Linux kernel documentation tree maintained by Jonathan Corbet http://mirrors.hust.edu.cn/git/lwn.git/atom?h=docs-mw 2025-11-16T06:35:04+00:00 2025-11-16T06:35:04+00:00 Al Viro viro@zeniv.linux.org.uk 2024-02-26T06:27:23+00:00 urn:sha1:e11e247608585fef489f1dbb4d73eec456c8d4a5 Initially filesystem is populated with d_alloc_name() + d_add(). That becomes d_alloc_name() + d_make_persistent() + dput(). Dynamic creation is switched to d_make_persistent(); removal - to simple_unlink() (no point open-coding it in efivarfs_unlink(), better call it there) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2025-07-04T14:14:39+00:00 Christian Brauner brauner@kernel.org 2025-07-03T07:36:41+00:00 urn:sha1:ca115d7e754691c0219eec95ec94dbac7f87daef Now that we expose struct file_attr as our uapi struct rename all the internal struct to struct file_kattr to clearly communicate that it is a kernel internal struct. This is similar to struct mount_{k}attr and others. Link: https://lore.kernel.org/20250703-restlaufzeit-baurecht-9ed44552b481@brauner Signed-off-by: Christian Brauner <brauner@kernel.org> 2025-01-19T16:50:58+00:00 Ard Biesheuvel ardb@kernel.org 2025-01-19T16:50:58+00:00 urn:sha1:e7b4b1f61db79fd5a3ded518526941b0e3d70abc 2025-01-19T16:50:26+00:00 James Bottomley James.Bottomley@HansenPartnership.com 2025-01-19T15:12:11+00:00 urn:sha1:a58e954464db477307ac879d772a535deca8efb7 Remove all function helpers and mentions of the efivarfs_list now that all consumers of the list have been removed and entry management goes exclusively through the inode. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2025-01-19T16:50:26+00:00 James Bottomley James.Bottomley@HansenPartnership.com 2025-01-19T15:12:10+00:00 urn:sha1:fddca52766e276cb2fdc0be940ad75e0f01e214e Make the inodes the default management vehicle for struct efivar_entry, so they are now all freed automatically if the file is removed and on unmount in kill_litter_super(). Remove the now superfluous iterator to free the entries after kill_litter_super(). Also fixes a bug where some entry freeing was missing causing efivarfs to leak memory. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2025-01-19T16:49:10+00:00 James Bottomley James.Bottomley@HansenPartnership.com 2025-01-19T14:59:40+00:00 urn:sha1:8b4bc207f981bd87728d2e1c0cf6f4304f9d0159 Current efivarfs uses simple_setattr which allows the setting of any size in the inode cache. This is wrong because a zero size file is used to indicate an "uncommitted" variable, so by simple means of truncating the file (as root) any variable may be turned to look like it's uncommitted. Fix by adding an efivarfs_setattr routine which does not allow updating of the cached inode size (which now only comes from the underlying variable). Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2024-12-09T09:00:04+00:00 James Bottomley James.Bottomley@HansenPartnership.com 2024-12-08T18:34:13+00:00 urn:sha1:2ab0837cb91b7de507daa145d17b3b6b2efb3abf When looking up a non-existent file, efivarfs returns -EINVAL if the file does not conform to the NAME-GUID format and -ENOENT if it does. This is caused by efivars_d_hash() returning -EINVAL if the name is not formatted correctly. This error is returned before simple_lookup() returns a negative dentry, and is the error value that the user sees. Fix by removing this check. If the file does not exist, simple_lookup() will return a negative dentry leading to -ENOENT and efivarfs_create() already has a validity check before it creates an entry (and will correctly return -EINVAL) Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: <stable@vger.kernel.org> [ardb: make efivarfs_valid_name() static] Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2023-12-11T10:19:18+00:00 Ard Biesheuvel ardb@kernel.org 2023-12-08T16:39:29+00:00 urn:sha1:cdb46a8aefbf7fd36772bb206aaaf7e45d7cf8f6 syzbot reports issues with concurrent fsopen()/fsconfig() invocations on efivarfs, which are the result of the fact that the efivarfs list (which caches the names and GUIDs of existing EFI variables) is a global structure. In normal use, these issues are unlikely to trigger, even in the presence of multiple mounts of efivarfs, but the execution pattern used by the syzkaller reproducer may result in multiple instances of the superblock that share the global efivarfs list, and this causes list corruption when the list is reinitialized by one user while another is traversing it. So let's move the list head into the superblock s_fs_info field, so that it will never be shared between distinct instances of the superblock. In the common case, there will still be a single instance of this list, but in the artificial syzkaller case, no list corruption can occur any longer. Reported-by: syzbot+1902c359bfcaf39c46f2@syzkaller.appspotmail.com Signed-off-by: Ard Biesheuvel <ardb@kernel.org> 2023-11-04T18:54:20+00:00 Linus Torvalds torvalds@linux-foundation.org 2023-11-04T18:54:20+00:00 urn:sha1:4c975a43fa380676828321ebe5b662c743c14d9e Pull EFI update from Ard Biesheuvel: "This is the only remaining EFI change, as everything else was taken via -tip this cycle: - implement uid/gid mount options for efivarfs" * tag 'efi-next-for-v6.7' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi: efivarfs: Add uid/gid mount options 2023-10-19T22:47:18+00:00 Jiao Zhou jiaozhou@google.com 2023-10-19T22:46:39+00:00 urn:sha1:5329aa5101f73c451bcd48deaf3f296685849d9c Allow UEFI variables to be modified by non-root processes in order to run sandboxed code. This doesn't change the behavior of mounting efivarfs unless uid/gid are specified; by default both are set to root. Signed-off-by: Jiao Zhou <jiaozhou@google.com> Acked-by: Matthew Garrett <mgarrett@aurora.tech> Signed-off-by: Ard Biesheuvel <ardb@kernel.org>