot/shim/issues/382 > > Cc: Ard Biesheuvel > Cc: Gerd Hoffmann > Cc: Jiewen Yao > Cc: Jordan Justen > Signed-off-by: Laszlo Ersek > --- > > Notes: > context:-U4 > > OvmfPkg/VirtioFsDxe/SimpleFsOpen.c | 17 ++++++++++++++--- > 1 file changed, 14 insertions(+), 3 deletions(-) > > diff --git a/OvmfPkg/VirtioFsDxe/SimpleFsOpen.c b/OvmfPkg/VirtioFsDxe/Sim= pleFsOpen.c > index a13d4f6a1e2d..2ecf3d6c2325 100644 > --- a/OvmfPkg/VirtioFsDxe/SimpleFsOpen.c > +++ b/OvmfPkg/VirtioFsDxe/SimpleFsOpen.c > @@ -394,22 +394,33 @@ VirtioFsSimpleFileOpen ( > > // > // Referring to a file relative to a regular file makes no sense (or a= t least > // it cannot be implemented consistently with how a file is referred t= o > - // relative to a directory). > + // relative to a directory). See USWG Mantis ticket #2367. > // > if (!VirtioFsFile->IsDirectory) { > + BOOLEAN BugCompat; > + > + // > + // Tolerate this bug in the caller if FileName is absolute. If FileN= ame is > + // absolute, then VirtioFsAppendPath() below will disregard > + // VirtioFsFile->CanonicalPathname. > + // > + BugCompat =3D (FileName[0] =3D=3D L'\\'); > + > DEBUG (( > - DEBUG_ERROR, > + BugCompat ? DEBUG_WARN : DEBUG_ERROR, > ("%a: Label=3D\"%s\" CanonicalPathname=3D\"%a\" FileName=3D\"%s\":= " > "nonsensical request to open a file or directory relative to a re= gular " > "file\n"), > __func__, > VirtioFs->Label, > VirtioFsFile->CanonicalPathname, > FileName > )); > - return EFI_INVALID_PARAMETER; > + if (!BugCompat) { > + return EFI_INVALID_PARAMETER; > + } > } > > // > // Allocate the new VIRTIO_FS_FILE object. > Aww, you should've CC'd me. Anyway, retroactive Acked-by: Pedro Falcato If this is the new pseudo-sanctioned behavior for filesystem drivers, I'll make sure to do the same adjustments for Ext4Dxe. --=20 Pedro -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109805): https://edk2.groups.io/g/devel/message/109805 Mute This Topic: https://groups.io/mt/102044004/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-