pool/grub2
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1120450 from home:gary_lin:branches:Base:System

Browse Source 
- Fix a potential error when appending multiple keys into the
  synthesized initrd
  * Fix-the-size-calculation-for-the-synthesized-initrd.patch

OBS-URL: https://build.opensuse.org/request/show/1120450
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=472
This commit is contained in:
Dirk Mueller 2023-10-26 06:43:26 +00:00 committed by Git OBS Bridge
parent 8c7387ac32
commit 247022017f
3 changed files with 94 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
Fix-the-size-calculation-for-the-synthesized-initrd.patch Normal file
View File

@ -0,0 +1,86 @@
From d441356c924102b43b303520cc1c62a624b014d6 Mon Sep 17 00:00:00 2001
From: Gary Lin <glin@suse.com>
Date: Thu, 26 Oct 2023 13:18:24 +0800
Subject: [PATCH] Fix the size calculation for the synthesized initrd
When calculating the size of the synthesized initrd in
grub_initrd_component(), the ending "TRAILER!!!" is counted in for every
synthesized initrd. However, in grub_initrd_load(), only one "TRAILER!!!"
will be appended for one group of consecutive synthesized initrds. The
additional size calculation for the ending "TRAILER!!!" could make the
linux kernel to read uninitialized bytes and result in the error message
like this:
Initramfs unpacking failed: invalid magic at start of compressed archive
To fit into the original 'newc' design, the ending "TRAILER!!!" is
removed from grub_initrd_component(). Instead, in grub_initrd_init(),
the 'newc' flag is set when calculating size of the synthesized initrd
to append the ending "TRAILER!!!" later. As for grub_initrd_load(),
since the path to the unsealed key is specified in 'newc_name', it's
unnecessary to set the 'newc' flag while copying the unsealed key
because the flag is already set when parsing the path name.
Signed-off-by: Gary Lin <glin@suse.com>
---
grub-core/loader/linux.c | 23 ++++++++---------------
1 file changed, 8 insertions(+), 15 deletions(-)
diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
index 4e028f5..9ee8f37 100644
--- a/grub-core/loader/linux.c
+++ b/grub-core/loader/linux.c
@@ -209,13 +209,6 @@ grub_initrd_component (const char *buf, int bufsz, const char *newc_name,
&initrd_ctx->size))
goto overflow;
- initrd_ctx->size = ALIGN_UP (initrd_ctx->size, 4);
- if (grub_add (initrd_ctx->size,
- ALIGN_UP (sizeof (struct newc_head)
- + sizeof ("TRAILER!!!") - 1, 4),
- &initrd_ctx->size))
- goto overflow;
-
free_dir (root);
root = 0;
return GRUB_ERR_NONE;
@@ -312,6 +305,13 @@ grub_initrd_init (int argc, char *argv[],
goto overflow;
}
+ FOR_LIST_ELEMENTS (pk, kpuber)
+ if (pk->key && pk->path)
+ {
+ grub_initrd_component (pk->key, pk->key_len, pk->path, initrd_ctx);
+ newc = 1;
+ }
+
if (newc)
{
initrd_ctx->size = ALIGN_UP (initrd_ctx->size, 4);
@@ -324,10 +324,6 @@ grub_initrd_init (int argc, char *argv[],
root = 0;
}
- FOR_LIST_ELEMENTS (pk, kpuber)
- if (pk->key && pk->path)
- grub_initrd_component (pk->key, pk->key_len, pk->path, initrd_ctx);
-
return GRUB_ERR_NONE;
overflow:
@@ -404,10 +400,7 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx,
cursize = initrd_ctx->components[i].size;
if (initrd_ctx->components[i].buf)
- {
- grub_memcpy (ptr, initrd_ctx->components[i].buf, cursize);
- newc = 1;
- }
+ grub_memcpy (ptr, initrd_ctx->components[i].buf, cursize);
else if (grub_file_read (initrd_ctx->components[i].file, ptr, cursize)
!= cursize)
{
--
2.35.3

7
grub2.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Oct 26 06:04:54 UTC 2023 - Gary Ching-Pang Lin <glin@suse.com>
- Fix a potential error when appending multiple keys into the
synthesized initrd
* Fix-the-size-calculation-for-the-synthesized-initrd.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Oct 25 01:56:09 UTC 2023 - Michael Chang <mchang@suse.com> Wed Oct 25 01:56:09 UTC 2023 - Michael Chang <mchang@suse.com>

1
grub2.spec
View File

@ -388,6 +388,7 @@ Patch195: 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch
Patch196: 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch Patch196: 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch
Patch197: 0006-fs-ntfs-Make-code-more-readable.patch Patch197: 0006-fs-ntfs-Make-code-more-readable.patch
Patch198: 0001-luks2-Use-grub-tpm2-token-for-TPM2-protected-volume-.patch Patch198: 0001-luks2-Use-grub-tpm2-token-for-TPM2-protected-volume-.patch
Patch199: Fix-the-size-calculation-for-the-synthesized-initrd.patch
Requires: gettext-runtime Requires: gettext-runtime
%if 0%{?suse_version} >= 1140 %if 0%{?suse_version} >= 1140