The unaligned local in __aeabi_uidivmod leads to a store to a 64bit
value at an address that is not divisible by 8 (in grub_divmod64).
The compiler most likely generates a STRD instruction to store it and
this causes an exception.
Fixes Savannah bug #43632.
This includes improvements done by Leif Lindholm.
Using the http module to download config files, produces memory errors,
after the config file is downloaded.
The error was traced to the tcp stack in grub-core/net/tcp.c. The wrong
netbuff pointer was being freed in the clean up loop.
Changing the code to free the correct netbuff pointer removes the runtime
error.
Closes 42765.
grub_pubkey_open closed original file after it was read; it set
io->device to NULL to prevent grub_file_close from trying to close device.
But network device itself is stacked (net -> bufio); and bufio preserved
original netfs file which hold reference to device. grub_file_close(io)
called grub_bufio_close which called grub_file_close for original file.
grub_file_close(netfs-file) now also called grub_device_close which
freed file->device->net. So file structure returned by grub_pubkey_open
now had device->net pointed to freed memory. When later file was closed,
it was attempted to be freed again.
Change grub_pubkey_open to behave like other filters - preserve original
parent file and pass grub_file_close down to parent. In this way only the
original file will close device. We really need to move this logic into
core instead.
Also plug memory leaks in error paths on the way.
Reported-By: Robert Kliewer <robert.kliewer@gmail.com>
Closes: bug #43601
configure_ciphers:
- several memory leaks where allocated ciphers were not freed. CID: 73813,
73710
- use after free. It is probably quite innocent as grub is single threaded,
but could potentially be a problem with memory allocator debugger turned on.
CID: 73730
luks_recover_key:
- memory leak. CID: 73854
Many routers have long router advertisment interval configured by
default. The Neighbor Discovery protocol (RFC4861) has defined default
MaxRtrAdvInterval value as 600 seconds and
MinRtrAdvInterval as 0.33*MaxRtrAdvInterval. This makes
net_ipv6_autoconf fails more often than not as currently it passively
listens the RA message to perfom address autoconfiguration.
This patch tries to send router solicitation to overcome the problem of
long RA interval.
v2:
use cpu_to_be macro for network byte order conversion
add missing error handling
The EFI version of grub_machine_get_bootlocation crops the boot image
name back to the last / in order to get a directory path. However, it
does not check that *name is actually set before calling grub_strrchr
to do this, and neither does grub_strrchr before dereferencing a NULL
pointer.
Parent function, grub_set_prefix_and_root, does check the pointer
before using.
The structure size used in grub_netbuff_pull to get the pointer to
option header is apparently wrong, which leads to subsequent range check
failed and therefore not responding to any neighbor solicit message in my
testing.
struct ... foo = { 0, } is valid initializer, but older GCC emits
warning which is fatal error due to -Werror=missing-field-initializer.
So simply use full initializer to avoid these errors. This was fixed
probably in GCC 4.7.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36750
The AML parser implements only a small subset of possible AML
opcodes. On the Fujitsu Lifebook E744 this and another bug in
the parser (incorrect handling of TermArg data types) would lead
to the laptop not turning off (_S5 not found).
* grub-core/commands/acpihalt.c: Support OpAlias in the AML parser;
in skip_ext_op(), handle some Type2Opcodes more correctly (TermArgs
aren't always simply strings!); Add function to skip TermArgs
* include/grub/acpi.h: Add new opcodes
Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
into grub_initrd_close() without grub_initrd_init() being called, and thus
it never clears initrd_ctx->components. grub_initrd_close() then frees that
address, which is stale data from the stack. If the stack happens to have a
stale *address* there that matches a recent allocation, then you'll get a
double free later.
So initialize the memory up front.
Signed-off-by: Peter Jones <pjones@redhat.com>
We encountered a weird random kernel initrd unpacking error on btrfs
and finally found it was caused by incorrect address reference in range
check for type GRUB_BTRFS_EXTENT_REGULAR and the entire result is
unpredictable.
This is a quick fix to make the address reference to the
grub_btrfs_extent_data structure correctly, not the pointer variable
to it.
Any suggestions to this patch is welcome.
* configure.ac: Remove -m64 from checks for -mcmodel=large and
-mno-red-zone. These are always either unnecessary (x86_64-emu) or
already in TARGET_CFLAGS at this point, and they produce incorrect
results when building for x32.
* grub-core/kern/x86_64/dl.c (grub_arch_dl_relocate_symbols): Cast
pointers to Elf64_Xword via grub_addr_t, in order to work on x32.
* include/grub/x86_64/types.h (GRUB_TARGET_SIZEOF_VOID_P,
GRUB_TARGET_SIZEOF_LONG): Define to 4 on x32.
Commit 588744d0dc caused grub-mkconfig
no longer to be forgiving of trailing spaces on grub-probe output
lines, which among other things means that util/grub.d/10_linux.in
no longer detects LVM. To fix this, make grub-probe's output
delimiting more consistent. As a bonus, this improves the coverage
of the -0 option.
Fixes Debian bug #735935.
* grub-core/disk/cryptodisk.c
(grub_util_cryptodisk_get_abstraction): Add a user-data argument.
* grub-core/disk/diskfilter.c (grub_diskfilter_get_partmap):
Likewise.
* include/grub/cryptodisk.h (grub_util_cryptodisk_get_abstraction):
Update prototype.
* include/grub/diskfilter.h (grub_diskfilter_get_partmap): Likewise.
* util/grub-install.c (push_partmap_module, push_cryptodisk_module,
probe_mods): Adjust for extra user-data arguments.
* util/grub-probe.c (do_print, probe_partmap, probe_cryptodisk_uuid,
probe_abstraction): Use configured delimiter. Update callers.
is_qemu is not being set lead to disabling of feature like
GRUB_IEEE1275_FLAG_HAS_CURSORONOFF. This resulted in cursor not being
displayed during the grub-menu edit.
Signed-off-by: Nikunj A Dadhania <nikunj@linux.vnet.ibm.com>
It enables net boot even when there is no bootp/dhcp server.
* grub-core/net/drivers/ieee1275/ofnet.c: Add grub_ieee1275_parse_bootpath and
call it at grub_ieee1275_net_config_real.
* grub-core/kern/ieee1275/init.c: Add bootpath to grub_ieee1275_net_config.
* include/grub/ieee1275/ieee1275.h: Likewise.
In net/net.c there is a while (1) that only exits if there is a stop
condition and more then 10 packages or if there is no package received.
If GRUB is idle and enter in this loop, the only condition to leave is
if it doesn't have incoming packages. In a network with heavy traffic
this never happens.
Many tests fail when run as a non-root user on FreeBSD. The failures
all amount to an inability to open files using grub_util_fd_open,
because we cannot set the kern.geom.debugflags sysctl. This sysctl is
indeed important to allow us to do such things as installing GRUB to the
MBR, but if we need to do that and can't then we will get an error
later. Enforcing it here is unnecessary and prevents otherwise
perfectly reasonable operations.
In file included from ./include/grub/dl.h:23:0,
from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/list.h:34:18: warning: conflicting types for 'grub_list_push' [en
abled by default]
void EXPORT_FUNC(grub_list_push) (grub_list_t *head, grub_list_t item);
^
./include/grub/symbol.h:68:25: note: in definition of macro 'EXPORT_FUNC'
# define EXPORT_FUNC(x) x
^
In file included from ./include/grub/fs.h:30:0,
from ./include/grub/file.h:25,
from ./grub-core/lib/posix_wrap/stdio.h:23,
from c:\mingw\include\libintl.h:314,
from ./include/grub/i18n.h:33,
from ./include/grub/misc.h:27,
from ./include/grub/list.h:25,
from ./include/grub/dl.h:28,
from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/partition.h:106:3: note: previous implicit declaration of 'grub_l
ist_push' was here
grub_list_push (GRUB_AS_LIST_P (&grub_partition_map_list),
^
list.h needs just ATTRIBUTE_ERROR from misc.h; split compiler features
into separate file grub/compiler.h and include it instead.
This allows providing separate LDFLAGS for build and host environments, which
are not necessary the same for cross-compile case. In particular, it allows
building host programs statically to not depend on presence of libraries at
run-time (e.g. MinGW DLLs on Windows) while continue to use default dynamic
linking at build time.
Also fix obsolete comments in confgure.ac - we do use different environment
for build and host now.
The length of the Device Path End entry in the grub_linux_boot()
function was incorrectly set to 0. This triggers an assert failure
in debug builds of Tianocore.
Set it to sizeof (grub_efi_device_path_t).
* grub-core/osdep/unix/getroot.c (strip_extra_slashes): Move inside
!defined (__GNU__).
(xgetcwd): Likewise.
* include/grub/emu/hostdisk.h (grub_util_hurd_get_disk_info)
[__GNU__]: Add prototype.
* util/getroot.c (grub_util_biosdisk_get_grub_dev) [__GNU__]: Format
long int using %ld rather than %d.
To reproduce the problem, make sure you have a GPG public key available, build and install GRUB:
grub-install --debug --debug-image="all" --pubkey=/boot/pubkey.gpg --modules="serial terminfo gzio search search_label search_fs_uuid search_fs_file linux vbe video_fb video mmap relocator verify gcry_rsa gcry_dsa gcry_sha256 hashsum gcry_sha1 mpi echo loadenv boottime" /dev/sda
Sign all the files in /boot/grub/* and reboot.
'make check' results identical before and after this change.
TESTED: In a QEMU VM using an i386 target.
We need to hide "modprobe efivars" error output to avoid confusion. So
consolidate grub_util_exec_* into single function that can optionally redirect
all three standard descriptors and make all other functions compatibility
wrappers.
Also remove include/grub/osdep/exec_unix.h which does not appear to be used
anywhere.
Fix potential crash caused by signed vs. unsigned comparison. Negative
length compares as very large unsigned number causing subsequent NULL access.
Make exhaustive search for all BootNNNN variables to find one matching
requested efi_distributor.