Accepting request 1138057 from Base:System
OBS-URL: https://build.opensuse.org/request/show/1138057 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=312
This commit is contained in:
commit
acc5d24282
@ -88,7 +88,7 @@ Signed-off-by: Michael Chang <mchang@suse.com>
|
||||
switch (platform)
|
||||
{
|
||||
case GRUB_INSTALL_PLATFORM_I386_EFI:
|
||||
@@ -1454,8 +1493,7 @@
|
||||
@@ -1478,8 +1517,7 @@
|
||||
debug_image);
|
||||
}
|
||||
|
||||
@ -98,7 +98,7 @@ Signed-off-by: Michael Chang <mchang@suse.com>
|
||||
{
|
||||
if (!load_cfg_f)
|
||||
load_cfg_f = grub_util_fopen (load_cfg, "wb");
|
||||
@@ -1669,21 +1707,13 @@
|
||||
@@ -1670,21 +1708,13 @@
|
||||
|
||||
#ifdef __linux__
|
||||
|
||||
@ -124,7 +124,7 @@ Signed-off-by: Michael Chang <mchang@suse.com>
|
||||
|
||||
if (subvol && mount_path)
|
||||
{
|
||||
@@ -1708,11 +1738,6 @@
|
||||
@@ -1709,11 +1739,6 @@
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,35 +0,0 @@
|
||||
From 652b221a5eacb1421891c1469608028e2c2f0615 Mon Sep 17 00:00:00 2001
|
||||
From: Glenn Washburn <development@efficientek.com>
|
||||
Date: Fri, 18 Aug 2023 12:27:22 -0500
|
||||
Subject: [PATCH] disk/cryptodisk: Fix missing change when updating to use
|
||||
grub_uuidcasecmp
|
||||
|
||||
This was causing the cryptomount command to return failure even though
|
||||
the crypto device was successfully added. Of course, this meant that any
|
||||
script using the return code would behave unexpectedly.
|
||||
|
||||
Fixes: 3cf2e848bc03 (disk/cryptodisk: Allows UUIDs to be compared in a dash-insensitive manner)
|
||||
|
||||
Suggested-by: Olaf Hering <olaf@aepfle.de>
|
||||
Signed-off-by: Glenn Washburn <development@efficientek.com>
|
||||
---
|
||||
grub-core/disk/cryptodisk.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
|
||||
index 802b191b2..c79d4125a 100644
|
||||
--- a/grub-core/disk/cryptodisk.c
|
||||
+++ b/grub-core/disk/cryptodisk.c
|
||||
@@ -1323,7 +1323,8 @@ grub_cryptodisk_scan_device (const char *name,
|
||||
dev = grub_cryptodisk_scan_device_real (name, source, cargs);
|
||||
if (dev)
|
||||
{
|
||||
- ret = (cargs->search_uuid != NULL && grub_strcasecmp (cargs->search_uuid, dev->uuid) == 0);
|
||||
+ ret = (cargs->search_uuid != NULL
|
||||
+ && grub_uuidcasecmp (cargs->search_uuid, dev->uuid, sizeof (dev->uuid)) == 0);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
@ -1,33 +0,0 @@
|
||||
From f903b9a9adb64e733e581771d2a24efae7fbe529 Mon Sep 17 00:00:00 2001
|
||||
From: Fabian Vogt <fvogt@suse.de>
|
||||
Date: Thu, 5 Oct 2023 11:02:25 +0200
|
||||
Subject: [PATCH] fs/btrfs: Zero file data not backed by extents
|
||||
|
||||
Implicit holes in file data need to be zeroed explicitly, instead of
|
||||
just leaving the data in the buffer uninitialized.
|
||||
|
||||
This led to kernels randomly failing to boot in "fun" ways when loaded
|
||||
from btrfs with the no_holes feature enabled, because large blocks of
|
||||
zeros in the kernel file contained random data instead.
|
||||
|
||||
Signed-off-by: Fabian Vogt <fvogt@suse.de>
|
||||
---
|
||||
grub-core/fs/btrfs.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/grub-core/fs/btrfs.c b/grub-core/fs/btrfs.c
|
||||
index 19bff4610..ba0c58352 100644
|
||||
--- a/grub-core/fs/btrfs.c
|
||||
+++ b/grub-core/fs/btrfs.c
|
||||
@@ -1603,6 +1603,8 @@ grub_btrfs_extent_read (struct grub_btrfs_data *data,
|
||||
csize = grub_le_to_cpu64 (key_out.offset) - pos;
|
||||
if (csize > len)
|
||||
csize = len;
|
||||
+
|
||||
+ grub_memset (buf, 0, csize);
|
||||
buf += csize;
|
||||
pos += csize;
|
||||
len -= csize;
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,93 +0,0 @@
|
||||
From 43651027d24e62a7a463254165e1e46e42aecdea Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:31:57 +0300
|
||||
Subject: [PATCH 1/6] fs/ntfs: Fix an OOB write when parsing the
|
||||
$ATTRIBUTE_LIST attribute for the $MFT file
|
||||
|
||||
When parsing an extremely fragmented $MFT file, i.e., the file described
|
||||
using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer
|
||||
containing bytes read from the underlying drive to store sector numbers,
|
||||
which are consumed later to read data from these sectors into another buffer.
|
||||
|
||||
These sectors numbers, two 32-bit integers, are always stored at predefined
|
||||
offsets, 0x10 and 0x14, relative to first byte of the selected entry within
|
||||
the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem.
|
||||
|
||||
However, when parsing a specially-crafted file system image, this may cause
|
||||
the NTFS code to write these integers beyond the buffer boundary, likely
|
||||
causing the GRUB memory allocator to misbehave or fail. These integers contain
|
||||
values which are controlled by on-disk structures of the NTFS file system.
|
||||
|
||||
Such modification and resulting misbehavior may touch a memory range not
|
||||
assigned to the GRUB and owned by firmware or another EFI application/driver.
|
||||
|
||||
This fix introduces checks to ensure that these sector numbers are never
|
||||
written beyond the boundary.
|
||||
|
||||
Fixes: CVE-2023-4692
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 18 +++++++++++++++++-
|
||||
1 file changed, 17 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index bbdbe24ad..c3c4db117 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
}
|
||||
if (at->attr_end)
|
||||
{
|
||||
- grub_uint8_t *pa;
|
||||
+ grub_uint8_t *pa, *pa_end;
|
||||
|
||||
at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
|
||||
if (at->emft_buf == NULL)
|
||||
@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
}
|
||||
at->attr_nxt = at->edat_buf;
|
||||
at->attr_end = at->edat_buf + u32at (pa, 0x30);
|
||||
+ pa_end = at->edat_buf + n;
|
||||
}
|
||||
else
|
||||
{
|
||||
at->attr_nxt = at->attr_end + u16at (pa, 0x14);
|
||||
at->attr_end = at->attr_end + u32at (pa, 4);
|
||||
+ pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
|
||||
}
|
||||
at->flags |= GRUB_NTFS_AF_ALST;
|
||||
while (at->attr_nxt < at->attr_end)
|
||||
@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
at->flags |= GRUB_NTFS_AF_GPOS;
|
||||
at->attr_cur = at->attr_nxt;
|
||||
pa = at->attr_cur;
|
||||
+
|
||||
+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
grub_set_unaligned32 ((char *) pa + 0x10,
|
||||
grub_cpu_to_le32 (at->mft->data->mft_start));
|
||||
grub_set_unaligned32 ((char *) pa + 0x14,
|
||||
@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
{
|
||||
if (*pa != attr)
|
||||
break;
|
||||
+
|
||||
+ if ((pa >= pa_end) || (pa_end - pa < 0x18))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list");
|
||||
+ return NULL;
|
||||
+ }
|
||||
+
|
||||
if (read_attr
|
||||
(at, pa + 0x10,
|
||||
u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,51 +0,0 @@
|
||||
From b541e93b4dab6f652941d086af4fe2da676d0ee3 Mon Sep 17 00:00:00 2001
|
||||
From: Lidong Chen <lidong.chen@oracle.com>
|
||||
Date: Thu, 28 Sep 2023 22:33:44 +0000
|
||||
Subject: [PATCH 1/3] fs/xfs: Incorrect short form directory data boundary
|
||||
check
|
||||
|
||||
After parsing of the current entry, the entry pointer is advanced
|
||||
to the next entry at the end of the "for" loop. In case where the
|
||||
last entry is at the end of the data boundary, the advanced entry
|
||||
pointer can point off the data boundary. The subsequent boundary
|
||||
check for the advanced entry pointer can cause a failure.
|
||||
|
||||
The fix is to include the boundary check into the "for" loop
|
||||
condition.
|
||||
|
||||
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
|
||||
Tested-by: Marta Lewandowska <mlewando@redhat.com>
|
||||
---
|
||||
grub-core/fs/xfs.c | 7 ++-----
|
||||
1 file changed, 2 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
|
||||
index b91cd32b4..ebf962793 100644
|
||||
--- a/grub-core/fs/xfs.c
|
||||
+++ b/grub-core/fs/xfs.c
|
||||
@@ -810,7 +810,8 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
if (iterate_dir_call_hook (parent, "..", &ctx))
|
||||
return 1;
|
||||
|
||||
- for (i = 0; i < head->count; i++)
|
||||
+ for (i = 0; i < head->count &&
|
||||
+ (grub_uint8_t *) de < ((grub_uint8_t *) dir + grub_xfs_fshelp_size (dir->data)); i++)
|
||||
{
|
||||
grub_uint64_t ino;
|
||||
grub_uint8_t *inopos = grub_xfs_inline_de_inopos(dir->data, de);
|
||||
@@ -845,10 +846,6 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
de->name[de->len] = c;
|
||||
|
||||
de = grub_xfs_inline_next_de(dir->data, head, de);
|
||||
-
|
||||
- if ((grub_uint8_t *) de >= (grub_uint8_t *) dir + grub_xfs_fshelp_size (dir->data))
|
||||
- return grub_error (GRUB_ERR_BAD_FS, "invalid XFS directory entry");
|
||||
-
|
||||
}
|
||||
break;
|
||||
}
|
||||
--
|
||||
2.42.1
|
||||
|
@ -1,229 +0,0 @@
|
||||
From 4bcf6f747c3ab0b998c6f5a361804e38bc9c4334 Mon Sep 17 00:00:00 2001
|
||||
From: Stefan Berger <stefanb@linux.ibm.com>
|
||||
Date: Wed, 4 Oct 2023 11:32:35 -0400
|
||||
Subject: [PATCH] kern/ieee1275/init: Restrict high memory in presence of
|
||||
fadump on ppc64
|
||||
|
||||
When a kernel dump is present then restrict the high memory regions to
|
||||
avoid allocating memory where the kernel dump resides. Use the
|
||||
ibm,kernel-dump node under /rtas to determine whether a kernel dump
|
||||
exists and up to which limit GRUB can use available memory. Set the
|
||||
upper_mem_limit to the size of the kernel dump section of type
|
||||
REAL_MODE_REGION and therefore only allow GRUB's memory usage for high
|
||||
addresses from RMO_ADDR_MAX to upper_mem_limit. This means that GRUB can
|
||||
use high memory in the range of RMO_ADDR_MAX (768MB) to upper_mem_limit
|
||||
and the kernel-dump memory regions above upper_mem_limit remain
|
||||
untouched. This change has no effect on memory allocations below
|
||||
linux_rmo_save (typically at 640MB).
|
||||
|
||||
Also, fall back to allocating below rmo_linux_save in case the chunk of
|
||||
memory there would be larger than the chunk of memory above RMO_ADDR_MAX.
|
||||
This can for example occur if a free memory area is found starting at 300MB
|
||||
extending up to 1GB but a kernel dump is located at 768MB and therefore
|
||||
does not allow the allocation of the high memory area but requiring to use
|
||||
the chunk starting at 300MB to avoid an unnecessary out-of-memory condition.
|
||||
|
||||
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
||||
Reviewed-by: Hari Bathini <hbathini@linux.ibm.com>
|
||||
Cc: Pavithra Prakash <pavrampu@in.ibm.com>
|
||||
Cc: Michael Ellerman <mpe@ellerman.id.au>
|
||||
Cc: Carolyn Scherrer <cpscherr@us.ibm.com>
|
||||
Cc: Mahesh Salgaonkar <mahesh@linux.ibm.com>
|
||||
Cc: Sourabh Jain <sourabhjain@linux.ibm.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/kern/ieee1275/init.c | 144 ++++++++++++++++++++++++++++++++-
|
||||
1 file changed, 142 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/grub-core/kern/ieee1275/init.c b/grub-core/kern/ieee1275/init.c
|
||||
index bd9a4804b..d6c9c9049 100644
|
||||
--- a/grub-core/kern/ieee1275/init.c
|
||||
+++ b/grub-core/kern/ieee1275/init.c
|
||||
@@ -17,6 +17,8 @@
|
||||
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
+#include <stddef.h> /* offsetof() */
|
||||
+
|
||||
#include <grub/kernel.h>
|
||||
#include <grub/dl.h>
|
||||
#include <grub/disk.h>
|
||||
@@ -196,6 +198,96 @@ grub_claim_heap (void)
|
||||
#else
|
||||
/* Helpers for mm on powerpc. */
|
||||
|
||||
+/* ibm,kernel-dump data structures */
|
||||
+struct kd_section
|
||||
+{
|
||||
+ grub_uint32_t flags;
|
||||
+ grub_uint16_t src_datatype;
|
||||
+#define KD_SRC_DATATYPE_REAL_MODE_REGION 0x0011
|
||||
+ grub_uint16_t error_flags;
|
||||
+ grub_uint64_t src_address;
|
||||
+ grub_uint64_t num_bytes;
|
||||
+ grub_uint64_t act_bytes;
|
||||
+ grub_uint64_t dst_address;
|
||||
+} GRUB_PACKED;
|
||||
+
|
||||
+#define MAX_KD_SECTIONS 10
|
||||
+
|
||||
+struct kernel_dump
|
||||
+{
|
||||
+ grub_uint32_t format;
|
||||
+ grub_uint16_t num_sections;
|
||||
+ grub_uint16_t status_flags;
|
||||
+ grub_uint32_t offset_1st_section;
|
||||
+ grub_uint32_t num_blocks;
|
||||
+ grub_uint64_t start_block;
|
||||
+ grub_uint64_t num_blocks_avail;
|
||||
+ grub_uint32_t offet_path_string;
|
||||
+ grub_uint32_t max_time_allowed;
|
||||
+ struct kd_section kds[MAX_KD_SECTIONS]; /* offset_1st_section should point to kds[0] */
|
||||
+} GRUB_PACKED;
|
||||
+
|
||||
+/*
|
||||
+ * Determine if a kernel dump exists and if it does, then determine the highest
|
||||
+ * address that grub can use for memory allocations.
|
||||
+ * The caller must have initialized *highest to rmo_top. *highest will not
|
||||
+ * be modified if no kernel dump is found.
|
||||
+ */
|
||||
+static void
|
||||
+check_kernel_dump (grub_uint64_t *highest)
|
||||
+{
|
||||
+ struct kernel_dump kernel_dump;
|
||||
+ grub_ssize_t kernel_dump_size;
|
||||
+ grub_ieee1275_phandle_t rtas;
|
||||
+ struct kd_section *kds;
|
||||
+ grub_size_t i;
|
||||
+
|
||||
+ /* If there's a kernel-dump it must have at least one section */
|
||||
+ if (grub_ieee1275_finddevice ("/rtas", &rtas) ||
|
||||
+ grub_ieee1275_get_property (rtas, "ibm,kernel-dump", &kernel_dump,
|
||||
+ sizeof (kernel_dump), &kernel_dump_size) ||
|
||||
+ kernel_dump_size <= (grub_ssize_t) offsetof (struct kernel_dump, kds[1]))
|
||||
+ return;
|
||||
+
|
||||
+ kernel_dump_size = grub_min (kernel_dump_size, (grub_ssize_t) sizeof (kernel_dump));
|
||||
+
|
||||
+ if (grub_be_to_cpu32 (kernel_dump.format) != 1)
|
||||
+ {
|
||||
+ grub_printf (_("Error: ibm,kernel-dump has an unexpected format version '%u'\n"),
|
||||
+ grub_be_to_cpu32 (kernel_dump.format));
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ if (grub_be_to_cpu16 (kernel_dump.num_sections) > MAX_KD_SECTIONS)
|
||||
+ {
|
||||
+ grub_printf (_("Error: Too many kernel dump sections: %d\n"),
|
||||
+ grub_be_to_cpu32 (kernel_dump.num_sections));
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ for (i = 0; i < grub_be_to_cpu16 (kernel_dump.num_sections); i++)
|
||||
+ {
|
||||
+ kds = (struct kd_section *) ((grub_addr_t) &kernel_dump +
|
||||
+ grub_be_to_cpu32 (kernel_dump.offset_1st_section) +
|
||||
+ i * sizeof (struct kd_section));
|
||||
+ /* sanity check the address is within the 'kernel_dump' struct */
|
||||
+ if ((grub_addr_t) kds > (grub_addr_t) &kernel_dump + kernel_dump_size + sizeof (*kds))
|
||||
+ {
|
||||
+ grub_printf (_("Error: 'kds' address beyond last available section\n"));
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ if ((grub_be_to_cpu16 (kds->src_datatype) == KD_SRC_DATATYPE_REAL_MODE_REGION) &&
|
||||
+ (grub_be_to_cpu64 (kds->src_address) == 0))
|
||||
+ {
|
||||
+ *highest = grub_min (*highest, grub_be_to_cpu64 (kds->num_bytes));
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ return;
|
||||
+}
|
||||
+
|
||||
/*
|
||||
* How much memory does OF believe exists in total?
|
||||
*
|
||||
@@ -275,10 +367,31 @@ regions_claim (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
|
||||
*
|
||||
* Finally, we also want to make sure that when grub loads the kernel,
|
||||
* it isn't going to use up all the memory we're trying to reserve! So
|
||||
- * enforce our entire RUNTIME_MIN_SPACE here:
|
||||
+ * enforce our entire RUNTIME_MIN_SPACE here (no fadump):
|
||||
+ *
|
||||
+ * | Top of memory == upper_mem_limit -|
|
||||
+ * | |
|
||||
+ * | available |
|
||||
+ * | |
|
||||
+ * |---------- 768 MB ----------|
|
||||
+ * | |
|
||||
+ * | reserved |
|
||||
+ * | |
|
||||
+ * |--- 768 MB - runtime min space ---|
|
||||
+ * | |
|
||||
+ * | available |
|
||||
+ * | |
|
||||
+ * |---------- 0 MB ----------|
|
||||
+ *
|
||||
+ * In case fadump is used, we allow the following:
|
||||
*
|
||||
* |---------- Top of memory ----------|
|
||||
* | |
|
||||
+ * | unavailable |
|
||||
+ * | (kernel dump area) |
|
||||
+ * | |
|
||||
+ * |--------- upper_mem_limit ---------|
|
||||
+ * | |
|
||||
* | available |
|
||||
* | |
|
||||
* |---------- 768 MB ----------|
|
||||
@@ -333,17 +446,44 @@ regions_claim (grub_uint64_t addr, grub_uint64_t len, grub_memory_type_t type,
|
||||
}
|
||||
else
|
||||
{
|
||||
+ grub_uint64_t upper_mem_limit = rmo_top;
|
||||
+ grub_uint64_t orig_addr = addr;
|
||||
+
|
||||
+ check_kernel_dump (&upper_mem_limit);
|
||||
+
|
||||
/*
|
||||
* we order these cases to prefer higher addresses and avoid some
|
||||
* splitting issues
|
||||
+ * The following shows the order of variables:
|
||||
+ * no kernel dump: linux_rmo_save < RMO_ADDR_MAX <= upper_mem_limit == rmo_top
|
||||
+ * with kernel dump: liuxx_rmo_save < RMO_ADDR_MAX <= upper_mem_limit <= rmo_top
|
||||
*/
|
||||
- if (addr < RMO_ADDR_MAX && (addr + len) > RMO_ADDR_MAX)
|
||||
+ if (addr < RMO_ADDR_MAX && (addr + len) > RMO_ADDR_MAX && upper_mem_limit >= RMO_ADDR_MAX)
|
||||
{
|
||||
grub_dprintf ("ieee1275",
|
||||
"adjusting region for RUNTIME_MIN_SPACE: (%llx -> %llx) -> (%llx -> %llx)\n",
|
||||
addr, addr + len, RMO_ADDR_MAX, addr + len);
|
||||
len = (addr + len) - RMO_ADDR_MAX;
|
||||
addr = RMO_ADDR_MAX;
|
||||
+
|
||||
+ /* We must not exceed the upper_mem_limit (assuming it's >= RMO_ADDR_MAX) */
|
||||
+ if (addr + len > upper_mem_limit)
|
||||
+ {
|
||||
+ /* take the bigger chunk from either below linux_rmo_save or above upper_mem_limit */
|
||||
+ len = upper_mem_limit - addr;
|
||||
+ if (orig_addr < linux_rmo_save && linux_rmo_save - orig_addr > len)
|
||||
+ {
|
||||
+ /* lower part is bigger */
|
||||
+ addr = orig_addr;
|
||||
+ len = linux_rmo_save - addr;
|
||||
+ }
|
||||
+
|
||||
+ grub_dprintf ("ieee1275", "re-adjusted region to: (%llx -> %llx)\n",
|
||||
+ addr, addr + len);
|
||||
+
|
||||
+ if (len == 0)
|
||||
+ return 0;
|
||||
+ }
|
||||
}
|
||||
else if ((addr < linux_rmo_save) && ((addr + len) > linux_rmo_save))
|
||||
{
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,76 +0,0 @@
|
||||
From 1fdc9daf97a1518960e5603dd43a5f353cb3ca89 Mon Sep 17 00:00:00 2001
|
||||
From: Michael Chang <mchang@suse.com>
|
||||
Date: Thu, 30 Nov 2023 13:45:13 +0800
|
||||
Subject: [PATCH 1/2] mkstandalone: ensure stable timestamps for generated
|
||||
images
|
||||
|
||||
This change mirrors a previous fix [1] but is specific to images
|
||||
generated by grub-mkstandalone.
|
||||
|
||||
The former fix (85a7be241) focused on utilizing a stable timestamp
|
||||
during binary generation in the util/mkimage context. This commit
|
||||
extends that approach to the images produced by grub-mkstandalone,
|
||||
ensuring consistency and stability in timestamps across all generated
|
||||
binaries.
|
||||
|
||||
[1] 85a7be241 util/mkimage: Use stable timestamp when generating
|
||||
binaries.
|
||||
|
||||
Signed-off-by: Michael Chang <mchang@suse.com>
|
||||
Signed-off-by: Bernhard Wiedemann <bwiedemann@suse.com>
|
||||
---
|
||||
util/grub-mkstandalone.c | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/util/grub-mkstandalone.c b/util/grub-mkstandalone.c
|
||||
index bdbeea6a6..8e1229925 100644
|
||||
--- a/util/grub-mkstandalone.c
|
||||
+++ b/util/grub-mkstandalone.c
|
||||
@@ -30,6 +30,9 @@
|
||||
#pragma GCC diagnostic error "-Wmissing-prototypes"
|
||||
#pragma GCC diagnostic error "-Wmissing-declarations"
|
||||
|
||||
+/* use 2015-01-01T00:00:00+0000 as a stock timestamp */
|
||||
+#define STABLE_EMBEDDING_TIMESTAMP 1420070400
|
||||
+
|
||||
static char *output_image;
|
||||
static char **files;
|
||||
static int nfiles;
|
||||
@@ -184,7 +187,6 @@ add_tar_file (const char *from,
|
||||
struct head hd;
|
||||
grub_util_fd_t in;
|
||||
ssize_t r;
|
||||
- grub_uint32_t mtime = 0;
|
||||
grub_uint32_t size;
|
||||
|
||||
COMPILE_TIME_ASSERT (sizeof (hd) == 512);
|
||||
@@ -192,8 +194,6 @@ add_tar_file (const char *from,
|
||||
if (grub_util_is_special_file (from))
|
||||
return;
|
||||
|
||||
- mtime = grub_util_get_mtime (from);
|
||||
-
|
||||
optr = tcn = xmalloc (strlen (to) + 1);
|
||||
for (iptr = to; *iptr == '/'; iptr++);
|
||||
for (; *iptr; iptr++)
|
||||
@@ -234,7 +234,7 @@ add_tar_file (const char *from,
|
||||
memcpy (hd.gid, "0001750", 7);
|
||||
|
||||
set_tar_value (hd.size, optr - tcn, 12);
|
||||
- set_tar_value (hd.mtime, mtime, 12);
|
||||
+ set_tar_value (hd.mtime, STABLE_EMBEDDING_TIMESTAMP, 12);
|
||||
hd.typeflag = 'L';
|
||||
memcpy (hd.magic, MAGIC, sizeof (hd.magic));
|
||||
memcpy (hd.uname, "grub", 4);
|
||||
@@ -264,7 +264,7 @@ add_tar_file (const char *from,
|
||||
memcpy (hd.gid, "0001750", 7);
|
||||
|
||||
set_tar_value (hd.size, size, 12);
|
||||
- set_tar_value (hd.mtime, mtime, 12);
|
||||
+ set_tar_value (hd.mtime, STABLE_EMBEDDING_TIMESTAMP, 12);
|
||||
hd.typeflag = '0';
|
||||
memcpy (hd.magic, MAGIC, sizeof (hd.magic));
|
||||
memcpy (hd.uname, "grub", 4);
|
||||
--
|
||||
2.43.0
|
||||
|
@ -39,17 +39,15 @@ Signed-off-by: Michael Chang <mchang@suse.com>
|
||||
{
|
||||
--- a/grub-core/net/http.c
|
||||
+++ b/grub-core/net/http.c
|
||||
@@ -31,7 +31,8 @@
|
||||
@@ -30,6 +30,7 @@
|
||||
GRUB_MOD_LICENSE ("GPLv3+");
|
||||
|
||||
enum
|
||||
#define HTTP_PORT ((grub_uint16_t) 80)
|
||||
+#define HTTP_MAX_CHUNK_SIZE GRUB_INT_MAX
|
||||
|
||||
typedef struct http_data
|
||||
{
|
||||
- HTTP_PORT = 80
|
||||
+ HTTP_PORT = 80,
|
||||
+ HTTP_MAX_CHUNK_SIZE = GRUB_INT_MAX
|
||||
};
|
||||
|
||||
|
||||
@@ -86,6 +87,8 @@
|
||||
@@ -82,6 +83,8 @@
|
||||
if (data->in_chunk_len == 2)
|
||||
{
|
||||
data->chunk_rem = grub_strtoul (ptr, 0, 16);
|
||||
|
@ -1,58 +0,0 @@
|
||||
From 0ed2458cc4eff6d9a9199527e2a0b6d445802f94 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:32:33 +0300
|
||||
Subject: [PATCH 2/6] fs/ntfs: Fix an OOB read when reading data from the
|
||||
resident $DATA attribute
|
||||
|
||||
When reading a file containing resident data, i.e., the file data is stored in
|
||||
the $DATA attribute within the NTFS file record, not in external clusters,
|
||||
there are no checks that this resident data actually fits the corresponding
|
||||
file record segment.
|
||||
|
||||
When parsing a specially-crafted file system image, the current NTFS code will
|
||||
read the file data from an arbitrary, attacker-chosen memory offset and of
|
||||
arbitrary, attacker-chosen length.
|
||||
|
||||
This allows an attacker to display arbitrary chunks of memory, which could
|
||||
contain sensitive information like password hashes or even plain-text,
|
||||
obfuscated passwords from BS EFI variables.
|
||||
|
||||
This fix implements a check to ensure that resident data is read from the
|
||||
corresponding file record segment only.
|
||||
|
||||
Fixes: CVE-2023-4693
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index c3c4db117..a68e173d8 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -401,7 +401,18 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
|
||||
{
|
||||
if (ofs + len > u32at (pa, 0x10))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "read out of range");
|
||||
- grub_memcpy (dest, pa + u32at (pa, 0x14) + ofs, len);
|
||||
+
|
||||
+ if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
|
||||
+
|
||||
+ if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
+
|
||||
+ if (u16at (pa, 0x14) + u32at (pa, 0x10) >
|
||||
+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
|
||||
+ return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
+
|
||||
+ grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
|
||||
return 0;
|
||||
}
|
||||
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,171 +0,0 @@
|
||||
From 4a6a5c4a6bb2426235364be9f3698763ddcf4775 Mon Sep 17 00:00:00 2001
|
||||
From: Jon DeVree <nuxi@vault24.org>
|
||||
Date: Tue, 17 Oct 2023 23:03:47 -0400
|
||||
Subject: [PATCH 2/3] fs/xfs: Fix XFS directory extent parsing
|
||||
|
||||
The XFS directory entry parsing code has never been completely correct
|
||||
for extent based directories. The parser correctly handles the case
|
||||
where the directory is contained in a single extent, but then mistakenly
|
||||
assumes the data blocks for the multiple extent case are each identical
|
||||
to the single extent case. The difference in the format of the data
|
||||
blocks between the two cases is tiny enough that its gone unnoticed for
|
||||
a very long time.
|
||||
|
||||
A recent change introduced some additional bounds checking into the XFS
|
||||
parser. Like GRUB's existing parser, it is correct for the single extent
|
||||
case but incorrect for the multiple extent case. When parsing a directory
|
||||
with multiple extents, this new bounds checking is sometimes (but not
|
||||
always) tripped and triggers an "invalid XFS directory entry" error. This
|
||||
probably would have continued to go unnoticed but the /boot/grub/<arch>
|
||||
directory is large enough that it often has multiple extents.
|
||||
|
||||
The difference between the two cases is that when there are multiple
|
||||
extents, the data blocks do not contain a trailer nor do they contain
|
||||
any leaf information. That information is stored in a separate set of
|
||||
extents dedicated to just the leaf information. These extents come after
|
||||
the directory entry extents and are not included in the inode size. So
|
||||
the existing parser already ignores the leaf extents.
|
||||
|
||||
The only reason to read the trailer/leaf information at all is so that
|
||||
the parser can avoid misinterpreting that data as directory entries. So
|
||||
this updates the parser as follows:
|
||||
|
||||
For the single extent case the parser doesn't change much:
|
||||
1. Read the size of the leaf information from the trailer
|
||||
2. Set the end pointer for the parser to the start of the leaf
|
||||
information. (The previous bounds checking set the end pointer to the
|
||||
start of the trailer, so this is actually a small improvement.)
|
||||
3. Set the entries variable to the expected number of directory entries.
|
||||
|
||||
For the multiple extent case:
|
||||
1. Set the end pointer to the end of the block.
|
||||
2. Do not set up the entries variable. Figuring out how many entries are
|
||||
in each individual block is complex and does not seem worth it when
|
||||
it appears to be safe to just iterate over the entire block.
|
||||
|
||||
The bounds check itself was also dependent upon the faulty XFS parser
|
||||
because it accidentally used "filename + length - 1". Presumably this
|
||||
was able to pass the fuzzer because in the old parser there was always
|
||||
8 bytes of slack space between the tail pointer and the actual end of
|
||||
the block. Since this is no longer the case the bounds check needs to be
|
||||
updated to "filename + length + 1" in order to prevent a regression in
|
||||
the handling of corrupt fliesystems.
|
||||
|
||||
Notes:
|
||||
* When there is only one extent there will only ever be one block. If
|
||||
more than one block is required then XFS will always switch to holding
|
||||
leaf information in a separate extent.
|
||||
* B-tree based directories seems to be parsed properly by the same code
|
||||
that handles multiple extents. This is unlikely to ever occur within
|
||||
/boot though because its only used when there are an extremely large
|
||||
number of directory entries.
|
||||
|
||||
Fixes: ef7850c75 (fs/xfs: Fix issues found while fuzzing the XFS filesystem)
|
||||
Fixes: b2499b29c (Adds support for the XFS filesystem.)
|
||||
Fixes: https://savannah.gnu.org/bugs/?64376
|
||||
|
||||
Signed-off-by: Jon DeVree <nuxi@vault24.org>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
Tested-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
|
||||
Tested-by: Marta Lewandowska <mlewando@redhat.com>
|
||||
---
|
||||
grub-core/fs/xfs.c | 52 +++++++++++++++++++++++++++++++++-------------
|
||||
1 file changed, 38 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
|
||||
index ebf962793..18edfcff4 100644
|
||||
--- a/grub-core/fs/xfs.c
|
||||
+++ b/grub-core/fs/xfs.c
|
||||
@@ -223,6 +223,12 @@ struct grub_xfs_inode
|
||||
/* Size of struct grub_xfs_inode v2, up to unused4 member included. */
|
||||
#define XFS_V2_INODE_SIZE (XFS_V3_INODE_SIZE - 76)
|
||||
|
||||
+struct grub_xfs_dir_leaf_entry
|
||||
+{
|
||||
+ grub_uint32_t hashval;
|
||||
+ grub_uint32_t address;
|
||||
+} GRUB_PACKED;
|
||||
+
|
||||
struct grub_xfs_dirblock_tail
|
||||
{
|
||||
grub_uint32_t leaf_count;
|
||||
@@ -874,9 +880,8 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
{
|
||||
struct grub_xfs_dir2_entry *direntry =
|
||||
grub_xfs_first_de(dir->data, dirblock);
|
||||
- int entries;
|
||||
- struct grub_xfs_dirblock_tail *tail =
|
||||
- grub_xfs_dir_tail(dir->data, dirblock);
|
||||
+ int entries = -1;
|
||||
+ char *end = dirblock + dirblk_size;
|
||||
|
||||
numread = grub_xfs_read_file (dir, 0, 0,
|
||||
blk << dirblk_log2,
|
||||
@@ -887,14 +892,27 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
return 0;
|
||||
}
|
||||
|
||||
- entries = (grub_be_to_cpu32 (tail->leaf_count)
|
||||
- - grub_be_to_cpu32 (tail->leaf_stale));
|
||||
+ /*
|
||||
+ * Leaf and tail information are only in the data block if the number
|
||||
+ * of extents is 1.
|
||||
+ */
|
||||
+ if (dir->inode.nextents == grub_cpu_to_be32_compile_time (1))
|
||||
+ {
|
||||
+ struct grub_xfs_dirblock_tail *tail = grub_xfs_dir_tail (dir->data, dirblock);
|
||||
+
|
||||
+ end = (char *) tail;
|
||||
+
|
||||
+ /* Subtract the space used by leaf nodes. */
|
||||
+ end -= grub_be_to_cpu32 (tail->leaf_count) * sizeof (struct grub_xfs_dir_leaf_entry);
|
||||
|
||||
- if (!entries)
|
||||
- continue;
|
||||
+ entries = grub_be_to_cpu32 (tail->leaf_count) - grub_be_to_cpu32 (tail->leaf_stale);
|
||||
+
|
||||
+ if (!entries)
|
||||
+ continue;
|
||||
+ }
|
||||
|
||||
/* Iterate over all entries within this block. */
|
||||
- while ((char *)direntry < (char *)tail)
|
||||
+ while ((char *) direntry < (char *) end)
|
||||
{
|
||||
grub_uint8_t *freetag;
|
||||
char *filename;
|
||||
@@ -914,7 +932,7 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
}
|
||||
|
||||
filename = (char *)(direntry + 1);
|
||||
- if (filename + direntry->len - 1 > (char *) tail)
|
||||
+ if (filename + direntry->len + 1 > (char *) end)
|
||||
return grub_error (GRUB_ERR_BAD_FS, "invalid XFS directory entry");
|
||||
|
||||
/* The byte after the filename is for the filetype, padding, or
|
||||
@@ -928,11 +946,17 @@ grub_xfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
return 1;
|
||||
}
|
||||
|
||||
- /* Check if last direntry in this block is
|
||||
- reached. */
|
||||
- entries--;
|
||||
- if (!entries)
|
||||
- break;
|
||||
+ /*
|
||||
+ * The expected number of directory entries is only tracked for the
|
||||
+ * single extent case.
|
||||
+ */
|
||||
+ if (dir->inode.nextents == grub_cpu_to_be32_compile_time (1))
|
||||
+ {
|
||||
+ /* Check if last direntry in this block is reached. */
|
||||
+ entries--;
|
||||
+ if (!entries)
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
/* Select the next directory entry. */
|
||||
direntry = grub_xfs_next_de(dir->data, direntry);
|
||||
--
|
||||
2.42.1
|
||||
|
@ -1,75 +0,0 @@
|
||||
From bb9bbe0f66a8462a1b2477fbc2aa1d70973035d4 Mon Sep 17 00:00:00 2001
|
||||
From: Michael Chang <mchang@suse.com>
|
||||
Date: Thu, 30 Nov 2023 16:30:45 +0800
|
||||
Subject: [PATCH 2/2] mkstandalone: ensure deterministic tar file creation by
|
||||
sorting contents
|
||||
|
||||
The add_tar_files() function currently iterates through a directory's
|
||||
content using readdir(), which doesn't guarantee a specific order. This
|
||||
lack of deterministic behavior impacts reproducibility in the build
|
||||
process.
|
||||
|
||||
This commit resolves the issue by introducing sorting functionality. The
|
||||
list retrieved by readdir() is now sorted alphabetically before
|
||||
incorporation into the tar archive, ensuring consistent and predictable
|
||||
file ordering within the archive.
|
||||
|
||||
Signed-off-by: Michael Chang <mchang@suse.com>
|
||||
Signed-off-by: Bernhard Wiedemann <bwiedemann@suse.com>
|
||||
---
|
||||
util/grub-mkstandalone.c | 26 +++++++++++++++++++++++---
|
||||
1 file changed, 23 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/util/grub-mkstandalone.c b/util/grub-mkstandalone.c
|
||||
index 8e1229925..e4b5bcab4 100644
|
||||
--- a/util/grub-mkstandalone.c
|
||||
+++ b/util/grub-mkstandalone.c
|
||||
@@ -205,22 +205,42 @@ add_tar_file (const char *from,
|
||||
{
|
||||
grub_util_fd_dir_t d;
|
||||
grub_util_fd_dirent_t de;
|
||||
+ char **from_files;
|
||||
+ grub_size_t alloc = 8, used = 0;
|
||||
+ grub_size_t i;
|
||||
|
||||
d = grub_util_fd_opendir (from);
|
||||
|
||||
+ from_files = xmalloc (alloc * sizeof (*from_files));
|
||||
while ((de = grub_util_fd_readdir (d)))
|
||||
{
|
||||
- char *fp, *tfp;
|
||||
if (strcmp (de->d_name, ".") == 0)
|
||||
continue;
|
||||
if (strcmp (de->d_name, "..") == 0)
|
||||
continue;
|
||||
- fp = grub_util_path_concat (2, from, de->d_name);
|
||||
- tfp = xasprintf ("%s/%s", to, de->d_name);
|
||||
+ if (alloc <= used)
|
||||
+ {
|
||||
+ alloc <<= 1;
|
||||
+ from_files = xrealloc (from_files, alloc * sizeof (*from_files));
|
||||
+ }
|
||||
+ from_files[used++] = xstrdup(de->d_name);
|
||||
+ }
|
||||
+ qsort (from_files, used, sizeof (*from_files), grub_qsort_strcmp);
|
||||
+
|
||||
+ for (i = 0; i < used; i++)
|
||||
+ {
|
||||
+ char *fp, *tfp;
|
||||
+
|
||||
+ fp = grub_util_path_concat (2, from, from_files[i]);
|
||||
+ tfp = xasprintf ("%s/%s", to, from_files[i]);
|
||||
add_tar_file (fp, tfp);
|
||||
+ free (tfp);
|
||||
free (fp);
|
||||
+ free (from_files[i]);
|
||||
}
|
||||
+
|
||||
grub_util_fd_closedir (d);
|
||||
+ free (from_files);
|
||||
free (tcn);
|
||||
return;
|
||||
}
|
||||
--
|
||||
2.43.0
|
||||
|
@ -232,20 +232,18 @@ Signed-off-by: Peter Jones <pjones@redhat.com>
|
||||
grub_efi_free_pages((grub_efi_physical_address_t)(grub_addr_t)kernel_mem, BYTES_TO_PAGES(kernel_size));
|
||||
--- a/include/grub/i386/linux.h
|
||||
+++ b/include/grub/i386/linux.h
|
||||
@@ -138,7 +138,12 @@
|
||||
@@ -148,6 +148,11 @@
|
||||
grub_uint32_t kernel_alignment;
|
||||
grub_uint8_t relocatable;
|
||||
grub_uint8_t min_alignment;
|
||||
- grub_uint8_t pad[2];
|
||||
+#define LINUX_XLF_KERNEL_64 (1<<0)
|
||||
+#define LINUX_XLF_CAN_BE_LOADED_ABOVE_4G (1<<1)
|
||||
+#define LINUX_XLF_EFI_HANDOVER_32 (1<<2)
|
||||
+#define LINUX_XLF_EFI_HANDOVER_64 (1<<3)
|
||||
+#define LINUX_XLF_EFI_KEXEC (1<<4)
|
||||
+ grub_uint16_t xloadflags;
|
||||
grub_uint16_t xloadflags;
|
||||
grub_uint32_t cmdline_size;
|
||||
grub_uint32_t hardware_subarch;
|
||||
grub_uint64_t hardware_subarch_data;
|
||||
--- a/grub-core/loader/efi/linux_boot.c
|
||||
+++ b/grub-core/loader/efi/linux_boot.c
|
||||
@@ -30,11 +30,16 @@
|
||||
|
@ -1,73 +0,0 @@
|
||||
From 7e5f031a6a6a3decc2360a7b0c71abbe598e7354 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:33:17 +0300
|
||||
Subject: [PATCH 3/6] fs/ntfs: Fix an OOB read when parsing directory entries
|
||||
from resident and non-resident index attributes
|
||||
|
||||
This fix introduces checks to ensure that index entries are never read
|
||||
beyond the corresponding directory index.
|
||||
|
||||
The lack of this check is a minor issue, likely not exploitable in any way.
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 13 +++++++++++--
|
||||
1 file changed, 11 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index a68e173d8..2d78b96e1 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -599,7 +599,7 @@ get_utf8 (grub_uint8_t *in, grub_size_t len)
|
||||
}
|
||||
|
||||
static int
|
||||
-list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
|
||||
+list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos, grub_uint8_t *end_pos,
|
||||
grub_fshelp_iterate_dir_hook_t hook, void *hook_data)
|
||||
{
|
||||
grub_uint8_t *np;
|
||||
@@ -610,6 +610,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
|
||||
grub_uint8_t namespace;
|
||||
char *ustr;
|
||||
|
||||
+ if ((pos >= end_pos) || (end_pos - pos < 0x52))
|
||||
+ break;
|
||||
+
|
||||
if (pos[0xC] & 2) /* end signature */
|
||||
break;
|
||||
|
||||
@@ -617,6 +620,9 @@ list_file (struct grub_ntfs_file *diro, grub_uint8_t *pos,
|
||||
ns = *(np++);
|
||||
namespace = *(np++);
|
||||
|
||||
+ if (2 * ns > end_pos - pos - 0x52)
|
||||
+ break;
|
||||
+
|
||||
/*
|
||||
* Ignore files in DOS namespace, as they will reappear as Win32
|
||||
* names.
|
||||
@@ -806,7 +812,9 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
}
|
||||
|
||||
cur_pos += 0x10; /* Skip index root */
|
||||
- ret = list_file (mft, cur_pos + u16at (cur_pos, 0), hook, hook_data);
|
||||
+ ret = list_file (mft, cur_pos + u16at (cur_pos, 0),
|
||||
+ at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR),
|
||||
+ hook, hook_data);
|
||||
if (ret)
|
||||
goto done;
|
||||
|
||||
@@ -893,6 +901,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
(const grub_uint8_t *) "INDX")))
|
||||
goto done;
|
||||
ret = list_file (mft, &indx[0x18 + u16at (indx, 0x18)],
|
||||
+ indx + (mft->data->idx_size << GRUB_NTFS_BLK_SHR),
|
||||
hook, hook_data);
|
||||
if (ret)
|
||||
goto done;
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,115 +0,0 @@
|
||||
From e7b1a524d5f86dcfddfbb069577e3b148dbb19cd Mon Sep 17 00:00:00 2001
|
||||
From: Anthony Iliopoulos via Grub-devel <grub-devel@gnu.org>
|
||||
Date: Thu, 26 Oct 2023 11:53:39 +0200
|
||||
Subject: [PATCH 3/3] fs/xfs: add large extent counters incompat feature
|
||||
support
|
||||
|
||||
XFS introduced 64-bit extent counters for inodes via a series of
|
||||
upstream commits, and the feature was marked as stable in v6.5 via
|
||||
commit 61d7e8274cd8 ("xfs: drop EXPERIMENTAL tag for large extent
|
||||
counts").
|
||||
|
||||
Further, xfsprogs release v6.5.0 switched this feature on by default in
|
||||
mkfs.xfs via commit e5b18d7d1d96 ("mkfs: enable large extent counts by
|
||||
default").
|
||||
|
||||
Filesystems formatted with large extent count support (nrext64=1) are
|
||||
thus currently not recognizable by grub, since this is an incompat
|
||||
feature. Add the required support so that those filesystems and inodes
|
||||
with large extent counters can be read by grub.
|
||||
|
||||
Signed-off-by: Anthony Iliopoulos <ailiop@suse.com>
|
||||
---
|
||||
grub-core/fs/xfs.c | 30 +++++++++++++++++++++++++-----
|
||||
1 file changed, 25 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c
|
||||
index 18edfcff4..bc2224dbb 100644
|
||||
--- a/grub-core/fs/xfs.c
|
||||
+++ b/grub-core/fs/xfs.c
|
||||
@@ -79,6 +79,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
|
||||
/* Inode flags2 flags */
|
||||
#define XFS_DIFLAG2_BIGTIME_BIT 3
|
||||
#define XFS_DIFLAG2_BIGTIME (1 << XFS_DIFLAG2_BIGTIME_BIT)
|
||||
+#define XFS_DIFLAG2_NREXT64_BIT 4
|
||||
+#define XFS_DIFLAG2_NREXT64 (1 << XFS_DIFLAG2_NREXT64_BIT)
|
||||
|
||||
/* incompat feature flags */
|
||||
#define XFS_SB_FEAT_INCOMPAT_FTYPE (1 << 0) /* filetype in dirent */
|
||||
@@ -86,6 +88,7 @@ GRUB_MOD_LICENSE ("GPLv3+");
|
||||
#define XFS_SB_FEAT_INCOMPAT_META_UUID (1 << 2) /* metadata UUID */
|
||||
#define XFS_SB_FEAT_INCOMPAT_BIGTIME (1 << 3) /* large timestamps */
|
||||
#define XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR (1 << 4) /* needs xfs_repair */
|
||||
+#define XFS_SB_FEAT_INCOMPAT_NREXT64 (1 << 5) /* large extent counters */
|
||||
|
||||
/*
|
||||
* Directory entries with ftype are explicitly handled by GRUB code.
|
||||
@@ -101,7 +104,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
|
||||
XFS_SB_FEAT_INCOMPAT_SPINODES | \
|
||||
XFS_SB_FEAT_INCOMPAT_META_UUID | \
|
||||
XFS_SB_FEAT_INCOMPAT_BIGTIME | \
|
||||
- XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR)
|
||||
+ XFS_SB_FEAT_INCOMPAT_NEEDSREPAIR | \
|
||||
+ XFS_SB_FEAT_INCOMPAT_NREXT64)
|
||||
|
||||
struct grub_xfs_sblock
|
||||
{
|
||||
@@ -203,7 +207,8 @@ struct grub_xfs_inode
|
||||
grub_uint16_t mode;
|
||||
grub_uint8_t version;
|
||||
grub_uint8_t format;
|
||||
- grub_uint8_t unused2[26];
|
||||
+ grub_uint8_t unused2[18];
|
||||
+ grub_uint64_t nextents_big;
|
||||
grub_uint64_t atime;
|
||||
grub_uint64_t mtime;
|
||||
grub_uint64_t ctime;
|
||||
@@ -545,11 +550,26 @@ get_fsb (const void *keys, int idx)
|
||||
return grub_be_to_cpu64 (grub_get_unaligned64 (p));
|
||||
}
|
||||
|
||||
+static int
|
||||
+grub_xfs_inode_has_large_extent_counts (const struct grub_xfs_inode *inode)
|
||||
+{
|
||||
+ return inode->version >= 3 &&
|
||||
+ (inode->flags2 & grub_cpu_to_be64_compile_time (XFS_DIFLAG2_NREXT64));
|
||||
+}
|
||||
+
|
||||
+static grub_uint64_t
|
||||
+grub_xfs_get_inode_nextents (struct grub_xfs_inode *inode)
|
||||
+{
|
||||
+ return (grub_xfs_inode_has_large_extent_counts (inode)) ?
|
||||
+ grub_be_to_cpu64 (inode->nextents_big) :
|
||||
+ grub_be_to_cpu32 (inode->nextents);
|
||||
+}
|
||||
+
|
||||
static grub_disk_addr_t
|
||||
grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
|
||||
{
|
||||
struct grub_xfs_btree_node *leaf = 0;
|
||||
- int ex, nrec;
|
||||
+ grub_uint64_t ex, nrec;
|
||||
struct grub_xfs_extent *exts;
|
||||
grub_uint64_t ret = 0;
|
||||
|
||||
@@ -574,7 +594,7 @@ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
|
||||
/ (2 * sizeof (grub_uint64_t));
|
||||
do
|
||||
{
|
||||
- int i;
|
||||
+ grub_uint64_t i;
|
||||
|
||||
for (i = 0; i < nrec; i++)
|
||||
{
|
||||
@@ -621,7 +641,7 @@ grub_xfs_read_block (grub_fshelp_node_t node, grub_disk_addr_t fileblock)
|
||||
grub_addr_t exts_end = 0;
|
||||
grub_addr_t data_end = 0;
|
||||
|
||||
- nrec = grub_be_to_cpu32 (node->inode.nextents);
|
||||
+ nrec = grub_xfs_get_inode_nextents (&node->inode);
|
||||
exts = (struct grub_xfs_extent *) grub_xfs_inode_data(&node->inode);
|
||||
|
||||
if (grub_mul (sizeof (struct grub_xfs_extent), nrec, &exts_end) ||
|
||||
--
|
||||
2.42.1
|
||||
|
@ -127,21 +127,20 @@ Platform Reference (PAPR).
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
@@ -666,10 +674,11 @@
|
||||
" --output '%s' "
|
||||
" --dtb '%s' "
|
||||
"--sbat '%s' "
|
||||
@@ -679,9 +687,11 @@
|
||||
*p = '\0';
|
||||
|
||||
grub_util_info ("grub-mkimage --directory '%s' --prefix '%s' --output '%s'"
|
||||
- " --format '%s' --compression '%s'%s%s%s\n",
|
||||
+ " --format '%s' --compression '%s'"
|
||||
+ " --appended-signature-size %zu%s%s%s\n",
|
||||
dir, prefix,
|
||||
outname, dtb ? : "", sbat ? : "", mkimage_target,
|
||||
- compnames[compression], note ? "--note" : "",
|
||||
+ compnames[compression], appsig_size, note ? "--note" : "",
|
||||
dir, prefix, outname,
|
||||
mkimage_target, compnames[compression],
|
||||
+ appsig_size,
|
||||
note ? " --note" : "",
|
||||
disable_shim_lock ? " --disable-shim-lock" : "", s);
|
||||
free (s);
|
||||
|
||||
@@ -680,7 +689,7 @@
|
||||
@@ -693,7 +703,7 @@
|
||||
grub_install_generate_image (dir, prefix, fp, outname,
|
||||
modules.entries, memdisk_path,
|
||||
pubkeys, npubkeys, config_path, tgt,
|
||||
|
@ -1,51 +0,0 @@
|
||||
From 7a5a116739fa6d8a625da7d6b9272c9a2462f967 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:33:44 +0300
|
||||
Subject: [PATCH 4/6] fs/ntfs: Fix an OOB read when parsing bitmaps for index
|
||||
attributes
|
||||
|
||||
This fix introduces checks to ensure that bitmaps for directory indices
|
||||
are never read beyond their actual sizes.
|
||||
|
||||
The lack of this check is a minor issue, likely not exploitable in any way.
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 19 +++++++++++++++++++
|
||||
1 file changed, 19 insertions(+)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index 2d78b96e1..bb70c89fb 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -843,6 +843,25 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
|
||||
if (is_resident)
|
||||
{
|
||||
+ if (bitmap_len > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap too large");
|
||||
+ goto done;
|
||||
+ }
|
||||
+
|
||||
+ if (cur_pos >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
|
||||
+ goto done;
|
||||
+ }
|
||||
+
|
||||
+ if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) >
|
||||
+ (grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos)
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
|
||||
+ goto done;
|
||||
+ }
|
||||
+
|
||||
grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14),
|
||||
bitmap_len);
|
||||
}
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,61 +0,0 @@
|
||||
From 1fe82c41e070385e273d7bb1cfb482627a3c28e8 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:38:19 +0300
|
||||
Subject: [PATCH 5/6] fs/ntfs: Fix an OOB read when parsing a volume label
|
||||
|
||||
This fix introduces checks to ensure that an NTFS volume label is always
|
||||
read from the corresponding file record segment.
|
||||
|
||||
The current NTFS code allows the volume label string to be read from an
|
||||
arbitrary, attacker-chosen memory location. However, the bytes read are
|
||||
always treated as UTF-16LE. So, the final string displayed is mostly
|
||||
unreadable and it can't be easily converted back to raw bytes.
|
||||
|
||||
The lack of this check is a minor issue, likely not causing a significant
|
||||
data leak.
|
||||
|
||||
Reported-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 18 +++++++++++++++++-
|
||||
1 file changed, 17 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index bb70c89fb..ff5e3740f 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -1213,13 +1213,29 @@ grub_ntfs_label (grub_device_t device, char **label)
|
||||
|
||||
init_attr (&mft->attr, mft);
|
||||
pa = find_attr (&mft->attr, GRUB_NTFS_AT_VOLUME_NAME);
|
||||
+
|
||||
+ if (pa >= mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
|
||||
+ goto fail;
|
||||
+ }
|
||||
+
|
||||
+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa < 0x16)
|
||||
+ {
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
|
||||
+ goto fail;
|
||||
+ }
|
||||
+
|
||||
if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10)))
|
||||
{
|
||||
int len;
|
||||
|
||||
len = u32at (pa, 0x10) / 2;
|
||||
pa += u16at (pa, 0x14);
|
||||
- *label = get_utf8 (pa, len);
|
||||
+ if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len)
|
||||
+ *label = get_utf8 (pa, len);
|
||||
+ else
|
||||
+ grub_error (GRUB_ERR_BAD_FS, "can\'t parse volume label");
|
||||
}
|
||||
|
||||
fail:
|
||||
--
|
||||
2.42.0
|
||||
|
@ -1,159 +0,0 @@
|
||||
From e58b870ff926415e23fc386af41ff81b2f588763 Mon Sep 17 00:00:00 2001
|
||||
From: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Date: Mon, 28 Aug 2023 16:40:07 +0300
|
||||
Subject: [PATCH 6/6] fs/ntfs: Make code more readable
|
||||
|
||||
Move some calls used to access NTFS attribute header fields into
|
||||
functions with human-readable names.
|
||||
|
||||
Suggested-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/fs/ntfs.c | 48 +++++++++++++++++++++++++++++++--------------
|
||||
1 file changed, 33 insertions(+), 15 deletions(-)
|
||||
|
||||
diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c
|
||||
index ff5e3740f..de435aa14 100644
|
||||
--- a/grub-core/fs/ntfs.c
|
||||
+++ b/grub-core/fs/ntfs.c
|
||||
@@ -52,6 +52,24 @@ u64at (void *ptr, grub_size_t ofs)
|
||||
return grub_le_to_cpu64 (grub_get_unaligned64 ((char *) ptr + ofs));
|
||||
}
|
||||
|
||||
+static grub_uint16_t
|
||||
+first_attr_off (void *mft_buf_ptr)
|
||||
+{
|
||||
+ return u16at (mft_buf_ptr, 0x14);
|
||||
+}
|
||||
+
|
||||
+static grub_uint16_t
|
||||
+res_attr_data_off (void *res_attr_ptr)
|
||||
+{
|
||||
+ return u16at (res_attr_ptr, 0x14);
|
||||
+}
|
||||
+
|
||||
+static grub_uint32_t
|
||||
+res_attr_data_len (void *res_attr_ptr)
|
||||
+{
|
||||
+ return u32at (res_attr_ptr, 0x10);
|
||||
+}
|
||||
+
|
||||
grub_ntfscomp_func_t grub_ntfscomp_func;
|
||||
|
||||
static grub_err_t
|
||||
@@ -106,7 +124,7 @@ init_attr (struct grub_ntfs_attr *at, struct grub_ntfs_file *mft)
|
||||
{
|
||||
at->mft = mft;
|
||||
at->flags = (mft == &mft->data->mmft) ? GRUB_NTFS_AF_MMFT : 0;
|
||||
- at->attr_nxt = mft->buf + u16at (mft->buf, 0x14);
|
||||
+ at->attr_nxt = mft->buf + first_attr_off (mft->buf);
|
||||
at->attr_end = at->emft_buf = at->edat_buf = at->sbuf = NULL;
|
||||
}
|
||||
|
||||
@@ -154,7 +172,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
- new_pos = &at->emft_buf[u16at (at->emft_buf, 0x14)];
|
||||
+ new_pos = &at->emft_buf[first_attr_off (at->emft_buf)];
|
||||
while (*new_pos != 0xFF)
|
||||
{
|
||||
if ((*new_pos == *at->attr_cur)
|
||||
@@ -213,7 +231,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr)
|
||||
}
|
||||
else
|
||||
{
|
||||
- at->attr_nxt = at->attr_end + u16at (pa, 0x14);
|
||||
+ at->attr_nxt = at->attr_end + res_attr_data_off (pa);
|
||||
at->attr_end = at->attr_end + u32at (pa, 4);
|
||||
pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR);
|
||||
}
|
||||
@@ -399,20 +417,20 @@ read_data (struct grub_ntfs_attr *at, grub_uint8_t *pa, grub_uint8_t *dest,
|
||||
|
||||
if (pa[8] == 0)
|
||||
{
|
||||
- if (ofs + len > u32at (pa, 0x10))
|
||||
+ if (ofs + len > res_attr_data_len (pa))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "read out of range");
|
||||
|
||||
- if (u32at (pa, 0x10) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
+ if (res_attr_data_len (pa) > (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "resident attribute too large");
|
||||
|
||||
if (pa >= at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR))
|
||||
return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
|
||||
- if (u16at (pa, 0x14) + u32at (pa, 0x10) >
|
||||
+ if (res_attr_data_off (pa) + res_attr_data_len (pa) >
|
||||
(grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) pa)
|
||||
return grub_error (GRUB_ERR_BAD_FS, "resident attribute out of range");
|
||||
|
||||
- grub_memcpy (dest, pa + u16at (pa, 0x14) + ofs, len);
|
||||
+ grub_memcpy (dest, pa + res_attr_data_off (pa) + ofs, len);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -556,7 +574,7 @@ init_file (struct grub_ntfs_file *mft, grub_uint64_t mftno)
|
||||
(unsigned long long) mftno);
|
||||
|
||||
if (!pa[8])
|
||||
- mft->size = u32at (pa, 0x10);
|
||||
+ mft->size = res_attr_data_len (pa);
|
||||
else
|
||||
mft->size = u64at (pa, 0x30);
|
||||
|
||||
@@ -805,7 +823,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
(u32at (cur_pos, 0x18) != 0x490024) ||
|
||||
(u32at (cur_pos, 0x1C) != 0x300033))
|
||||
continue;
|
||||
- cur_pos += u16at (cur_pos, 0x14);
|
||||
+ cur_pos += res_attr_data_off (cur_pos);
|
||||
if (*cur_pos != 0x30) /* Not filename index */
|
||||
continue;
|
||||
break;
|
||||
@@ -834,7 +852,7 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
{
|
||||
int is_resident = (cur_pos[8] == 0);
|
||||
|
||||
- bitmap_len = ((is_resident) ? u32at (cur_pos, 0x10) :
|
||||
+ bitmap_len = ((is_resident) ? res_attr_data_len (cur_pos) :
|
||||
u32at (cur_pos, 0x28));
|
||||
|
||||
bmp = grub_malloc (bitmap_len);
|
||||
@@ -855,14 +873,14 @@ grub_ntfs_iterate_dir (grub_fshelp_node_t dir,
|
||||
goto done;
|
||||
}
|
||||
|
||||
- if (u16at (cur_pos, 0x14) + u32at (cur_pos, 0x10) >
|
||||
+ if (res_attr_data_off (cur_pos) + res_attr_data_len (cur_pos) >
|
||||
(grub_addr_t) at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR) - (grub_addr_t) cur_pos)
|
||||
{
|
||||
grub_error (GRUB_ERR_BAD_FS, "resident bitmap out of range");
|
||||
goto done;
|
||||
}
|
||||
|
||||
- grub_memcpy (bmp, cur_pos + u16at (cur_pos, 0x14),
|
||||
+ grub_memcpy (bmp, cur_pos + res_attr_data_off (cur_pos),
|
||||
bitmap_len);
|
||||
}
|
||||
else
|
||||
@@ -1226,12 +1244,12 @@ grub_ntfs_label (grub_device_t device, char **label)
|
||||
goto fail;
|
||||
}
|
||||
|
||||
- if ((pa) && (pa[8] == 0) && (u32at (pa, 0x10)))
|
||||
+ if ((pa) && (pa[8] == 0) && (res_attr_data_len (pa)))
|
||||
{
|
||||
int len;
|
||||
|
||||
- len = u32at (pa, 0x10) / 2;
|
||||
- pa += u16at (pa, 0x14);
|
||||
+ len = res_attr_data_len (pa) / 2;
|
||||
+ pa += res_attr_data_off (pa);
|
||||
if (mft->buf + (mft->data->mft_size << GRUB_NTFS_BLK_SHR) - pa >= 2 * len)
|
||||
*label = get_utf8 (pa, len);
|
||||
else
|
||||
--
|
||||
2.42.0
|
||||
|
@ -89,18 +89,18 @@ Signed-off-by: Daniel Axtens <dja@axtens.net>
|
||||
|
||||
case GRUB_INSTALL_OPTIONS_VERBOSITY:
|
||||
verbosity++;
|
||||
@@ -632,6 +640,9 @@
|
||||
@@ -636,6 +644,9 @@
|
||||
for (pk = pubkeys; pk < pubkeys + npubkeys; pk++)
|
||||
slen += 20 + grub_strlen (*pk);
|
||||
slen += sizeof (" --pubkey ''") + grub_strlen (*pk);
|
||||
|
||||
+ for (pk = x509keys; pk < x509keys + nx509keys; pk++)
|
||||
+ slen += 10 + grub_strlen (*pk);
|
||||
+
|
||||
for (md = modules.entries; *md; md++)
|
||||
{
|
||||
slen += 10 + grub_strlen (*md);
|
||||
@@ -660,6 +671,14 @@
|
||||
*p++ = ' ';
|
||||
slen += sizeof (" ''") + grub_strlen (*md);
|
||||
|
||||
@@ -676,6 +687,14 @@
|
||||
*p++ = '\'';
|
||||
}
|
||||
|
||||
+ for (pk = x509keys; pk < x509keys + nx509keys; pk++)
|
||||
@ -113,8 +113,8 @@ Signed-off-by: Daniel Axtens <dja@axtens.net>
|
||||
+
|
||||
for (md = modules.entries; *md; md++)
|
||||
{
|
||||
*p++ = '\'';
|
||||
@@ -688,7 +707,8 @@
|
||||
*p++ = ' ';
|
||||
@@ -702,7 +721,8 @@
|
||||
|
||||
grub_install_generate_image (dir, prefix, fp, outname,
|
||||
modules.entries, memdisk_path,
|
||||
|
@ -18,7 +18,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
|
||||
--- a/docs/grub.texi
|
||||
+++ b/docs/grub.texi
|
||||
@@ -3278,6 +3278,7 @@
|
||||
@@ -3270,6 +3270,7 @@
|
||||
|
||||
@menu
|
||||
* biosnum::
|
||||
@ -26,7 +26,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
* check_signatures::
|
||||
* chosen::
|
||||
* cmdpath::
|
||||
@@ -3342,11 +3343,18 @@
|
||||
@@ -3334,11 +3335,18 @@
|
||||
chain-loaded system, @pxref{drivemap}.
|
||||
|
||||
|
||||
@ -47,7 +47,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
|
||||
@node chosen
|
||||
@subsection chosen
|
||||
@@ -4322,6 +4330,7 @@
|
||||
@@ -4357,6 +4365,7 @@
|
||||
* date:: Display or set current date and time
|
||||
* devicetree:: Load a device tree blob
|
||||
* distrust:: Remove a pubkey from trusted keys
|
||||
@ -55,15 +55,15 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
* drivemap:: Map a drive to another
|
||||
* echo:: Display a line of text
|
||||
* efitextmode:: Set/Get text output mode resolution
|
||||
@@ -4337,6 +4346,7 @@
|
||||
* help:: Show help messages
|
||||
@@ -4373,6 +4382,7 @@
|
||||
* hexdump:: Show raw contents of a file or memory
|
||||
* insmod:: Insert a module
|
||||
* keystatus:: Check key modifier status
|
||||
+* list_certificates:: List trusted certificates
|
||||
* list_env:: List variables in environment block
|
||||
* list_trusted:: List trusted public keys
|
||||
* load_env:: Load variables from environment block
|
||||
@@ -4375,8 +4385,10 @@
|
||||
@@ -4411,8 +4421,10 @@
|
||||
* test:: Check file types and compare values
|
||||
* true:: Do nothing, successfully
|
||||
* trust:: Add public key to list of trusted keys
|
||||
@ -74,7 +74,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
* verify_detached:: Verify detached digital signature
|
||||
* videoinfo:: List available video modes
|
||||
* wrmsr:: Write values to model-specific registers
|
||||
@@ -4710,9 +4722,28 @@
|
||||
@@ -4752,9 +4764,28 @@
|
||||
@code{check_signatures} is set to @code{enforce}
|
||||
(@pxref{check_signatures}), and by some invocations of
|
||||
@command{verify_detached} (@pxref{verify_detached}). @xref{Using
|
||||
@ -104,7 +104,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
@node drivemap
|
||||
@subsection drivemap
|
||||
|
||||
@@ -4975,6 +5006,21 @@
|
||||
@@ -5031,6 +5062,21 @@
|
||||
@end deffn
|
||||
|
||||
|
||||
@ -126,7 +126,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
@node list_env
|
||||
@subsection list_env
|
||||
|
||||
@@ -4994,7 +5040,7 @@
|
||||
@@ -5050,7 +5096,7 @@
|
||||
@code{gpg --fingerprint}). The least significant four bytes (last
|
||||
eight hexadecimal digits) can be used as an argument to
|
||||
@command{distrust} (@pxref{distrust}).
|
||||
@ -135,7 +135,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
these keys.
|
||||
@end deffn
|
||||
|
||||
@@ -5029,8 +5075,12 @@
|
||||
@@ -5085,8 +5131,12 @@
|
||||
administrator to configure a system to boot only signed
|
||||
configurations, but to allow the user to select from among multiple
|
||||
configurations, and to enable ``one-shot'' boot attempts and
|
||||
@ -149,7 +149,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
@end deffn
|
||||
|
||||
|
||||
@@ -5401,7 +5451,7 @@
|
||||
@@ -5457,7 +5507,7 @@
|
||||
file from within GRUB using this command, such that its signature will
|
||||
no longer be valid on subsequent boots. Care should be taken in such
|
||||
advanced configurations to avoid rendering the system
|
||||
@ -158,7 +158,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
@end deffn
|
||||
|
||||
|
||||
@@ -5817,11 +5867,31 @@
|
||||
@@ -5873,11 +5923,31 @@
|
||||
must itself be properly signed. The @option{--skip-sig} option can be
|
||||
used to disable signature-checking when reading @var{pubkey_file}
|
||||
itself. It is expected that @option{--skip-sig} is useful for testing
|
||||
@ -191,7 +191,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
@node unset
|
||||
@subsection unset
|
||||
|
||||
@@ -5840,6 +5910,18 @@
|
||||
@@ -5896,6 +5966,18 @@
|
||||
@end deffn
|
||||
@end ignore
|
||||
|
||||
@ -210,7 +210,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
|
||||
@node verify_detached
|
||||
@subsection verify_detached
|
||||
@@ -5858,7 +5940,7 @@
|
||||
@@ -5914,7 +5996,7 @@
|
||||
|
||||
Exit code @code{$?} is set to 0 if the signature validates
|
||||
successfully. If validation fails, it is set to a non-zero value.
|
||||
@ -219,7 +219,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
@end deffn
|
||||
|
||||
@node videoinfo
|
||||
@@ -6339,13 +6421,14 @@
|
||||
@@ -6394,13 +6476,14 @@
|
||||
@chapter Security
|
||||
|
||||
@menu
|
||||
@ -241,7 +241,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
@end menu
|
||||
|
||||
@node Authentication and authorisation
|
||||
@@ -6419,8 +6502,8 @@
|
||||
@@ -6474,8 +6557,8 @@
|
||||
adding @kbd{set superusers=} and @kbd{password} or @kbd{password_pbkdf2}
|
||||
commands.
|
||||
|
||||
@ -252,7 +252,7 @@ v2: fix a grammar issue, thanks Stefan Berger.
|
||||
|
||||
GRUB's @file{core.img} can optionally provide enforcement that all files
|
||||
subsequently read from disk are covered by a valid digital signature.
|
||||
@@ -6503,6 +6586,82 @@
|
||||
@@ -6558,6 +6641,82 @@
|
||||
(attacker-controlled) device. GRUB is at best only one link in a
|
||||
secure boot chain.
|
||||
|
||||
|
@ -16,7 +16,7 @@ Signed-off-by: Daniel Axtens <dja@axtens.net>
|
||||
|
||||
--- a/docs/grub.texi
|
||||
+++ b/docs/grub.texi
|
||||
@@ -6740,8 +6740,8 @@
|
||||
@@ -6795,8 +6795,8 @@
|
||||
@section Lockdown when booting on a secure setup
|
||||
|
||||
The GRUB can be locked down when booted on a secure boot environment, for example
|
||||
@ -39,15 +39,15 @@ Signed-off-by: Daniel Axtens <dja@axtens.net>
|
||||
sparc64_ieee1275 = kern/sparc64/dl.c;
|
||||
--- a/grub-core/kern/ieee1275/init.c
|
||||
+++ b/grub-core/kern/ieee1275/init.c
|
||||
@@ -44,6 +44,7 @@
|
||||
#ifdef __sparc__
|
||||
#include <grub/machine/kernel.h>
|
||||
@@ -49,6 +49,7 @@
|
||||
#if defined(__powerpc__) || defined(__i386__)
|
||||
#include <grub/ieee1275/alloc.h>
|
||||
#endif
|
||||
+#include <grub/lockdown.h>
|
||||
|
||||
/* The maximum heap size we're going to claim at boot. Not used by sparc. */
|
||||
#ifdef __i386__
|
||||
@@ -708,6 +709,30 @@
|
||||
@@ -893,6 +894,30 @@
|
||||
}
|
||||
}
|
||||
|
||||
@ -78,7 +78,7 @@ Signed-off-by: Daniel Axtens <dja@axtens.net>
|
||||
grub_addr_t grub_modbase;
|
||||
|
||||
void
|
||||
@@ -733,6 +758,8 @@
|
||||
@@ -918,6 +943,8 @@
|
||||
#else
|
||||
grub_install_get_time_ms (grub_rtc_get_time_ms);
|
||||
#endif
|
||||
|
4
fix_no_extra_deps_in_release_tarball.patch
Normal file
4
fix_no_extra_deps_in_release_tarball.patch
Normal file
@ -0,0 +1,4 @@
|
||||
--- /dev/null
|
||||
+++ b/grub-core/extra_deps.lst
|
||||
@@ -0,0 +1 @@
|
||||
+depends bli part_gpt
|
BIN
grub-2.12.tar.xz
(Stored with Git LFS)
Normal file
BIN
grub-2.12.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
BIN
grub-2.12~rc1.tar.xz
(Stored with Git LFS)
BIN
grub-2.12~rc1.tar.xz
(Stored with Git LFS)
Binary file not shown.
@ -81,11 +81,10 @@
|
||||
if (!bootloader_id && config.grub_distributor)
|
||||
{
|
||||
char *ptr;
|
||||
@@ -1426,6 +1431,16 @@
|
||||
fprintf (load_cfg_f, "set debug='%s'\n",
|
||||
@@ -1451,6 +1456,15 @@
|
||||
debug_image);
|
||||
}
|
||||
+
|
||||
|
||||
+ if (config.is_suse_btrfs_snapshot_enabled
|
||||
+ && grub_strncmp(grub_fs->name, "btrfs", sizeof ("btrfs") - 1) == 0)
|
||||
+ {
|
||||
@ -95,9 +94,9 @@
|
||||
+ fprintf (load_cfg_f, "set btrfs_relative_path='y'\n");
|
||||
+ }
|
||||
+
|
||||
char *prefix_drive = NULL;
|
||||
char *install_drive = NULL;
|
||||
|
||||
if (!have_abstractions)
|
||||
{
|
||||
if ((disk_module && grub_strcmp (disk_module, "biosdisk") != 0)
|
||||
--- a/grub-core/osdep/linux/getroot.c
|
||||
+++ b/grub-core/osdep/linux/getroot.c
|
||||
@@ -373,6 +373,7 @@
|
||||
|
@ -32,10 +32,10 @@
|
||||
GRUB_MOD_FINI(ieee1275_fb)
|
||||
--- a/include/grub/ieee1275/ieee1275.h
|
||||
+++ b/include/grub/ieee1275/ieee1275.h
|
||||
@@ -141,6 +141,8 @@
|
||||
*/
|
||||
GRUB_IEEE1275_FLAG_CAN_TRY_CAS_FOR_MORE_MEMORY,
|
||||
#endif
|
||||
@@ -145,6 +145,8 @@
|
||||
GRUB_IEEE1275_FLAG_POWER_VM,
|
||||
|
||||
GRUB_IEEE1275_FLAG_POWER_KVM,
|
||||
+
|
||||
+ GRUB_IEEE1275_FLAG_DISABLE_VIDEO_SUPPORT
|
||||
};
|
||||
|
@ -163,7 +163,7 @@ V20:
|
||||
name = grub-mkconfig_lib;
|
||||
common = util/grub-mkconfig_lib.in;
|
||||
installdir = noinst;
|
||||
@@ -1375,6 +1420,7 @@
|
||||
@@ -1381,6 +1426,7 @@
|
||||
ldadd = libgrubkern.a;
|
||||
ldadd = grub-core/lib/gnulib/libgnu.a;
|
||||
ldadd = '$(LIBINTL) $(LIBDEVMAPPER) $(LIBZFS) $(LIBNVPAIR) $(LIBGEOM)';
|
||||
@ -186,7 +186,7 @@ V20:
|
||||
|
||||
case "$target_os" in
|
||||
windows* | mingw32*) target_os=cygwin ;;
|
||||
@@ -2093,6 +2093,9 @@
|
||||
@@ -2158,6 +2158,9 @@
|
||||
AM_CONDITIONAL([COND_sparc64_emu], [test x$target_cpu = xsparc64 -a x$platform = xemu])
|
||||
AM_CONDITIONAL([COND_x86_64_efi], [test x$target_cpu = xx86_64 -a x$platform = xefi])
|
||||
AM_CONDITIONAL([COND_x86_64_xen], [test x$target_cpu = xx86_64 -a x$platform = xxen])
|
||||
@ -198,7 +198,7 @@ V20:
|
||||
AM_CONDITIONAL([COND_HOST_LINUX], [test x$host_kernel = xlinux])
|
||||
--- a/grub-core/Makefile.core.def
|
||||
+++ b/grub-core/Makefile.core.def
|
||||
@@ -1183,6 +1183,7 @@
|
||||
@@ -1186,6 +1186,7 @@
|
||||
module = {
|
||||
name = videotest;
|
||||
common = commands/videotest.c;
|
||||
@ -206,7 +206,7 @@ V20:
|
||||
};
|
||||
|
||||
module = {
|
||||
@@ -1637,6 +1638,7 @@
|
||||
@@ -1640,6 +1641,7 @@
|
||||
common = gfxmenu/gui_progress_bar.c;
|
||||
common = gfxmenu/gui_util.c;
|
||||
common = gfxmenu/gui_string_util.c;
|
||||
@ -214,7 +214,7 @@ V20:
|
||||
};
|
||||
|
||||
module = {
|
||||
@@ -2075,11 +2077,13 @@
|
||||
@@ -2078,11 +2080,13 @@
|
||||
name = gfxterm;
|
||||
common = term/gfxterm.c;
|
||||
enable = videomodules;
|
||||
@ -228,7 +228,7 @@ V20:
|
||||
};
|
||||
|
||||
module = {
|
||||
@@ -2202,6 +2206,7 @@
|
||||
@@ -2205,6 +2209,7 @@
|
||||
enable = x86_64_efi;
|
||||
enable = emu;
|
||||
enable = xen;
|
||||
@ -236,7 +236,7 @@ V20:
|
||||
};
|
||||
|
||||
module = {
|
||||
@@ -2248,6 +2253,7 @@
|
||||
@@ -2251,6 +2256,7 @@
|
||||
module = {
|
||||
name = gfxterm_menu;
|
||||
common = tests/gfxterm_menu.c;
|
||||
@ -244,7 +244,7 @@ V20:
|
||||
};
|
||||
|
||||
module = {
|
||||
@@ -2409,6 +2415,7 @@
|
||||
@@ -2412,6 +2418,7 @@
|
||||
enable = x86_64_efi;
|
||||
enable = emu;
|
||||
enable = xen;
|
||||
@ -316,7 +316,7 @@ V20:
|
||||
int
|
||||
--- a/util/grub-install-common.c
|
||||
+++ b/util/grub-install-common.c
|
||||
@@ -911,6 +911,7 @@
|
||||
@@ -924,6 +924,7 @@
|
||||
[GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI] = { "loongarch64", "efi" },
|
||||
[GRUB_INSTALL_PLATFORM_RISCV32_EFI] = { "riscv32", "efi" },
|
||||
[GRUB_INSTALL_PLATFORM_RISCV64_EFI] = { "riscv64", "efi" },
|
||||
@ -415,10 +415,10 @@ V20:
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
grub_install_copy_files (grub_install_source_directory,
|
||||
grubdir, platform);
|
||||
size_t ndev = 0;
|
||||
|
||||
@@ -1541,6 +1570,7 @@
|
||||
/* Write device to a variable so we don't have to traverse /dev every time. */
|
||||
@@ -1543,6 +1572,7 @@
|
||||
case GRUB_INSTALL_PLATFORM_I386_XEN:
|
||||
case GRUB_INSTALL_PLATFORM_X86_64_XEN:
|
||||
case GRUB_INSTALL_PLATFORM_I386_XEN_PVH:
|
||||
@ -426,7 +426,7 @@ V20:
|
||||
grub_util_warn ("%s", _("no hints available for your platform. Expect reduced performance"));
|
||||
break;
|
||||
/* pacify warning. */
|
||||
@@ -1659,6 +1689,10 @@
|
||||
@@ -1661,6 +1691,10 @@
|
||||
strcpy (mkimage_target, "sparc64-ieee1275-raw");
|
||||
core_name = "core.img";
|
||||
break;
|
||||
@ -437,7 +437,7 @@ V20:
|
||||
/* pacify warning. */
|
||||
case GRUB_INSTALL_PLATFORM_MAX:
|
||||
break;
|
||||
@@ -1674,6 +1708,7 @@
|
||||
@@ -1676,6 +1710,7 @@
|
||||
core_name);
|
||||
char *prefix = xasprintf ("%s%s", prefix_drive ? : "",
|
||||
relative_grubdir);
|
||||
@ -445,7 +445,7 @@ V20:
|
||||
grub_install_make_image_wrap (/* source dir */ grub_install_source_directory,
|
||||
/*prefix */ prefix,
|
||||
/* output */ imgfile,
|
||||
@@ -1712,6 +1747,10 @@
|
||||
@@ -1714,6 +1749,10 @@
|
||||
/* image target */ mkimage_target, 0);
|
||||
}
|
||||
break;
|
||||
@ -456,7 +456,7 @@ V20:
|
||||
case GRUB_INSTALL_PLATFORM_ARM_EFI:
|
||||
case GRUB_INSTALL_PLATFORM_ARM64_EFI:
|
||||
case GRUB_INSTALL_PLATFORM_LOONGARCH64_EFI:
|
||||
@@ -2011,6 +2050,10 @@
|
||||
@@ -2013,6 +2052,10 @@
|
||||
}
|
||||
break;
|
||||
|
||||
|
@ -1,3 +1,41 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 10 08:13:00 UTC 2024 - Michael Chang <mchang@suse.com>
|
||||
|
||||
- Version bump to 2.12 (PED-5589)
|
||||
* Added:
|
||||
- grub-2.12.tar.xz
|
||||
- fix_no_extra_deps_in_release_tarball.patch
|
||||
* Removed:
|
||||
- grub-2.12~rc1.tar.xz
|
||||
* Patch dropped as it merged into new version:
|
||||
- 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch
|
||||
- 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch
|
||||
- 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch
|
||||
- 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch
|
||||
- 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch
|
||||
- 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch
|
||||
- 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch
|
||||
- 0006-fs-ntfs-Make-code-more-readable.patch
|
||||
- 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch
|
||||
- 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch
|
||||
- 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch
|
||||
- 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch
|
||||
- 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch
|
||||
- 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch
|
||||
* Patch adjusted for the updated base version:
|
||||
- use-grub2-as-a-package-name.patch
|
||||
- grub2-s390x-04-grub2-install.patch
|
||||
- grub2-btrfs-04-grub2-install.patch
|
||||
- grub2-ppc64le-disable-video.patch
|
||||
- 0002-AUDIT-0-http-boot-tracker-bug.patch
|
||||
- 0001-Unify-the-check-to-enable-btrfs-relative-path.patch
|
||||
- 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch
|
||||
- 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch
|
||||
- 0016-grub-install-support-embedding-x509-certificates.patch
|
||||
- 0021-appended-signatures-documentation.patch
|
||||
- 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch
|
||||
- safe_tpm_pcr_snapshot.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 3 10:05:50 UTC 2024 - Michael Chang <mchang@suse.com>
|
||||
|
||||
|
46
grub2.spec
46
grub2.spec
@ -166,13 +166,13 @@ BuildRequires: fde-tpm-helper-rpm-macros
|
||||
%endif
|
||||
%endif
|
||||
|
||||
Version: 2.12~rc1
|
||||
Version: 2.12
|
||||
Release: 0
|
||||
Summary: Bootloader with support for Linux, Multiboot and more
|
||||
License: GPL-3.0-or-later
|
||||
Group: System/Boot
|
||||
URL: http://www.gnu.org/software/grub/
|
||||
Source0: https://alpha.gnu.org/gnu/grub/grub-%{version}.tar.xz
|
||||
Source0: https://ftp.gnu.org/gnu/grub/grub-%{version}.tar.xz
|
||||
Source1: 90_persistent
|
||||
Source2: grub.default
|
||||
Source4: grub2.rpmlintrc
|
||||
@ -372,33 +372,21 @@ Patch179: 0002-prep_loadenv-Fix-regex-for-Open-Firmware-device-spec.patch
|
||||
Patch180: 0001-xen_boot-add-missing-grub_arch_efi_linux_load_image_.patch
|
||||
Patch181: 0001-font-Try-memdisk-fonts-with-the-same-name.patch
|
||||
Patch182: 0001-Make-grub.cfg-compatible-to-old-binaries.patch
|
||||
Patch183: 0001-disk-cryptodisk-Fix-missing-change-when-updating-to-.patch
|
||||
Patch184: grub2-change-bash-completion-dir.patch
|
||||
Patch185: 0001-protectors-Implement-NV-index.patch
|
||||
Patch186: 0002-cryptodisk-Fallback-to-passphrase.patch
|
||||
Patch187: 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch
|
||||
Patch188: 0004-diskfilter-look-up-cryptodisk-devices-first.patch
|
||||
Patch189: grub2-mkconfig-riscv64.patch
|
||||
Patch190: arm64-Use-proper-memory-type-for-kernel-allocation.patch
|
||||
Patch191: 0001-fs-btrfs-Zero-file-data-not-backed-by-extents.patch
|
||||
Patch192: 0001-fs-ntfs-Fix-an-OOB-write-when-parsing-the-ATTRIBUTE_.patch
|
||||
Patch193: 0002-fs-ntfs-Fix-an-OOB-read-when-reading-data-from-the-r.patch
|
||||
Patch194: 0003-fs-ntfs-Fix-an-OOB-read-when-parsing-directory-entri.patch
|
||||
Patch195: 0004-fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-ind.patch
|
||||
Patch196: 0005-fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch
|
||||
Patch197: 0006-fs-ntfs-Make-code-more-readable.patch
|
||||
Patch198: 0001-luks2-Use-grub-tpm2-token-for-TPM2-protected-volume-.patch
|
||||
Patch199: Fix-the-size-calculation-for-the-synthesized-initrd.patch
|
||||
Patch200: 0001-kern-ieee1275-init-Restrict-high-memory-in-presence-.patch
|
||||
Patch201: 0001-fs-xfs-Incorrect-short-form-directory-data-boundary-.patch
|
||||
Patch202: 0002-fs-xfs-Fix-XFS-directory-extent-parsing.patch
|
||||
Patch203: 0003-fs-xfs-add-large-extent-counters-incompat-feature-su.patch
|
||||
Patch204: 0001-Improve-TPM-key-protection-on-boot-interruptions.patch
|
||||
Patch205: 0002-Restrict-file-access-on-cryptodisk-print.patch
|
||||
Patch206: 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch
|
||||
Patch207: 0004-Key-revocation-on-out-of-bound-file-access.patch
|
||||
Patch208: 0001-mkstandalone-ensure-stable-timestamps-for-generated-.patch
|
||||
Patch209: 0002-mkstandalone-ensure-deterministic-tar-file-creation-.patch
|
||||
Patch183: grub2-change-bash-completion-dir.patch
|
||||
Patch184: 0001-protectors-Implement-NV-index.patch
|
||||
Patch185: 0002-cryptodisk-Fallback-to-passphrase.patch
|
||||
Patch186: 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch
|
||||
Patch187: 0004-diskfilter-look-up-cryptodisk-devices-first.patch
|
||||
Patch188: grub2-mkconfig-riscv64.patch
|
||||
Patch189: arm64-Use-proper-memory-type-for-kernel-allocation.patch
|
||||
Patch190: 0001-luks2-Use-grub-tpm2-token-for-TPM2-protected-volume-.patch
|
||||
Patch191: Fix-the-size-calculation-for-the-synthesized-initrd.patch
|
||||
Patch192: 0001-Improve-TPM-key-protection-on-boot-interruptions.patch
|
||||
Patch193: 0002-Restrict-file-access-on-cryptodisk-print.patch
|
||||
Patch194: 0003-Restrict-ls-and-auto-file-completion-on-cryptodisk-p.patch
|
||||
Patch195: 0004-Key-revocation-on-out-of-bound-file-access.patch
|
||||
# Workaround for 2.12 tarball
|
||||
Patch196: fix_no_extra_deps_in_release_tarball.patch
|
||||
|
||||
Requires: gettext-runtime
|
||||
%if 0%{?suse_version} >= 1140
|
||||
|
@ -76,7 +76,7 @@
|
||||
GRUB_MOD_INIT (tpm)
|
||||
--- a/util/grub-install.c
|
||||
+++ b/util/grub-install.c
|
||||
@@ -1501,8 +1501,9 @@
|
||||
@@ -1560,8 +1560,9 @@
|
||||
|
||||
grub_util_unlink (load_cfg);
|
||||
|
||||
@ -87,7 +87,7 @@
|
||||
load_cfg_f = grub_util_fopen (load_cfg, "wb");
|
||||
have_load_cfg = 1;
|
||||
fprintf (load_cfg_f, "tpm_record_pcrs 0-9\n");
|
||||
@@ -1510,7 +1511,8 @@
|
||||
@@ -1569,7 +1570,8 @@
|
||||
|
||||
if (debug_image && debug_image[0])
|
||||
{
|
||||
|
@ -18,8 +18,8 @@ Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
|
||||
dnl the target type. See INSTALL for full list of variables and
|
||||
dnl description of the relationships between them.
|
||||
|
||||
-AC_INIT([GRUB],[2.12~rc1],[bug-grub@gnu.org])
|
||||
+AC_INIT([GRUB2],[2.12~rc1],[bug-grub@gnu.org])
|
||||
-AC_INIT([GRUB],[2.12],[bug-grub@gnu.org])
|
||||
+AC_INIT([GRUB2],[2.12],[bug-grub@gnu.org])
|
||||
|
||||
AS_CASE(["$ERROR_PLATFORM_NOT_SUPPORT_SSP"],
|
||||
[n | no | nO | N | No | NO], [ERROR_PLATFORM_NOT_SUPPORT_SSP=no],
|
||||
|
Loading…
Reference in New Issue
Block a user