vbatts
/
grub
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9,953 Commits 7 Branches 0 Tags 72 MiB
C 90%
Assembly 4.3%
Shell 1.5%
Gettext Catalog 1.2%
M4 0.8%
Other 2%
Go to file
Alexey Makhalov f7bd9986f6 efi: Fix use-after-free in halt/reboot path 
commit 92bfc33db9 ("efi: Free malloc regions on exit")
introduced memory freeing in grub_efi_fini(), which is
used not only by exit path but by halt/reboot one as well.
As result of memory freeing, code and data regions used by
modules, such as halt, reboot, acpi (used by halt) also got
freed. After return to module code, CPU executes, filled
by UEFI firmware (tested with edk2), 0xAFAFAFAF pattern as
a code. Which leads to #UD exception later.

grub> halt
!!!! X64 Exception Type - 06(#UD - Invalid Opcode)  CPU Apic ID - 00000000 !!!!
RIP  - 0000000003F4EC28, CS  - 0000000000000038, RFLAGS - 0000000000200246
RAX  - 0000000000000000, RCX - 00000000061DA188, RDX - 0A74C0854DC35D41
RBX  - 0000000003E10E08, RSP - 0000000007F0F860, RBP - 0000000000000000
RSI  - 00000000064DB768, RDI - 000000000832C5C3
R8   - 0000000000000002, R9  - 0000000000000000, R10 - 00000000061E2E52
R11  - 0000000000000020, R12 - 0000000003EE5C1F, R13 - 00000000061E0FF4
R14  - 0000000003E10D80, R15 - 00000000061E2F60
DS   - 0000000000000030, ES  - 0000000000000030, FS  - 0000000000000030
GS   - 0000000000000030, SS  - 0000000000000030
CR0  - 0000000080010033, CR2 - 0000000000000000, CR3 - 0000000007C01000
CR4  - 0000000000000668, CR8 - 0000000000000000
DR0  - 0000000000000000, DR1 - 0000000000000000, DR2 - 0000000000000000
DR3  - 0000000000000000, DR6 - 00000000FFFF0FF0, DR7 - 0000000000000400
GDTR - 00000000079EEA98 0000000000000047, LDTR - 0000000000000000
IDTR - 0000000007598018 0000000000000FFF,   TR - 0000000000000000
FXSAVE_STATE - 0000000007F0F4C0

Proposal here is to continue to free allocated memory for
exit boot services path but keep it for halt/reboot path
as it won't be much security concern here.
Introduced GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY
loader flag to be used by efi halt/reboot path.

Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
 		2020-07-29 16:55:48 +02:00
asm-tests asm-tests/i386-pc: Check that movl is 5 bytes. 2016-09-28 20:31:04 +03:00
conf gettext: Restore patches to po/Makefile.in.in 2020-03-10 21:17:54 +01:00
docs docs/grub: Support for probing partition UUID on MSDOS disks 2020-05-15 15:27:58 +02:00
grub-core efi: Fix use-after-free in halt/reboot path 2020-07-29 16:55:48 +02:00
include efi: Fix use-after-free in halt/reboot path 2020-07-29 16:55:48 +02:00
po po: Fix replacement of %m in sed programs 2020-03-10 21:32:09 +01:00
tests syslinux: Fix syslinux_test in out-of-tree builds 2019-03-05 10:27:53 +01:00
themes/starfield Starfield theme. 2012-02-23 17:21:38 +01:00
unicode * unicode: Import Unicode 6.0 data. 2011-12-25 16:17:25 +01:00
util calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
.gitattributes gitattributes: Mark po/exclude.pot as binary so git won't try to diff nonprintables 2019-09-23 13:17:15 +02:00
.gitignore gitignore: Add a few forgotten file patterns 2020-05-15 15:06:21 +02:00
.travis.yml travis: Add Travis CI config file 2019-02-25 14:02:06 +01:00
AUTHORS 2005-09-03 Yoshinori K. Okuji <okuji@enbug.org> 2005-09-03 16:54:27 +00:00
BUGS * BUGS: New file. 2011-01-11 00:06:01 +01:00
COPYING 2007-07-22 Yoshinori K. Okuji <okuji@enbug.org> 2007-07-21 23:32:33 +00:00
ChangeLog-2015 Autogenerate ChangeLog from git changelog. 2015-01-24 17:29:50 +01:00
INSTALL safemath: Add some arithmetic primitives that check for overflow 2020-07-29 16:55:47 +02:00
Makefile.am Makefile: Make libgrub.pp depend on config-util.h 2020-03-10 21:39:53 +01:00
Makefile.util.def templates: Output a menu entry for firmware setup on UEFI FastBoot systems 2020-04-21 22:14:12 +02:00
NEWS Release 2.04 2019-07-04 15:57:30 +02:00
README README: Remove dead link to the wiki 2015-11-06 04:31:23 +01:00
THANKS 2009-12-11 Robert Millan <rmh.grub@aybabtu.com> 2009-12-11 22:44:47 +00:00
TODO TODO: Remove obsolete link 2016-02-12 17:51:52 +01:00
acinclude.m4 Fix -nopie/-nopie check. 2017-01-30 19:38:55 +01:00
autogen.sh autogen: Replace -iname with -ipath in find command 2020-05-15 15:35:59 +02:00
bootstrap gnulib: Upgrade Gnulib and switch to bootstrap tool 2019-03-05 10:48:12 +01:00
bootstrap.conf gettext: Restore patches to po/Makefile.in.in 2020-03-10 21:17:54 +01:00
config.h.in Remove libgcc dependency. 2015-03-03 20:50:37 +01:00
configure.ac INSTALL/configure: Update install doc and configure comment 2020-05-25 14:49:53 +02:00
coreboot.cfg * coreboot.cfg: Add missing file. 2013-11-20 00:52:23 +01:00
geninit.sh automake commit without merge history 2010-05-06 11:34:04 +05:30
gentpl.py build: Fix GRUB i386-pc build with Ubuntu gcc 2020-03-31 12:17:02 +02:00
linguas.sh linguas: Don't skip ko.po. 2017-02-04 00:06:57 +01:00

README 

This is GRUB 2, the second version of the GRand Unified Bootloader.
GRUB 2 is rewritten from scratch to make GNU GRUB cleaner, safer, more
robust, more powerful, and more portable.

See the file NEWS for a description of recent changes to GRUB 2.

See the file INSTALL for instructions on how to build and install the
GRUB 2 data and program files.

Please visit the official web page of GRUB 2, for more information.
The URL is <http://www.gnu.org/software/grub/grub.html>.

More extensive documentation is available in the Info manual,
accessible using 'info grub' after building and installing GRUB 2.

There are a number of important user-visible differences from the
first version of GRUB, now known as GRUB Legacy. For a summary, please
see:

  info grub Introduction 'Changes from GRUB Legacy'