grub2/0009-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch
Michael Chang 005c99a035 Accepting request 942210 from home:michael-chang:branches:Base:System
- Fix CVE-2021-3981 (bsc#1189644)
  * 0001-grub-mkconfig-restore-umask-for-grub.cfg.patch

- Fix can't allocate initrd error (bsc#1191378) 
  * 0001-Factor-out-grub_efi_linux_boot.patch
  * 0002-Fix-race-in-EFI-validation.patch
  * 0003-Handle-multi-arch-64-on-32-boot-in-linuxefi-loader.patch
  * 0004-Try-to-pick-better-locations-for-kernel-and-initrd.patch
  * 0005-x86-efi-Use-bounce-buffers-for-reading-to-addresses-.patch
  * 0006-x86-efi-Re-arrange-grub_cmd_linux-a-little-bit.patch
  * 0007-x86-efi-Make-our-own-allocator-for-kernel-stuff.patch
  * 0008-x86-efi-Allow-initrd-params-cmdline-allocations-abov.patch
  * 0009-x86-efi-Reduce-maximum-bounce-buffer-size-to-16-MiB.patch
  * 0010-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch
  * 0011-Also-define-GRUB_EFI_MAX_ALLOCATION_ADDRESS-for-RISC.patch

OBS-URL: https://build.opensuse.org/request/show/942210
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=400
2021-12-27 06:21:59 +00:00

44 lines
1.6 KiB
Diff

From a89b55330ff0930c998cf64ab534cd8ff7e3a74c Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Tue, 26 May 2020 16:59:28 +0200
Subject: [PATCH 09/11] x86-efi: Reduce maximum bounce buffer size to 16 MiB
The EFI linux loader allocates a bounce buffer to copy the initrd since in
some machines doing DMA on addresses above 4GB is not possible during EFI.
But the verifiers framework also allocates a buffer to copy the initrd in
its grub_file_open() handler. It does this since the data to verify has to
be passed as a single chunk to modules that use the verifiers framework.
If the initrd image size is big there may not be enough memory in the heap
to allocate two buffers of that size. This causes an allocation failure in
the verifiers framework and leads to the initrd not being read.
To prevent these allocation failures, let's reduce the maximum size of the
bounce buffer used in the EFI loader. Since the data read can be copied to
the actual initrd address in multilple chunks.
Resolves: rhbz#1838633
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
grub-core/loader/i386/efi/linux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/loader/i386/efi/linux.c b/grub-core/loader/i386/efi/linux.c
index d49749269..652212227 100644
--- a/grub-core/loader/i386/efi/linux.c
+++ b/grub-core/loader/i386/efi/linux.c
@@ -144,7 +144,7 @@ grub_linuxefi_unload (void)
return GRUB_ERR_NONE;
}
-#define BOUNCE_BUFFER_MAX 0x10000000ull
+#define BOUNCE_BUFFER_MAX 0x1000000ull
static grub_ssize_t
read(grub_file_t file, grub_uint8_t *bufp, grub_size_t len)
--
2.31.1