Commit graph

34 commits

Author SHA1 Message Date
Peter Jones
f725fa7cb2 calloc: Use calloc() at most places
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-07-29 16:55:47 +02:00
Michael Chang
4868e17507 chainloader: Fix gcc9 error -Waddress-of-packed-member
The address of fp->path_name could be unaligned since seeking into the
device path buffer for a given node could end in byte boundary.

The fix is using aligned buffer allocated by grub_malloc for receiving
the converted UTF16 string by grub_utf8_to_utf16 and also the processing
after. The resulting string then gets copied to fp->path_name.

[  243s] ../../grub-core/loader/efi/chainloader.c: In function 'copy_file_path':
[  243s] ../../grub-core/loader/efi/chainloader.c:136:32: error: taking address of packed member of 'struct grub_efi_file_path_device_path' may result in an unaligned pointer value [-Werror=address-of-packed-member]
[  243s]   136 |   size = grub_utf8_to_utf16 (fp->path_name, len * GRUB_MAX_UTF16_PER_UTF8,
[  243s]       |                              ~~^~~~~~~~~~~
[  243s] ../../grub-core/loader/efi/chainloader.c:138:12: error: taking address of packed member of 'struct grub_efi_file_path_device_path' may result in an unaligned pointer value [-Werror=address-of-packed-member]
[  243s]   138 |   for (p = fp->path_name; p < fp->path_name + size; p++)
[  243s]       |            ^~

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-04-23 11:37:08 +02:00
Heinrich Schuchardt
ad0ea7c444 grub-core/loader/efi/fdt.c: Do not copy random memory
We should not try to copy any memory area which is outside of the original
fdt. If this extra memory is controlled by a hypervisor this might end
with a crash.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2019-01-14 11:53:52 +01:00
Leif Lindholm
dfb1742aab grub-core/loader/efi/fdt.c: Fixup grub_file_open() call
The verifiers framework changed the API of grub_file_open(), but did not
fix up all users. Add the file type GRUB_FILE_TYPE_DEVICE_TREE_IMAGE
to the "devicetree" command handler call.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-11-16 14:42:50 +01:00
Vladimir Serbinenko
ca0a4f689a verifiers: File type for fine-grained signature-verification controlling
Let's provide file type info to the I/O layer. This way verifiers
framework and its users will be able to differentiate files and verify
only required ones.

This is preparatory patch.

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2018-11-09 13:25:31 +01:00
Leif Lindholm
347210a5d5 efi/fdt: Set address/size cells to 2 for empty tree
When booting an arm* system on UEFI with an empty device tree (currently
only when hardware description comes from ACPI), we don't currently set
default to 1 cell (32 bits).

Set both of these properties, to 2 cells (64 bits), to resolve issues
with kexec on some platforms.

This change corresponds with linux kernel commit ae8a442dfdc4
("efi/libstub/arm*: Set default address and size cells values for an empty dtb")
and ensures booting through grub does not behave differently from booting
the stub loader directly.

See also https://patchwork.kernel.org/patch/9561201/

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-06-23 21:43:00 +02:00
Leif Lindholm
083c6e2455 arm64/efi: move EFI_PAGE definitions to efi/memory.h
The EFI page definitions and macros are generic and should not be confined
to arm64 headers - so move to efi/memory.h.
Also add EFI_PAGE_SIZE macro.

Update loader sources to reflect new header location.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2018-02-23 22:42:42 +01:00
Leif Lindholm
91212e0aa0 arm64 linux loader: improve type portability
In preparation for turning this into a common loader for 32-bit and 64-bit
platforms, ensure the code will compile cleanly for either.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-08-07 18:54:56 +02:00
Leif Lindholm
8c9465fac9 efi: move fdt helper library
There is nothing ARM64 (or even ARM) specific about the efi fdt helper
library, which is used for locating or overriding a firmware-provided
devicetree in a UEFI system - so move it to loader/efi for reuse.

Move the fdtload.h include file to grub/efi and update path to
efi/fdtload.h in source code referring to it.

Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2017-08-07 18:50:44 +02:00
Andrei Borzenkov
ce95549cc5 efi: properly terminate filepath with NULL in chainloader
EFI File Path Media Device Path is defined as NULL terminated string;
but chainloader built file paths without final NULL. This caused error
with Secure Boot and Linux Foundation PreLoader on Acer with InsydeH20 BIOS.
Apparently firmware failed verification with EFI_INVALID_PARAMETER which is
considered fatal error by PreLoader.

Reported and tested by Giovanni Santini <itachi.sama.amaterasu@gmail.com>
2016-12-15 16:07:00 +03:00
Andrei Borzenkov
c058e85615 chainloader: fix resoource leak
Found by: Coverity scan.
CID: 96651
2015-06-26 09:25:30 +03:00
Andrei Borzenkov
c069460259 efi/chainloader: fix use after free
Found by: Coverity scan.
CID: 96714
2015-06-20 23:38:17 +03:00
Vladimir Serbinenko
da98622662 Declare GRUB_EFI_VENDOR_APPLE_GUID. 2013-12-24 14:14:19 +01:00
Vladimir Serbinenko
44bbfa33b8 Propagate the EFI commits to x86-efi specific parts. 2013-12-11 16:11:17 +01:00
Vladimir Serbinenko
219401b8b9 * include/grub/efi/api.h (grub_efi_device_path): Define length as
unaligned u16 rather than u8[2].
2013-12-11 15:54:01 +01:00
Vladimir 'phcoder' Serbinenko
3e4f356646 Support Apple FAT binaries on non-Apple platforms.
* include/grub/macho.h (GRUB_MACHO_FAT_EFI_MAGIC): New define.
	* include/grub/i386/macho.h (GRUB_MACHO_CPUTYPE_IS_HOST_CURRENT):
	Likewise.
	* grub-core/loader/efi/chainloader.c (grub_cmd_chainloader): Parse
	Apple FAT binaries.
2013-01-10 12:50:01 +01:00
Benoit Gschwind
801a3027be * grub-core/loader/efi/appleloader.c (devpath_8): New var.
(devs): Add devpath_8.
2012-09-10 09:34:29 +02:00
Vladimir 'phcoder' Serbinenko
c21b17e6e0 * grub-core/loader/efi/chainloader.c (copy_file_path): Handle non-ASCII
filenames.
	(make_file_path): Likewise.
2012-06-06 02:34:32 +02:00
Felix
f65a829e41 * grub-core/loader/efi/appleloader.c (devpath_7): New var.
(devs): Add MBP 2011.
2012-04-01 21:30:24 +02:00
Vladimir 'phcoder' Serbinenko
1ecd61a47a Fix efi chainloader on network root.
* grub-core/loader/efi/chainloader.c (grub_cmd_chainloader): Handle
	network devices.
	* grub-core/net/drivers/efi/efinet.c (grub_efinet_get_device_handle):
	New function.
2012-03-10 20:41:28 +01:00
Vladimir 'phcoder' Serbinenko
922aabf34b * grub-core/loader/efi/chainloader.c (grub_cmd_chainloader): Fix format
in dprintf.
2012-03-10 18:02:53 +01:00
Vladimir 'phcoder' Serbinenko
e8e0566b0c * grub-core/commands/videoinfo.c: Add TRANSLATORS comments.
* grub-core/commands/xnu_uuid.c: Likewise.
	* grub-core/loader/efi/appleloader.c: Likewise.
	* grub-core/script/execute.c: Likewise.
	* grub-core/script/main.c: Likewise.
	* util/grub-mkfont.c: Likewise.
2012-03-10 13:19:46 +01:00
Vladimir 'phcoder' Serbinenko
c9eb96b508 * grub-core/loader/efi/chainloader.c (grub_cmd_chainloader): Use
"out of memory" error messagge.
2012-03-10 13:10:07 +01:00
Vladimir 'phcoder' Serbinenko
db5fc59616 * grub-core/loader/efi/appleloader.c (grub_cmd_appleloader): Move
diagnostic to dprintf.
	* grub-core/loader/i386/pc/linux.c (grub_cmd_linux): Likewise.
2012-02-12 19:03:14 +01:00
Vladimir 'phcoder' Serbinenko
d61386e21d Improve string. Gettextize. 2012-02-12 15:25:25 +01:00
Vladimir 'phcoder' Serbinenko
9c4b5c13e6 Improve gettext support. Stylistic fixes and error handling fixes while
on it.
2012-02-08 19:26:01 +01:00
Vladimir 'phcoder' Serbinenko
4a9f8346c9 * grub-core/commands/ls.c: Gettextize.
* grub-core/commands/setpci.c: Likewise.
        * grub-core/commands/videotest.c: Likewise.
        * grub-core/disk/geli.c: Likewise.
        * grub-core/kern/mm.c: Likewise.
        * grub-core/lib/relocator.c: Likewise.
        * grub-core/loader/efi/appleloader.c: Likewise.
        * grub-core/loader/i386/xnu.c: Likewise.
        * grub-core/loader/ia64/efi/linux.c: Likewise.
        * grub-core/loader/xnu.c: Likewise.
        * grub-core/net/dns.c: Likewise.
        * grub-core/net/net.c: Likewise.
        * grub-core/script/lexer.c: Likewise.
        * grub-core/script/parser.y: Likewise.
        * grub-core/script/yylex.l: Likewise.
        * util/getroot.c: Likewise.
        * util/grub-setup.c: Likewise.
2012-02-03 11:56:49 +01:00
Vladimir 'phcoder' Serbinenko
055dc23978 * grub-core/kern/emu/main.c (main): Add missing const qualifier.
* grub-core/loader/efi/appleloader.c (devdata): Likewise.
2011-12-13 01:32:41 +01:00
Szymon Janc
cbf597afb1 * grub-core/commands/cmp.c (grub_cmd_cmp): Remove unnecessary NULL
pointer checks before calling grub_free().
	* grub-core/commands/wildcard.c (match_devices): Likewise.
	* grub-core/commands/wildcard.c (match_files): Likewise.
	* grub-core/fs/cpio.c (grub_cpio_dir): Likewise.
	* grub-core/fs/cpio.c (grub_cpio_open): Likewise.
	* grub-core/fs/udf.c (grub_udf_read_block): Likewise.
	* grub-core/fs/xfs.c (grub_xfs_read_block): Likewise.
	* grub-core/loader/efi/chainloader.c (grub_cmd_chainloader): Likewise.
	* grub-core/normal/cmdline.c (grub_cmdline_get): Likewise.
	* grub-core/script/yylex.l (grub_lexer_unput): Likewise.
	* grub-core/video/readers/jpeg.c (grub_video_reader_jpeg): Likewise.
	* grub-core/video/readers/png.c (grub_png_output_byte): Likewise.
2011-06-26 17:17:41 +02:00
Vladimir 'phcoder' Serbinenko
52856af262 * grub-core/loader/efi/chainloader.c (grub_chainloader_unload): Set
file_path to 0 for surety.
	(grub_chainloader_boot): Set exit_data to NULL.
	Unset the loader once done.
	(grub_cmd_chainloader): Fix confusing error message if file is empty.
2011-05-10 09:14:41 +02:00
Vladimir 'phcoder' Serbinenko
072b5d315a * grub-core/loader/efi/appleloader.c (MAKE_PIWG_PATH): New macro.
(devpath_1): Use MAKE_PIWG_PATH.
	(devpath_2): Likewise.
	(devpath_3): Likewise.
	(devpath_4): Likewise.
	(devpath_5): Likewise.
	(devpath_6): Likewise.

	The appleldr.mod was checked that to be binary identical to previous
	version.
2011-05-05 13:34:03 +02:00
Zach
7fae005102 Support 2010 Macbooks.
* grub-core/loader/efi/appleloader.c (devpath_6): New variable.
	(devs): Add devpath_6.
2011-05-05 12:18:00 +02:00
Vladimir 'phcoder' Serbinenko
e745cf0ca6 Implement automatic module license checking according to new GNU
guidelines.

	* grub-core/kern/dl.c (grub_dl_check_license): New function.
	(grub_dl_load_core): Use grub_dl_check_license.
	* include/grub/dl.h (GRUB_MOD_SECTION): New macro.
	(GRUB_MOD_LICENSE): Likewise.
	(GRUB_MOD_DUAL_LICENSE): Likewise.
	All modules updated.
2011-04-11 23:01:51 +02:00
BVK Chaitanya
8c41176882 automake commit without merge history 2010-05-06 11:34:04 +05:30