vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
9956 commits 7 branches 0 tags 73 MiB
Commit graph

37 commits

Author SHA1 Message Date
Peter Jones
f725fa7cb2 calloc: Use calloc() at most places 
This modifies most of the places we do some form of:

  X = malloc(Y * Z);

to use calloc(Y, Z) instead.

Among other issues, this fixes:
  - allocation of integer overflow in grub_png_decode_image_header()
    reported by Chris Coulson,
  - allocation of integer overflow in luks_recover_key()
    reported by Chris Coulson,
  - allocation of integer overflow in grub_lvm_detect()
    reported by Chris Coulson.

Fixes: CVE-2020-14308

Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 2020-07-29 16:55:47 +02:00
Patrick Steinhardt
dd3f49b106 luks: Move configuration of ciphers into cryptodisk 
The luks module contains quite a lot of logic to parse cipher and
cipher-mode strings like aes-xts-plain64 into constants to apply them
to the grub_cryptodisk_t structure. This code will be required by the
upcoming luks2 module, as well, which is why this commit moves it into
its own function grub_cryptodisk_setcipher in the cryptodisk module.
While the strings are probably rather specific to the LUKS modules, it
certainly does make sense that the cryptodisk module houses code to set
up its own internal ciphers instead of hosting that code in the luks
module.

Except for necessary adjustments around error handling, this commit does
an exact move of the cipher configuration logic from luks.c to
cryptodisk.c. Any behavior changes are unintentional.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 2020-01-10 14:29:37 +01:00
Andrei Borzenkov
ea44693fc8 grub-core/disk/luks.c: fix use after free and memory leaks 
configure_ciphers:

- several memory leaks where allocated ciphers were not freed. CID: 73813,
73710

- use after free. It is probably quite innocent as grub is single threaded,
but could potentially be a problem with memory allocator debugger turned on.
CID: 73730

luks_recover_key:

- memory leak. CID: 73854
 2014-11-28 21:12:00 +03:00
Vladimir Serbinenko
7e47e27bd8 Add gcc_struct to all packed structures when compiling with mingw. 
Just "packed" doesn't always pack the way we expect.
 2013-12-15 14:14:30 +01:00
Vladimir Serbinenko
c35fcdc0b7 * grub-core/disk/AFSplitter.c: Remove variable length arrays. 
* grub-core/disk/cryptodisk.c: Likewise.
	* grub-core/disk/geli.c: Likewise.
	* grub-core/disk/luks.c: Likewise.
 2013-11-12 02:48:02 +01:00
Vladimir 'phcoder' Serbinenko
7b3aca00fa * grub-core/disk/luks.c (configure_ciphers): Fix spurious warning. 2013-10-18 16:51:08 +02:00
Vladimir 'phcoder' Serbinenko
ce50dbd746 Add new 'proc' filesystem framework and put luks_script into it. 2013-03-24 13:05:59 +01:00
Vladimir 'phcoder' Serbinenko
40211ab884 * grub-core/commands/acpihalt.c: Add TRANSLATORS comments. 
* grub-core/commands/keystatus.c: Likewise.
	* grub-core/commands/loadenv.c: Likewise.
	* grub-core/commands/probe.c: Likewise.
	* grub-core/commands/regexp.c: Likewise.
	* grub-core/commands/true.c: Likewise.
	* grub-core/commands/videoinfo.c: Likewise.
	* grub-core/disk/cryptodisk.c: Likewise.
	* grub-core/disk/ldm.c: Likewise.
	* grub-core/disk/loopback.c: Likewise.
	* grub-core/disk/luks.c: Likewise.
	* grub-core/fs/zfs/zfsinfo.c: Likewise.
	* grub-core/kern/disk.c: Likewise.
	* grub-core/kern/emu/hostdisk.c: Likewise.
 2012-03-03 12:59:28 +01:00
Vladimir 'phcoder' Serbinenko
6e0632e28c * grub-core/commands/acpihalt.c: Gettextized. 
* grub-core/commands/cacheinfo.c: Likewise.
	* grub-core/commands/cmp.c: Likewise.
	* grub-core/commands/efi/loadbios.c: Likewise.
	* grub-core/commands/gptsync.c: Likewise.
	* grub-core/commands/ieee1275/suspend.c: Likewise.
	* grub-core/commands/legacycfg.c: Likewise.
	* grub-core/commands/memrw.c: Likewise.
	* grub-core/commands/minicmd.c: Likewise.
	* grub-core/commands/parttool.c: Likewise.
	* grub-core/commands/time.c: Likewise.
	* grub-core/commands/videoinfo.c: Likewise.
	* grub-core/disk/geli.c: Likewise.
	* grub-core/disk/i386/pc/biosdisk.c: Likewise.
	* grub-core/disk/luks.c: Likewise.
	* grub-core/disk/lvm.c: Likewise.
	* grub-core/font/font_cmd.c: Likewise.
	* grub-core/fs/zfs/zfscrypt.c: Likewise.
	* grub-core/fs/zfs/zfsinfo.c: Likewise.
	* grub-core/gfxmenu/view.c: Likewise.
	* grub-core/kern/emu/hostdisk.c: Likewise.
	* grub-core/kern/emu/main.c: Likewise.
	* grub-core/kern/emu/misc.c: Likewise.
	* grub-core/kern/emu/mm.c: Likewise.
	* grub-core/kern/mips/arc/init.c: Likewise.
	* grub-core/kern/mips/loongson/init.c: Likewise.
	* grub-core/kern/partition.c: Likewise.
	* grub-core/lib/i386/halt.c: Likewise.
	* grub-core/lib/mips/arc/reboot.c: Likewise.
	* grub-core/lib/mips/loongson/reboot.c: Likewise.
	* grub-core/loader/i386/pc/chainloader.c: Likewise.
	* grub-core/loader/i386/xnu.c: Likewise.
	* grub-core/loader/multiboot.c: Likewise.
	* grub-core/net/bootp.c: Likewise.
	* grub-core/net/net.c: Likewise.
	* grub-core/normal/term.c: Likewise.
	* grub-core/partmap/bsdlabel.c: Likewise.
	* grub-core/parttool/msdospart.c: Likewise.
	* grub-core/term/gfxterm.c: Likewise.
	* grub-core/term/terminfo.c: Likewise.
	* grub-core/video/i386/pc/vbe.c: Likewise.
	* util/grub-menulst2cfg.c: Likewise.
	* util/grub-mkdevicemap.c: Likewise.
	* util/grub-mklayout.c: Likewise.
	* util/grub-mkrelpath.c: Likewise.
	* util/grub-script-check.c: Likewise.
	* util/ieee1275/grub-ofpathname.c: Likewise.
	* util/resolve.c: Likewise.
 2011-11-11 21:44:56 +01:00
Vladimir 'phcoder' Serbinenko
20a409405b Integrate geli into autoconfiguration system 2011-04-25 14:52:07 +02:00
Vladimir 'phcoder' Serbinenko
8358d7f221 Skip one-time volumes and add option for skipping non-boot volumes 2011-04-24 21:40:13 +02:00
Vladimir 'phcoder' Serbinenko
23432f6542 support UUID for geli 2011-04-24 21:11:14 +02:00
Vladimir 'phcoder' Serbinenko
371a8f1183 Fix a potential buffer overflow 2011-04-24 17:50:22 +02:00
Vladimir 'phcoder' Serbinenko
3e90811d88 support non-512B sectors for geli 2011-04-24 14:59:38 +02:00
Vladimir 'phcoder' Serbinenko
1a1f408f20 geli support 2011-04-24 00:00:29 +02:00
Vladimir 'phcoder' Serbinenko
8585e54bec factor cryptodisk part out 2011-04-23 18:00:42 +02:00
Vladimir 'phcoder' Serbinenko
fcf3bfb6ff small readability improvement 2011-04-23 16:45:00 +02:00
Vladimir 'phcoder' Serbinenko
b896ae82db small readability improvement 2011-04-23 16:43:55 +02:00
Vladimir 'phcoder' Serbinenko
6f33a8eebc optimize LRW 2011-04-23 16:41:43 +02:00
Vladimir 'phcoder' Serbinenko
6fd80b9ac4 factor luks_set_key out 2011-04-23 12:40:43 +02:00
Vladimir 'phcoder' Serbinenko
2f179c3236 LRW support 2011-04-23 04:51:53 +02:00
Vladimir 'phcoder' Serbinenko
4b35060f6f Fix benbi 2011-04-23 03:18:07 +02:00
Vladimir 'phcoder' Serbinenko
ed38c849f4 pcbc support 2011-04-23 02:27:45 +02:00
Vladimir 'phcoder' Serbinenko
95172af9fa Better IV modes support 2011-04-23 02:04:40 +02:00
Vladimir 'phcoder' Serbinenko
9d647e4e18 New -t luks_uuid 2011-04-22 23:51:16 +02:00
Vladimir 'phcoder' Serbinenko
50ad7d9cae luks grub-probe support 2011-04-22 23:39:36 +02:00
Vladimir 'phcoder' Serbinenko
fe32915a5e XTS support 2011-04-22 21:48:32 +02:00
Vladimir 'phcoder' Serbinenko
84a411c0c3 small argument revamp 2011-04-22 19:51:06 +02:00
Vladimir 'phcoder' Serbinenko
4169260830 grub-fstest luks support 2011-04-22 19:44:41 +02:00
Vladimir 'phcoder' Serbinenko
24089d19e2 Add cheatmounting 2011-04-22 19:20:46 +02:00
Vladimir 'phcoder' Serbinenko
f3470f4eb5 restructure prior to adding cheatmounts 2011-04-22 16:32:27 +02:00
Vladimir 'phcoder' Serbinenko
0aaa85f1a0 merge lazy into luks 2011-04-22 15:13:12 +02:00
Vladimir 'phcoder' Serbinenko
64516e9df6 Fix couple of UUID problems 2011-04-21 12:39:14 +02:00
Vladimir 'phcoder' Serbinenko
79cde98f5d Support luksuuid specification 2011-04-21 11:58:06 +02:00
Vladimir 'phcoder' Serbinenko
a89c3dd3f7 Don't mount the same LUKS volume twice 2011-04-21 11:38:51 +02:00
Vladimir 'phcoder' Serbinenko
5709ed126d small cleanup 2011-04-21 11:17:01 +02:00
Michael Gorven
7217f315d3 LUKS support based on work of Michael Gorven with some code from Clemens Fruhwirth and heavily cleaned up by me (phcoder) 
Also-By: Clemens Fruhwirth <clemens@endorphin.org>

	Also-By: Vladimir Serbinenko <phcoder@gmail.com>
 2011-04-21 11:14:29 +02:00