From c1be7e90be547f6e3f2d7a5c0519f2efa31f495b Mon Sep 17 00:00:00 2001
From: Peter Jones
Date: Wed, 17 Sep 2014 16:30:11 -0400
Subject: [PATCH] Initialized initrd_ctx so we don't free a random pointer from
Hello community,
here is the log from the commit of package grub2 for openSUSE:Factory checked in at 2014-09-28 19:56:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/grub2 (Old)
and /work/SRC/openSUSE:Factory/.grub2.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "grub2"
Changes:
--------
--- /work/SRC/openSUSE:Factory/grub2/grub2.changes 2014-09-17 17:42:17.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.grub2.new/grub2.changes 2014-09-28 19:56:31.000000000 +0200
@@ -1,0 +2,16 @@
+Sun Sep 21 06:47:12 UTC 2014 - arvidjaar@gmail.com
+
+- update translations
+- fix possible access to uninitialized pointer in linux loader
+ * add grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
+ * drop superceded grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch
+
+-------------------------------------------------------------------
+Thu Sep 18 09:55:57 UTC 2014 - mchang@suse.com
+
+- fix grub.xen not able to handle legacy menu.lst hdX names (bnc#863821)
+ * add grub2-xen-legacy-config-device-name.patch from arvidjaar
+- fix the performance of grub2 uefi pxe is bad (bnc#871555)
+ * add grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch
+
+-------------------------------------------------------------------
Old:
----
grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch
translations-20130626.tar.xz
New:
----
grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch
grub2-xen-legacy-config-device-name.patch
translations-20140921.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ grub2.spec ++++++
--- /var/tmp/diff_new_pack.U8PZhI/_old 2014-09-28 19:56:33.000000000 +0200
+++ /var/tmp/diff_new_pack.U8PZhI/_new 2014-09-28 19:56:33.000000000 +0200
@@ -116,7 +116,7 @@
Source3: README.openSUSE
Source4: grub2.rpmlintrc
# rsync -Lrtvz translationproject.org::tp/latest/grub/ po
-Source5: translations-20130626.tar.xz
+Source5: translations-20140921.tar.xz
Source6: grub2-once
Source7: 20_memtest86+
Source10: openSUSE-UEFI-CA-Certificate.crt
@@ -153,6 +153,9 @@
Patch43: grub2-mkconfig-aarch64.patch
# Fix build with glibc 2.20+
Patch44: grub2-glibc-2.20.patch
+Patch45: grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch
+Patch46: grub2-xen-legacy-config-device-name.patch
+Patch47: grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch
# Btrfs snapshot booting related patches
Patch101: grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
Patch102: grub2-btrfs-02-export-subvolume-envvars.patch
@@ -182,7 +185,6 @@
Patch220: grub2-ppc64le-20-.TOC.-symbol-is-special-in-ppc64le-.-It-maps-to-the-.patch
Patch221: grub2-ppc64le-21-the-.toc-section-in-powerpc64le-modules-are-sometime.patch
Patch222: grub2-ppc64le-22-all-parameter-to-firmware-calls-should-to-be-BigEndi.patch
-Patch223: grub2-ppc64le-23-grub-segfaults-if-initrd-is-specified-before-specify.patch
Patch224: grub2-ppc64-build-ppc64-32bit.patch
Patch225: grub2-ppc64-qemu.patch
Patch226: grub2-ppc64le-timeout.patch
@@ -356,6 +358,9 @@
%patch42 -p1
%patch43 -p1
%patch44 -p1
+%patch45 -p1
+%patch46 -p1
+%patch47 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1
@@ -383,7 +388,6 @@
%patch220 -p1
%patch221 -p1
%patch222 -p1
-%patch223 -p1
%patch224 -p1
%patch225 -p1
%patch226 -p1
++++++ grub2-Initialized-initrd_ctx-so-we-don-t-free-a-random-poi.patch ++++++
the stack.
Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
into grub_initrd_close() without grub_initrd_init() being called, and thus
it never clears initrd_ctx->components. grub_initrd_close() then frees that
address, which is stale data from the stack. If the stack happens to have a
stale *address* there that matches a recent allocation, then you'll get a
double free later.
So initialize the memory up front.
Signed-off-by: Peter Jones
---
grub-core/loader/arm/linux.c | 2 +-
grub-core/loader/arm64/linux.c | 2 +-
grub-core/loader/i386/linux.c | 2 +-
grub-core/loader/i386/pc/linux.c | 2 +-
grub-core/loader/ia64/efi/linux.c | 2 +-
grub-core/loader/mips/linux.c | 2 +-
grub-core/loader/powerpc/ieee1275/linux.c | 2 +-
grub-core/loader/sparc64/ieee1275/linux.c | 2 +-
8 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/grub-core/loader/arm/linux.c b/grub-core/loader/arm/linux.c
index e6770d9..62cbe75 100644
--- a/grub-core/loader/arm/linux.c
+++ b/grub-core/loader/arm/linux.c
@@ -396,7 +396,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
{
grub_file_t file;
grub_size_t size = 0;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
index f1d10a1..0dc144e 100644
--- a/grub-core/loader/arm64/linux.c
+++ b/grub-core/loader/arm64/linux.c
@@ -328,7 +328,7 @@ static grub_err_t
grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
int argc, char *argv[])
{
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
int initrd_size, initrd_pages;
void *initrd_mem = NULL;
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index 31fb91e..2ae1763 100644
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -1050,7 +1050,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_addr_t addr_min, addr_max;
grub_addr_t addr;
grub_err_t err;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
index 672c013..b481e46 100644
--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@@ -388,7 +388,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_uint8_t *initrd_chunk;
grub_addr_t initrd_addr;
grub_err_t err;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/ia64/efi/linux.c b/grub-core/loader/ia64/efi/linux.c
index 87ac49f..eb78e6e 100644
--- a/grub-core/loader/ia64/efi/linux.c
+++ b/grub-core/loader/ia64/efi/linux.c
@@ -568,7 +568,7 @@ static grub_err_t
grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
int argc, char *argv[])
{
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/mips/linux.c b/grub-core/loader/mips/linux.c
index ef64a5b..4a3e8c5 100644
--- a/grub-core/loader/mips/linux.c
+++ b/grub-core/loader/mips/linux.c
@@ -415,7 +415,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
void *initrd_src;
grub_addr_t initrd_dest;
grub_err_t err;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
diff --git a/grub-core/loader/powerpc/ieee1275/linux.c b/grub-core/loader/powerpc/ieee1275/linux.c
index 4a14f66..787d7dc 100644
--- a/grub-core/loader/powerpc/ieee1275/linux.c
+++ b/grub-core/loader/powerpc/ieee1275/linux.c
@@ -333,7 +333,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_size_t size = 0;
grub_addr_t first_addr;
grub_addr_t addr;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
diff --git a/grub-core/loader/sparc64/ieee1275/linux.c b/grub-core/loader/sparc64/ieee1275/linux.c
index de6ee2f..c5e8dfa 100644
--- a/grub-core/loader/sparc64/ieee1275/linux.c
+++ b/grub-core/loader/sparc64/ieee1275/linux.c
@@ -373,7 +373,7 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
grub_addr_t paddr;
grub_addr_t addr;
int ret;
- struct grub_linux_initrd_context initrd_ctx;
+ struct grub_linux_initrd_context initrd_ctx = { 0, };
if (argc == 0)
{
--
1.8.4.5
++++++ grub2-efinet-reopen-SNP-protocol-for-exclusive-use-by-grub.patch ++++++
From 42d3848d0162ea8f824d63d57afb43b8b0a96860 Mon Sep 17 00:00:00 2001
From: Fedora Ninjas
Date: Sat, 15 Feb 2014 15:10:22 -0500
Subject: [PATCH 110/112] reopen SNP protocol for exclusive use by grub
References: bnc#871555
Patch-Mainline: no
---
grub-core/net/drivers/efi/efinet.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/grub-core/net/drivers/efi/efinet.c b/grub-core/net/drivers/efi/efinet.c
index 2b344d6..a6e4c79 100644
--- a/grub-core/net/drivers/efi/efinet.c
+++ b/grub-core/net/drivers/efi/efinet.c
@@ -223,6 +223,7 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device,
{
struct grub_net_card *card;
grub_efi_device_path_t *dp;
+ grub_efi_simple_network_t *net;
dp = grub_efi_get_device_path (hnd);
if (! dp)
@@ -250,6 +251,21 @@ grub_efi_net_config_real (grub_efi_handle_t hnd, char **device,
&pxe_mode->dhcp_ack,
sizeof (pxe_mode->dhcp_ack),
1, device, path);
+ net = grub_efi_open_protocol (card->efi_handle, &net_io_guid,
+ GRUB_EFI_OPEN_PROTOCOL_BY_EXCLUSIVE);
+ if (net) {
+ if (net->mode->state == GRUB_EFI_NETWORK_STOPPED
+ && efi_call_1 (net->start, net) != GRUB_EFI_SUCCESS)
+ continue;
+
+ if (net->mode->state == GRUB_EFI_NETWORK_STOPPED)
+ continue;
+
+ if (net->mode->state == GRUB_EFI_NETWORK_STARTED
+ && efi_call_3 (net->initialize, net, 0, 0) != GRUB_EFI_SUCCESS)
+ continue;
+ card->efi_net = net;
+ }
return;
}
}
--
1.8.5.3
++++++ grub2-xen-legacy-config-device-name.patch ++++++
From: Andrey Borzenkov
Subject: [PATCH] accept also hdX as alias to native Xen disk name
References: bnc#863821
Patch-Mainline: no
To assign correct disk numbers, sort disks by increasing order of handle
value. This allows reusing legacy pv-grub menu.lst which is using hdX names.
Suggested-By: Michael Chang
---
grub-core/disk/xen/xendisk.c | 45 +++++++++++++++++++++++++++++++++++---------
1 file changed, 36 insertions(+), 9 deletions(-)
diff --git a/grub-core/disk/xen/xendisk.c b/grub-core/disk/xen/xendisk.c
index 2b11c2a..b18a923 100644
--- a/grub-core/disk/xen/xendisk.c
+++ b/grub-core/disk/xen/xendisk.c
@@ -40,6 +40,7 @@ struct virtdisk
grub_xen_evtchn_t evtchn;
void *dma_page;
grub_xen_grant_t dma_grant;
+ struct virtdisk *compat_next;
};
#define xen_wmb() mb()
@@ -47,6 +48,7 @@ struct virtdisk
static struct virtdisk *virtdisks;
static grub_size_t vdiskcnt;
+struct virtdisk *compat_head;
static int
grub_virtdisk_iterate (grub_disk_dev_iterate_hook_t hook, void *hook_data,
@@ -66,20 +68,32 @@ grub_virtdisk_iterate (grub_disk_dev_iterate_hook_t hook, void *hook_data,
static grub_err_t
grub_virtdisk_open (const char *name, grub_disk_t disk)
{
- grub_size_t i;
+ int i;
grub_uint32_t secsize;
char fdir[200];
char *buf;
+ int num = -1;
+ struct virtdisk *vd;
- for (i = 0; i < vdiskcnt; i++)
- if (grub_strcmp (name, virtdisks[i].fullname) == 0)
+ /* For compatibility with pv-grub legacy menu.lst accept hdX as disk name */
+ if (name[0] == 'h' && name[1] == 'd' && name[2])
+ {
+ num = grub_strtoul (name + 2, 0, 10);
+ if (grub_errno)
+ {
+ grub_errno = 0;
+ num = -1;
+ }
+ }
+ for (i = 0, vd = compat_head; vd; vd = vd->compat_next, i++)
+ if (i == num || grub_strcmp (name, vd->fullname) == 0)
break;
- if (i == vdiskcnt)
+ if (!vd)
return grub_error (GRUB_ERR_UNKNOWN_DEVICE, "not a virtdisk");
- disk->data = &virtdisks[i];
- disk->id = i;
+ disk->data = vd;
+ disk->id = vd - virtdisks;
- grub_snprintf (fdir, sizeof (fdir), "%s/sectors", virtdisks[i].backend_dir);
+ grub_snprintf (fdir, sizeof (fdir), "%s/sectors", vd->backend_dir);
buf = grub_xenstore_get_file (fdir, NULL);
if (!buf)
return grub_errno;
@@ -87,8 +101,7 @@ grub_virtdisk_open (const char *name, grub_disk_t disk)
if (grub_errno)
return grub_errno;
- grub_snprintf (fdir, sizeof (fdir), "%s/sector-size",
- virtdisks[i].backend_dir);
+ grub_snprintf (fdir, sizeof (fdir), "%s/sector-size", vd->backend_dir);
buf = grub_xenstore_get_file (fdir, NULL);
if (!buf)
return grub_errno;
@@ -264,6 +277,7 @@ fill (const char *dir, void *data)
grub_err_t err;
void *buf;
struct evtchn_alloc_unbound alloc_unbound;
+ struct virtdisk **prev = &compat_head, *vd = compat_head;
/* Shouldn't happen unles some hotplug happened. */
if (vdiskcnt >= *ctr)
@@ -374,6 +388,19 @@ fill (const char *dir, void *data)
virtdisks[vdiskcnt].frontend_dir = grub_strdup (fdir);
+ /* For compatibility with pv-grub maintain linked list sorted by handle
+ value in increasing order. This allows mapping of (hdX) disk names
+ from legacy menu.lst */
+ while (vd)
+ {
+ if (vd->handle > virtdisks[vdiskcnt].handle)
+ break;
+ prev = &vd->compat_next;
+ vd = vd->compat_next;
+ }
+ virtdisks[vdiskcnt].compat_next = vd;
+ *prev = &virtdisks[vdiskcnt];
+
vdiskcnt++;
return 0;
++++++ translations-20130626.tar.xz -> translations-20140921.tar.xz ++++++
++++ 172975 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org