Commit graph

55 commits

Author SHA1 Message Date
Peter Jones
f725fa7cb2 calloc: Use calloc() at most places
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
Peter Jones
ea04f131a4 linux/getroot: Handle rssd storage device names
The Micron PCIe SSDs Linux driver (mtip32xx) exposes block devices
as /dev/rssd[a-z]+[0-9]*. Add support for these rssd device names.

Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-03-10 21:39:34 +01:00
Michael Chang
42acdd3b40 hostdisk: Set linux file descriptor to O_CLOEXEC as default
We are often bothered by this sort of lvm warning while running grub-install
every now and then:

  File descriptor 4 (/dev/vda1) leaked on vgs invocation. Parent PID 1991: /usr/sbin/grub2-install

The requirement related to the warning is dictated in the lvm man page:

  "On invocation, lvm requires that only the standard file descriptors stdin,
  stdout and stderr are available.  If others are found, they get closed and
  messages are issued warning about the leak.  This warning can be suppressed by
  setting the environment variable LVM_SUPPRESS_FD_WARNINGS."

While it could be disabled through settings, most Linux distributions seem to
enable it by default and the justification provided by the developer looks to
be valid to me: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466138#15

Rather than trying to close and reopen the file descriptor to the same file
multiple times, which is rather cumbersome, for the sake of no vgs invocation
could happen in between. This patch enables the close-on-exec flag (O_CLOEXEC)
for new file descriptor returned by the open() system call, making it closed
thus not inherited by the child process forked and executed by the exec()
family of functions.

Fixes Debian bug #466138.

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-11-18 13:42:55 +01:00
Steve McIntyre
686db96646 grub-install: Check for arm-efi as a default target
Much like on x86, we can work out if the system is running on top of EFI
firmware. If so, return "arm-efi". If not, fall back to "arm-uboot" as
previously.

Split out the code to (maybe) load the efivar module and check for
/sys/firmware/efi into a common helper routine is_efi_system().

Signed-off-by: Steve McIntyre <93sam@debian.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-26 15:25:13 +01:00
Daniel Kiper
718b3fb1dc Revert "grub-install: Check for arm-efi as a default target"
This reverts commit 082fd84d52.

Incorrect version of the patch was pushed into the git repo.

Reported-by: Leif Lindholm <leif.lindholm@linaro.org>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-26 15:07:28 +01:00
Steve McIntyre
082fd84d52 grub-install: Check for arm-efi as a default target
Much like on x86, we can work out if the system is running on top
of EFI firmware. If so, return "arm-efi". If not, fall back to
"arm-uboot" as previously.

Heavily inspired by the existing code for x86.

Signed-off-by: Steve McIntyre <93sam@debian.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-02-25 14:02:06 +01:00
Mihai Moldovan
5b9308aff0 osdep/linux: Convert partition start to disk sector length
When reading data off a disk, sector values are based on the disk sector
length.

Within grub_util_fd_open_device(), the start of the partition was taken
directly from grub's partition information structure, which uses the
internal sector length (currently 512b), but never transformed to the
disk's sector length.

Subsequent calculations were all wrong for devices that have a diverging
sector length and the functions eventually skipped to the wrong stream
location, reading invalid data.

Signed-off-by: Mihai Moldovan <ionic@ionic.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-09-27 14:53:32 +02:00
Eric Snowberg
f35826423e sparc64: Limit nvme of_path_of_nvme to just SPARC
Limit NVMe of_path_of_nvme to just SPARC hardware for now.  It has been
found that non-Open Firmware hardware platforms can some how access
this function.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 14:38:07 +01:00
John Paul Adrian Glaubitz
25b2b22d54 ieee1275: Fix crash in of_path_of_nvme when of_path is empty
The of_path_of_nvme function (commit 2391d57, ieee1275: add nvme
support within ofpath) introduced a functional regression:

On systems which are not based on Open Firmware but have at
least one NVME device, find_obppath will return NULL and thus
trying to append the disk name to of_path will result in a
crash.

The proper behavior of of_path_of_nvme is, however, to just
return NULL in such cases, like other users of find_obppath,
such as of_path_of_scsi.

Signed-off-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Reviewed-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-03-05 14:36:28 +01:00
Joakim Bech
72b425b640 ieee1275: fix build regression in of_path_of_nvme
The of_path_of_nvme function (commit 2391d57, ieee1275: add nvme
support within ofpath) introduced a build regression:
    grub-core/osdep/linux/ofpath.c:365:21: error: comparison between pointer
    and zero character constant [-Werror=pointer-compare]
       if ((digit_string != '\0') && (*part_end == 'p'))

Update digit_string to compare against the char instead of the pointer.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-26 10:37:36 +01:00
Eric Snowberg
2391d57909 ieee1275: add nvme support within ofpath
Add NVMe support within ofpath.

The Open Firmware text representation for a NVMe device contains the
Namespace ID. An invalid namespace ID is one whose value is zero or whose
value is greater than the value reported by the Number of Namespaces (NN)
field in the Identify Controller data structure.  At the moment  only a
single Namespace is supported, therefore the value is currently hard coded
to one.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:36:53 +01:00
Eric Snowberg
d85c76b501 sparc64: fix OF path names for sun4v systems
Fix the Open Firmware (OF) path property for sun4v SPARC systems.
These platforms do not have a /sas/ within their path. Over time
different OF addressing schemes have been supported. There
is no generic addressing scheme that works across every HBA.

It looks that this functionality will not work if you try to cross-install
SPARC GRUB2 binary using e.g. x86 grub-install. By default it should work.
However, we will also have other issues here, like lack of access to OF
firmware/paths, which make such configs unusable anyway. So, let's leave
this patch as is for time being. If somebody cares then he/she should fix
the issue(s) at some point.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-14 17:49:10 +01:00
Eric Snowberg
f8679cedff sparc64: Don't use devspec to determine the OBP path
Don't use devspec to determine the OBP path on SPARC hardware.  Within all
versions of Linux on SPARC, the devspec returns one of three values:
"none", "vnet-port", or "vdisk".  Unlike on PPC, none of these values
are useful in determining the OBP path.

Before this patch grub-ofpathname always returned the wrong value
for a virtual disk. For example:

% grub-ofpathname /dev/vdiskc2
vdisk/disk@2:b

After this patch it now returns the correct value:

% grub-ofpathname /dev/vdiskc2
/virtual-devices@100/channel-devices@200/disk@2:b

Orabug: 24459765

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2017-05-29 16:59:44 +02:00
Andrei Borzenkov
a2932fbe8a osdep/linux: handle autofs entries in /proc/self/mountinfo
These entries have placeholder for device name and so are useless for our
purpose. grub failed with something like

grub-install: error: failed to get canonical path of `systemd-1'.

When we see autofs entry, record it (to keep parent-child relationship) but
continue to look for real mount. If it is found, we process it as usual. If
only autofs entry exists, attempt to trigger mount by opening mount point
and retry. Mount point itself is then kept open to avoid timeout.

Recent systemd is by default using automount for /boot/efi so this should
become more popular problem on EFI systems.

Closes: 49942
2017-01-24 20:05:19 +03:00
Mike Gilbert
7a5b301e3a build: Use AC_HEADER_MAJOR to find device macros
Depending on the OS/libc, device macros are defined in different
headers. This change ensures we include the right one.

sys/types.h - BSD
sys/mkdev.h - Sun
sys/sysmacros.h - glibc (Linux)

glibc currently pulls sys/sysmacros.h into sys/types.h, but this may
change in a future release.

https://sourceware.org/ml/libc-alpha/2015-11/msg00253.html
2016-04-24 08:12:42 +03:00
Andrei Borzenkov
3bca85b418 devmapper: check for valid device abstraction in get_grub_dev
This was lost when code was refactored. Patch restores previous behavior.

It is still not clear whether this is the right one. Due to the way we
detect DM abstraction, partitions on DM are skipped, we fall through to
generic detection which ends up in assuming parent device is BIOS disk.

It is useful to install GRUB on VM disk from the host. But it also means
that GRUB will mistakenly allow install on real system as well.

For now let's fix regression; future behavior needs to be discussed.

Closes: 45163
2015-12-26 21:45:22 +03:00
Michael Chang
7a210304eb Fix missing byte order conversion in get_btrfs_fs_prefix function
Since btrfs on-disk format uses little-endian, the searched item types
(ROOT_REF, INODE_REF) need converting the byte order in order to
function properly on big-endian systems.
2015-06-26 09:55:56 +03:00
Andrei Borzenkov
5082ea6184 remove extra newlines in grub_util_* strings
grub_util_{info,warn,error} already add trailing newlines, so remove
them from format strings. Also trailing full stops are already added.
2015-05-13 09:47:17 +03:00
Steve McIntyre
1a33de8b56 Recognize EFI platform even in case of mismatch between Linux and EFI.
Some x86 systems might be capable of running a 64-bit Linux kernel but
only use a 32-bit EFI (e.g. Intel Bay Trail systems). It's useful for
grub-install to be able to recognise such systems, to set the default
x86 platform correctly.

To allow grub-install to know the size of the firmware rather than
just the size of the kernel, there is now an extra EFI sysfs file to
describe the underlying firmware. Read that if possible, otherwise
fall back to the kernel type as before.

Signed-off-by: Steve McIntyre <steve@einval.com>
2015-03-27 14:51:51 +01:00
Andrei Borzenkov
637fc62699 linux/ofpath: fix descriptor leak
Found by: Coverity scan
2015-01-27 20:29:00 +03:00
Andrei Borzenkov
7ba137f628 linux/hostdisk: use strncpy instead of strlcpy
strlcpy is not available on Linux as part of standard libraries.
It probably is not worth extra configure checks espicially as we
need to handle missing function anyway.
2015-01-27 20:00:23 +03:00
Vladimir Serbinenko
8f95eae423 linux/ofpath: Fix error handling.
Found by: Coverity Scan.
2015-01-27 16:49:49 +01:00
Vladimir Serbinenko
c2fc41990a linux/hostdisk: Limit strcpy size to buffer size.
Found by: Coverity scan.
2015-01-27 16:48:53 +01:00
Andrei Borzenkov
e2a21238da linux/ofpath: fix various memory leaks.
Found by: Coverity scan.
2015-01-26 23:04:00 +03:00
Andrei Borzenkov
6704abade6 linux/getroot: fix descriptor leak.
Found by: Coverity scan.
2015-01-26 23:02:55 +03:00
Vladimir Serbinenko
cba5a85a67 linux/getroot: Fix error handling.
Found by: Coverity scan.
2015-01-26 09:51:48 +01:00
Vladimir Serbinenko
5adc6d76d3 linux/blocklist: Fix memory leak.
Found by: Coverity scan.
2015-01-26 09:50:58 +01:00
Vladimir Serbinenko
111ab3b9cc osdep/linux/blocklist.c (grub_install_get_blocklist): Check blocksize validity. 2015-01-21 17:42:12 +01:00
Vladimir Serbinenko
9706066791 * grub-core/osdep/linux/getroot.c (grub_util_part_to_disk): Support NVMe device names. 2014-04-03 21:31:12 +02:00
Mike Gilbert
35f2d96c0d grub-install: support for partitioned partx loop devices.
* grub-core/osdep/linux/getroot.c (grub_util_part_to_disk): Detect
	/dev/loopX as being the parent of /dev/loopXpY.
2014-01-26 02:56:04 +01:00
Vladimir Serbinenko
e88f0420b9 Make grub_util_devmapper_part_to_disk and grub_util_find_partition_start
follow the same algorithm to avoid method mismatch. Don't assume
	DMRAID- UUID to mean full disk but instead check that mapping is linear.
2013-12-24 14:16:57 +01:00
Vladimir Serbinenko
ae558c2ccf Enable -Wformat=2 if it's supported. 2013-12-21 15:28:28 +01:00
Vladimir Serbinenko
579ee114b1 Add missing static qualifiers. 2013-12-21 13:50:13 +01:00
Andrey Borzenkov
840a2c0592 add verbose information to linux platform check
As suggested by Vladimir Serbienko, add additional verbose output to inform
why we selected this specific platform.
2013-12-16 23:17:40 +04:00
Andrey Borzenkov
d770e63557 use grub_util_exec_redirect_all to silence "moprobe efivars"
modprobe -q still prints error on non-EFI. Redirect stderr instead.

Reported by Javier Vasquez.
2013-12-16 22:41:16 +04:00
Colin Watson
59b38922a1 Pacify compiler warning
* grub-core/osdep/linux/hostdisk.c
(grub_util_find_partition_start_os): Initialise start to avoid
spurious compiler warning.
2013-12-05 15:48:27 +00:00
Colin Watson
0480665b9d On Linux, read partition start offsets from sysfs if possible
This lets us cope with block device drivers that don't implement
HDIO_GETGEO.  Fixes Ubuntu bug #1237519.

* grub-core/osdep/linux/hostdisk.c (sysfs_partition_path): New
function.
(sysfs_partition_start): Likewise.
(grub_util_find_partition_start_os): Try sysfs_partition_start
before HDIO_GETGEO.
2013-12-05 13:51:52 +00:00
Vladimir Serbinenko
d54f647a4a * grub-core/osdep/linux/ofpath.c: Check return value of read. 2013-11-29 05:46:19 +01:00
Vladimir Serbinenko
cd46aa6cef Rewrite grub-install, grub-mkrescue, grub-mkstandalone and grub-mknetdir
the function of these files exceeds what can be sanely handled in shell
	in posix-comaptible way. Also writing it in C extends the functionality
	to non-UNIX-like OS and minimal environments.
2013-11-16 20:21:16 +01:00
Vladimir Serbinenko
090d7c81cf * grub-core/osdep/linux/getroot.c: Fix cast-align problems. 2013-11-03 00:43:49 +01:00
neil
a86865891a * grub-core/osdep/linux/blocklist.c: Include linux/types.h for some
broken linux headers.
2013-11-02 22:19:34 +01:00
Vladimir Serbinenko
cb72aa1809 Rewrite blocklist functions in order to get progress when
reading large extents and decrease amount of blocklist hook calls.
2013-11-01 23:28:03 +01:00
Vladimir Serbinenko
effe203677 * grub-core/osdep/linux/getroot.c: Add new btrfs defines. 2013-10-28 01:45:06 +01:00
Vladimir Serbinenko
82591fa6e7 Make / in btrfs refer to real root, not the default volume.
Modify mkrelpath to work even if device is mounted with subvolid option.
2013-10-28 01:37:19 +01:00
Vladimir 'phcoder' Serbinenko
cd78a56fb2 Move stat () and device mode checking into OS-dependent files as
long as performance doesn't suffer.
2013-10-19 16:29:20 +02:00
Vladimir 'phcoder' Serbinenko
40346de6d3 * grub-core/osdep/unix/getroot.c: Move exec functions to ...
* osdep/unix/exec.c: ... here. Add few additional exec_* variants.
2013-10-19 02:56:40 +02:00
Vladimir 'phcoder' Serbinenko
5a869940de Split out blocklist retrieving from setup.c to
grub-core/osdep/blocklist.c and add windows implementation since
	generic version doesn't work on NTFS on Windows due to aggressive
	unflushable cache.
2013-10-15 17:02:26 +02:00
Vladimir 'phcoder' Serbinenko
70671037c8 Split emunet into platform-dependent and GRUB-binding parts. Keep
platform-dependent part in kernel for easy access to OS functions.
2013-10-15 11:55:20 +02:00
Vladimir 'phcoder' Serbinenko
b73249d260 Make grub_util_fd_seek match behaviour of other grub_util_fd_* and
fseeko.
2013-10-14 12:47:09 +02:00
Vladimir 'phcoder' Serbinenko
bb338aaf24 Add a wrapper for fopen. On unix-like systems just pass-through. On
windows use unicode version.
2013-10-13 20:36:28 +02:00