Topics

回复: [edk2-devel] [PATCH v2 RESEND 0/2] security fix: unlimited FV recursion, round 2 (DXE Core)


gaoliming
 

Laszlo:
I am OK to merge this patch and the fix in LzmaUefiDecompressGetInfo for this stable tag. After you are done, I will update the proposed feature list to include them.

In BZ, there is no CVE number. So, I want to confirm whether CVE number is required.

Thanks
Liming

-----邮件原件-----
发件人: bounce+27952+67707+4905953+8761045@groups.io
<bounce+27952+67707+4905953+8761045@groups.io> 代表 Laszlo Ersek
发送时间: 2020年11月19日 18:54
收件人: edk2-devel-groups-io <devel@edk2.groups.io>
抄送: Dandan Bi <dandan.bi@...>; Hao A Wu <hao.a.wu@...>;
Jian J Wang <jian.j.wang@...>; Liming Gao
<gaoliming@...>; Philippe Mathieu-Daudé <philmd@...>
主题: [edk2-devel] [PATCH v2 RESEND 0/2] security fix: unlimited FV
recursion, round 2 (DXE Core)

Repo: https://pagure.io/lersek/edk2.git
Branch: tianocore_1743_v2_resend
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1743

"RESEND" because I'm publicly posting the patches from
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c19>.

The Reviewed-by tags on the patches originate from
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c20> and
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c22>.

Retested with Liming's reproducer; see
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c16> and
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c18>.

This series targets edk2-stable202011. I plan to merge it later this
week, based on Liming's R-b.

Liming, highlighting TianoCore#1743 in the "proposed features" list
could be useful.

Cc: Dandan Bi <dandan.bi@...>
Cc: Hao A Wu <hao.a.wu@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Liming Gao <gaoliming@...>
Cc: Philippe Mathieu-Daudé <philmd@...>

Thanks!
Laszlo

Laszlo Ersek (2):
MdeModulePkg/Core/Dxe: assert SectionInstance invariant in
FindChildNode()
MdeModulePkg/Core/Dxe: limit FwVol encapsulation section recursion

MdeModulePkg/MdeModulePkg.dec
| 6 +++
MdeModulePkg/MdeModulePkg.uni
| 6 +++
MdeModulePkg/Core/Dxe/DxeMain.inf
| 1 +
MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c | 52
+++++++++++++++++---
4 files changed, 59 insertions(+), 6 deletions(-)

--
2.19.1.3.g30247aa5d201





Laszlo Ersek
 

On 11/20/20 06:30, gaoliming wrote:
Laszlo:
I am OK to merge this patch and the fix in LzmaUefiDecompressGetInfo for this stable tag. After you are done, I will update the proposed feature list to include them.
Thanks!

In BZ, there is no CVE number. So, I want to confirm whether CVE number is required.
We seem to have failed getting a CVE number. I'm unaware of any CVE
being assigned to this issue.

Thanks
Laszlo


Thanks
Liming
-----邮件原件-----
发件人: bounce+27952+67707+4905953+8761045@groups.io
<bounce+27952+67707+4905953+8761045@groups.io> 代表 Laszlo Ersek
发送时间: 2020年11月19日 18:54
收件人: edk2-devel-groups-io <devel@edk2.groups.io>
抄送: Dandan Bi <dandan.bi@...>; Hao A Wu <hao.a.wu@...>;
Jian J Wang <jian.j.wang@...>; Liming Gao
<gaoliming@...>; Philippe Mathieu-Daudé <philmd@...>
主题: [edk2-devel] [PATCH v2 RESEND 0/2] security fix: unlimited FV
recursion, round 2 (DXE Core)

Repo: https://pagure.io/lersek/edk2.git
Branch: tianocore_1743_v2_resend
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1743

"RESEND" because I'm publicly posting the patches from
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c19>.

The Reviewed-by tags on the patches originate from
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c20> and
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c22>.

Retested with Liming's reproducer; see
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c16> and
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c18>.

This series targets edk2-stable202011. I plan to merge it later this
week, based on Liming's R-b.

Liming, highlighting TianoCore#1743 in the "proposed features" list
could be useful.

Cc: Dandan Bi <dandan.bi@...>
Cc: Hao A Wu <hao.a.wu@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Liming Gao <gaoliming@...>
Cc: Philippe Mathieu-Daudé <philmd@...>

Thanks!
Laszlo

Laszlo Ersek (2):
MdeModulePkg/Core/Dxe: assert SectionInstance invariant in
FindChildNode()
MdeModulePkg/Core/Dxe: limit FwVol encapsulation section recursion

MdeModulePkg/MdeModulePkg.dec
| 6 +++
MdeModulePkg/MdeModulePkg.uni
| 6 +++
MdeModulePkg/Core/Dxe/DxeMain.inf
| 1 +
MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c | 52
+++++++++++++++++---
4 files changed, 59 insertions(+), 6 deletions(-)

--
2.19.1.3.g30247aa5d201






Laszlo Ersek
 

On 11/20/20 06:30, gaoliming wrote:
Laszlo:
I am OK to merge this patch and the fix in LzmaUefiDecompressGetInfo for this stable tag. After you are done, I will update the proposed feature list to include them.
Merged as commit range 6c8dd15c4ae4..47343af30435, via
<https://github.com/tianocore/edk2/pull/1137>.

Thanks,
Laszlo


In BZ, there is no CVE number. So, I want to confirm whether CVE number is required.

Thanks
Liming
-----邮件原件-----
发件人: bounce+27952+67707+4905953+8761045@groups.io
<bounce+27952+67707+4905953+8761045@groups.io> 代表 Laszlo Ersek
发送时间: 2020年11月19日 18:54
收件人: edk2-devel-groups-io <devel@edk2.groups.io>
抄送: Dandan Bi <dandan.bi@...>; Hao A Wu <hao.a.wu@...>;
Jian J Wang <jian.j.wang@...>; Liming Gao
<gaoliming@...>; Philippe Mathieu-Daudé <philmd@...>
主题: [edk2-devel] [PATCH v2 RESEND 0/2] security fix: unlimited FV
recursion, round 2 (DXE Core)

Repo: https://pagure.io/lersek/edk2.git
Branch: tianocore_1743_v2_resend
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1743

"RESEND" because I'm publicly posting the patches from
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c19>.

The Reviewed-by tags on the patches originate from
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c20> and
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c22>.

Retested with Liming's reproducer; see
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c16> and
<https://bugzilla.tianocore.org/show_bug.cgi?id=1743#c18>.

This series targets edk2-stable202011. I plan to merge it later this
week, based on Liming's R-b.

Liming, highlighting TianoCore#1743 in the "proposed features" list
could be useful.

Cc: Dandan Bi <dandan.bi@...>
Cc: Hao A Wu <hao.a.wu@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Liming Gao <gaoliming@...>
Cc: Philippe Mathieu-Daudé <philmd@...>

Thanks!
Laszlo

Laszlo Ersek (2):
MdeModulePkg/Core/Dxe: assert SectionInstance invariant in
FindChildNode()
MdeModulePkg/Core/Dxe: limit FwVol encapsulation section recursion

MdeModulePkg/MdeModulePkg.dec
| 6 +++
MdeModulePkg/MdeModulePkg.uni
| 6 +++
MdeModulePkg/Core/Dxe/DxeMain.inf
| 1 +
MdeModulePkg/Core/Dxe/SectionExtraction/CoreSectionExtraction.c | 52
+++++++++++++++++---
4 files changed, 59 insertions(+), 6 deletions(-)

--
2.19.1.3.g30247aa5d201