relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow

This commit introduces integer underflow mitigation in max_addr calculation
in grub_relocator_alloc_chunk_align() invocation.

It consists of 2 fixes:
  1. Introduced grub_relocator_alloc_chunk_align_safe() wrapper function to perform
     sanity check for min/max and size values, and to make safe invocation of
     grub_relocator_alloc_chunk_align() with validated max_addr value. Replace all
     invocations such as grub_relocator_alloc_chunk_align(..., min_addr, max_addr - size, size, ...)
     by grub_relocator_alloc_chunk_align_safe(..., min_addr, max_addr, size, ...).
  2. Introduced UP_TO_TOP32(s) macro for the cases where max_addr is 32-bit top
     address (0xffffffff - size + 1) or similar.

Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

grub-core/loader/mips/linux.c

@@ -442,12 +442,9 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
   {
     grub_relocator_chunk_t ch;
 
-    err = grub_relocator_alloc_chunk_align (relocator, &ch,
-					    (target_addr & 0x1fffffff)
-					    + linux_size + 0x10000,
-					    (0x10000000 - size),
-					    size, 0x10000,
-					    GRUB_RELOCATOR_PREFERENCE_NONE, 0);
+    err = grub_relocator_alloc_chunk_align_safe (relocator, &ch, (target_addr & 0x1fffffff) +
+						 linux_size + 0x10000, 0x10000000, size,
+						 0x10000, GRUB_RELOCATOR_PREFERENCE_NONE, 0);
 
     if (err)
       goto fail;