Accepting request 251498 from Base:System

1

OBS-URL: https://build.opensuse.org/request/show/251498
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=101
This commit is contained in:
Stephan Kulow 2014-09-28 17:56:30 +00:00 committed by Git OBS Bridge
commit 592fbf3112
8 changed files with 320 additions and 41 deletions

View File

@ -0,0 +1,134 @@
From c1be7e90be547f6e3f2d7a5c0519f2efa31f495b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 17 Sep 2014 16:30:11 -0400
Subject: [PATCH] Initialized initrd_ctx so we don't free a random pointer from
the stack.
Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
into grub_initrd_close() without grub_initrd_init() being called, and thus
it never clears initrd_ctx->components. grub_initrd_close() then frees that
address, which is stale data from the stack. If the stack happens to have a
stale *address* there that matches a recent allocation, then you'll get a
double free later.
So initialize the memory up front.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
grub-core/loader/arm/linux.c | 2 +-
grub-core/loader/arm64/linux.c | 2 +-
grub-core/loader/i386/linux.c | 2 +-
grub-core/loader/i386/pc/linux.c | 2 +-
grub-core/loader/ia64/efi/linux.c | 2 +-
grub-core/loader/mips/linux.c | 2 +-
grub-core/loader/powerpc/ieee1275/linux.c | 2 +-
grub-core/loader/sparc64/ieee1275/linux.c | 2 +-
8 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/grub-core/loader/arm/linux.c b/grub-core/loader/arm/linux.c
index e6770d9..62cbe75 100644
--- a/grub-core/loader/arm/linux.c
+++ b/grub-core/loader/arm/linux.c
@@ -396,7 +396,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
{
grub_file_t file;
grub_size_t size = 0;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index f1d10a1..0dc144e 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -328,7 +328,7 @@ static grub_err_t
grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
int argc, char *argv[])
{
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
int initrd_size, initrd_pages;
void *initrd_mem = NULL;
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index 31fb91e..2ae1763 100644
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -1050,7 +1050,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_addr_t addr_min, addr_max;
grub_addr_t addr;
grub_err_t err;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
index 672c013..b481e46 100644
--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@@ -388,7 +388,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_uint8_t *initrd_chunk;
grub_addr_t initrd_addr;
grub_err_t err;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/ia64/efi/linux.c b/grub-core/loader/ia64/efi/linux.c
index 87ac49f..eb78e6e 100644
--- a/grub-core/loader/ia64/efi/linux.c
+++ b/grub-core/loader/ia64/efi/linux.c
@@ -568,7 +568,7 @@ static grub_err_t
grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
int argc, char *argv[])
{
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/mips/linux.c b/grub-core/loader/mips/linux.c
index ef64a5b..4a3e8c5 100644
--- a/grub-core/loader/mips/linux.c
+++ b/grub-core/loader/mips/linux.c
@@ -415,7 +415,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
void *initrd_src;
grub_addr_t initrd_dest;
grub_err_t err;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
diff --git a/grub-core/loader/powerpc/ieee1275/linux.c b/grub-core/loader/powerpc/ieee1275/linux.c
index 4a14f66..787d7dc 100644
--- a/grub-core/loader/powerpc/ieee1275/linux.c
+++ b/grub-core/loader/powerpc/ieee1275/linux.c
@@ -333,7 +333,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_size_t size = 0;
grub_addr_t first_addr;
grub_addr_t addr;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/sparc64/ieee1275/linux.c b/grub-core/loader/sparc64/ieee1275/linux.c
index de6ee2f..c5e8dfa 100644
--- a/grub-core/loader/sparc64/ieee1275/linux.c
+++ b/grub-core/loader/sparc64/ieee1275/linux.c
@@ -373,7 +373,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_addr_t paddr;
grub_addr_t addr;
int ret;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
--
1.8.4.5

View File

@ -0,0 +1,48 @@
From 42d3848d0162ea8f824d63d57afb43b8b0a96860 Mon Sep 17 00:00:00 2001
From: Fedora Ninjas <grub2-owner@fedoraproject.org>
Date: Sat, 15 Feb 2014 15:10:22 -0500
Subject: [PATCH 110/112] reopen SNP protocol for exclusive use by grub
References: bnc#871555
Patch-Mainline: no
---
grub-core/net/drivers/efi/efinet.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c
index 2b344d6..a6e4c79 100644
--- a/grub-core/net/drivers/efi/efinet.c
+++ b/grub-core/net/drivers/efi/efinet.c
@@ -223,6 +223,7 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device,
{
struct grub_net_card *card;
grub_efi_device_path_t *dp;
+ grub_efi_simple_network_t *net;
dp = grub_efi_get_device_path (hnd);
if (! dp)
@@ -250,6 +251,21 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device,
&pxe_mode->dhcp_ack,
sizeof (pxe_mode->dhcp_ack),
1, device, path);
+ net = grub_efi_open_protocol (card->efi_handle, &net_io_guid,
+ GRUB_EFI_OPEN_PROTOCOL_BY_EXCLUSIVE);
+ if (net) {
+ if (net->mode->state == GRUB_EFI_NETWORK_STOPPED
+ && efi_call_1 (net->start, net) != GRUB_EFI_SUCCESS)
+ continue;
+
+ if (net->mode->state == GRUB_EFI_NETWORK_STOPPED)
+ continue;
+
+ if (net->mode->state == GRUB_EFI_NETWORK_STARTED
+ && efi_call_3 (net->initialize, net, 0, 0) != GRUB_EFI_SUCCESS)
+ continue;
+ card->efi_net = net;
+ }
return;
}
}
--
1.8.5.3

View File

@ -1,35 +0,0 @@
From c7fbe6c1ae22ac9853b03a3d4d742712f31e69b9 Mon Sep 17 00:00:00 2001
From: Ram Pai <linuxram@us.ibm.com>
Date: Tue, 25 Feb 2014 23:31:06 +0000
Subject: [PATCH 23/23] grub segfaults if initrd is specified before specifying
grub segfaults if initrd is specified before specifying
the kernel. The problem is the initrd module sees that kernel is not
specified and takes the fail path. In the fail path it checks if anything has
be malloc'ed. Unfortunately the variable that it looks to check for is a
uninitialized stack variable. The stack variable can incorrectly indicate
something is malloced, which leads the module to free some unallocated
memory. This patch fixes the problem by initializing the stack variable.
Signed-off-by: Ram Pai <linuxram@us.ibm.com>
---
grub-core/loader/powerpc/ieee1275/linux.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/grub-core/loader/powerpc/ieee1275/linux.c b/grub-core/loader/powerpc/ieee1275/linux.c
index 9dde053..0d94433 100644
--- a/grub-core/loader/powerpc/ieee1275/linux.c
+++ b/grub-core/loader/powerpc/ieee1275/linux.c
@@ -335,6 +335,10 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_addr_t addr;
struct grub_linux_initrd_context initrd_ctx;
+ // initialize, otherwise the fail path will try to
+ // free up data and segfault
+ initrd_ctx.components = NULL;
+
if (argc == 0)
{
grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
--
1.8.3.1

View File

@ -0,0 +1,112 @@
From: Andrey Borzenkov <arvidjaar@gmail.com>
Subject: [PATCH] accept also hdX as alias to native Xen disk name
References: bnc#863821
Patch-Mainline: no
To assign correct disk numbers, sort disks by increasing order of handle
value. This allows reusing legacy pv-grub menu.lst which is using hdX names.
Suggested-By: Michael Chang <mchang@suse.com>
---
grub-core/disk/xen/xendisk.c | 45 +++++++++++++++++++++++++++++++++++---------
1 file changed, 36 insertions(+), 9 deletions(-)
diff --git a/grub-core/disk/xen/xendisk.c b/grub-core/disk/xen/xendisk.c
index 2b11c2a..b18a923 100644
--- a/grub-core/disk/xen/xendisk.c
+++ b/grub-core/disk/xen/xendisk.c
@@ -40,6 +40,7 @@ struct virtdisk
grub_xen_evtchn_t evtchn;
void *dma_page;
grub_xen_grant_t dma_grant;
+ struct virtdisk *compat_next;
};
#define xen_wmb() mb()
@@ -47,6 +48,7 @@ struct virtdisk
static struct virtdisk *virtdisks;
static grub_size_t vdiskcnt;
+struct virtdisk *compat_head;
static int
grub_virtdisk_iterate (grub_disk_dev_iterate_hook_t hook, void *hook_data,
@@ -66,20 +68,32 @@ grub_virtdisk_iterate (grub_disk_dev_iterate_hook_t hook, void *hook_data,
static grub_err_t
grub_virtdisk_open (const char *name, grub_disk_t disk)
{
- grub_size_t i;
+ int i;
grub_uint32_t secsize;
char fdir[200];
char *buf;
+ int num = -1;
+ struct virtdisk *vd;
- for (i = 0; i < vdiskcnt; i++)
- if (grub_strcmp (name, virtdisks[i].fullname) == 0)
+ /* For compatibility with pv-grub legacy menu.lst accept hdX as disk name */
+ if (name[0] == 'h' && name[1] == 'd' && name[2])
+ {
+ num = grub_strtoul (name + 2, 0, 10);
+ if (grub_errno)
+ {
+ grub_errno = 0;
+ num = -1;
+ }
+ }
+ for (i = 0, vd = compat_head; vd; vd = vd->compat_next, i++)
+ if (i == num || grub_strcmp (name, vd->fullname) == 0)
break;
- if (i == vdiskcnt)
+ if (!vd)
return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "not a virtdisk");
- disk->data = &virtdisks[i];
- disk->id = i;
+ disk->data = vd;
+ disk->id = vd - virtdisks;
- grub_snprintf (fdir, sizeof (fdir), "%s/sectors", virtdisks[i].backend_dir);
+ grub_snprintf (fdir, sizeof (fdir), "%s/sectors", vd->backend_dir);
buf = grub_xenstore_get_file (fdir, NULL);
if (!buf)
return grub_errno;
@@ -87,8 +101,7 @@ grub_virtdisk_open (const char *name, grub_disk_t disk)
if (grub_errno)
return grub_errno;
- grub_snprintf (fdir, sizeof (fdir), "%s/sector-size",
- virtdisks[i].backend_dir);
+ grub_snprintf (fdir, sizeof (fdir), "%s/sector-size", vd->backend_dir);
buf = grub_xenstore_get_file (fdir, NULL);
if (!buf)
return grub_errno;
@@ -264,6 +277,7 @@ fill (const char *dir, void *data)
grub_err_t err;
void *buf;
struct evtchn_alloc_unbound alloc_unbound;
+ struct virtdisk **prev = &compat_head, *vd = compat_head;
/* Shouldn't happen unles some hotplug happened. */
if (vdiskcnt >= *ctr)
@@ -374,6 +388,19 @@ fill (const char *dir, void *data)
virtdisks[vdiskcnt].frontend_dir = grub_strdup (fdir);
+ /* For compatibility with pv-grub maintain linked list sorted by handle
+ value in increasing order. This allows mapping of (hdX) disk names
+ from legacy menu.lst */
+ while (vd)
+ {
+ if (vd->handle > virtdisks[vdiskcnt].handle)
+ break;
+ prev = &vd->compat_next;
+ vd = vd->compat_next;
+ }
+ virtdisks[vdiskcnt].compat_next = vd;
+ *prev = &virtdisks[vdiskcnt];
+
vdiskcnt++;
return 0;

View File

@ -1,3 +1,19 @@
-------------------------------------------------------------------
Sun Sep 21 06:47:12 UTC 2014 - arvidjaar@gmail.com
- update translations
- fix possible access to uninitialized pointer in linux loader
* add grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
* drop superceded grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch
-------------------------------------------------------------------
Thu Sep 18 09:55:57 UTC 2014 - mchang@suse.com
- fix grub.xen not able to handle legacy menu.lst hdX names (bnc#863821)
* add grub2-xen-legacy-config-device-name.patch from arvidjaar
- fix the performance of grub2 uefi pxe is bad (bnc#871555)
* add grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch
-------------------------------------------------------------------
Tue Sep 16 07:08:18 UTC 2014 - schwab@suse.de

View File

@ -116,7 +116,7 @@ Source2: grub.default
Source3: README.openSUSE
Source4: grub2.rpmlintrc
# rsync -Lrtvz translationproject.org::tp/latest/grub/ po
Source5: translations-20130626.tar.xz
Source5: translations-20140921.tar.xz
Source6: grub2-once
Source7: 20_memtest86+
Source10: openSUSE-UEFI-CA-Certificate.crt
@ -153,6 +153,9 @@ Patch42: grub2-btrfs-fix-incorrect-address-reference.patch
Patch43: grub2-mkconfig-aarch64.patch
# Fix build with glibc 2.20+
Patch44: grub2-glibc-2.20.patch
Patch45: grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch
Patch46: grub2-xen-legacy-config-device-name.patch
Patch47: grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
# Btrfs snapshot booting related patches
Patch101: grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
Patch102: grub2-btrfs-02-export-subvolume-envvars.patch
@ -182,7 +185,6 @@ Patch219: grub2-ppc64le-19-Use-FUNC_START-FUNC_END-for-powerpc-function-de
Patch220: grub2-ppc64le-20-.TOC.-symbol-is-special-in-ppc64le-.-It-maps-to-the-.patch
Patch221: grub2-ppc64le-21-the-.toc-section-in-powerpc64le-modules-are-sometime.patch
Patch222: grub2-ppc64le-22-all-parameter-to-firmware-calls-should-to-be-BigEndi.patch
Patch223: grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch
Patch224: grub2-ppc64-build-ppc64-32bit.patch
Patch225: grub2-ppc64-qemu.patch
Patch226: grub2-ppc64le-timeout.patch
@ -356,6 +358,9 @@ mv po/grub.pot po/%{name}.pot
%patch42 -p1
%patch43 -p1
%patch44 -p1
%patch45 -p1
%patch46 -p1
%patch47 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1
@ -383,7 +388,6 @@ mv po/grub.pot po/%{name}.pot
%patch220 -p1
%patch221 -p1
%patch222 -p1
%patch223 -p1
%patch224 -p1
%patch225 -p1
%patch226 -p1

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:ac9fa5275d31678601503640145f329e37142f6d11681a790922926a98e67900
size 431820

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:36885e7f4039a2634a0abeca7f8ab631c32abc5977119eb33c06c752fb3cecc5
size 516764