We should not directly cast between pointers and addresses since it breaks sandbox. Fix this and simplify the code in file_read().
Signed-off-by: Simon Glass sjg@chromium.org ---
Changes in v10: - Add new patch to correct the operation of efi_file_write()
Changes in v9: None Changes in v8: None Changes in v7: None Changes in v6: None Changes in v4: None Changes in v3: None Changes in v2: None
lib/efi_loader/efi_file.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c index 2107730ba5a..789d9eff175 100644 --- a/lib/efi_loader/efi_file.c +++ b/lib/efi_loader/efi_file.c @@ -233,10 +233,8 @@ static efi_status_t file_read(struct file_handle *fh, u64 *buffer_size, void *buffer) { loff_t actread; - /* fs_read expects buffer address, not pointer */ - uintptr_t buffer_addr = (uintptr_t)map_to_sysmem(buffer);
- if (fs_read(fh->path, buffer_addr, fh->offset, + if (fs_read(fh->path, map_to_sysmem(buffer), fh->offset, *buffer_size, &actread)) return EFI_DEVICE_ERROR;
@@ -366,7 +364,7 @@ static efi_status_t EFIAPI efi_file_write(struct efi_file_handle *file, goto error; }
- if (fs_write(fh->path, (ulong)buffer, fh->offset, *buffer_size, + if (fs_write(fh->path, map_to_sysmem(buffer), fh->offset, *buffer_size, &actwrite)) { ret = EFI_DEVICE_ERROR; goto error;