backport some patches from upstream
Signed-off-by: Qiumiao Zhang <zhangqiumiao1@huawei.com>
This commit is contained in:
Qiumiao Zhang
parent
c26d7c6bee
commit
5e935ea015
40
backport-commands-legacycfg-Avoid-closing-file-twice.patch
Normal file
40
backport-commands-legacycfg-Avoid-closing-file-twice.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From f26b39860d32e2b9edb30370349e40b1ac7055c8 Mon Sep 17 00:00:00 2001
|
||||
From: Leo Sandoval <lsandova@redhat.com>
|
||||
Date: Wed, 16 Oct 2024 11:54:38 -0600
|
||||
Subject: [PATCH] commands/legacycfg: Avoid closing file twice
|
||||
|
||||
An internal (at Red Hat) static soure code scan detected an
|
||||
use-after-free scenario:
|
||||
|
||||
Error: USE_AFTER_FREE (CWE-416):
|
||||
grub-2.06/grub-core/commands/legacycfg.c:194: freed_arg: "grub_file_close" frees "file".
|
||||
grub-2.06/grub-core/commands/legacycfg.c:201: deref_arg: Calling "grub_file_close" dereferences freed pointer "file".
|
||||
# 199| if (!args)
|
||||
# 200| {
|
||||
# 201|-> grub_file_close (file);
|
||||
# 202| grub_free (suffix);
|
||||
# 203| grub_free (entrysrc);
|
||||
|
||||
So, remove the extra file close call.
|
||||
|
||||
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
---
|
||||
grub-core/commands/legacycfg.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/commands/legacycfg.c b/grub-core/commands/legacycfg.c
|
||||
index e9e9d94ef..3bf9fe2e4 100644
|
||||
--- a/grub-core/commands/legacycfg.c
|
||||
+++ b/grub-core/commands/legacycfg.c
|
||||
@@ -198,7 +198,6 @@ legacy_file (const char *filename)
|
||||
const char **args = grub_malloc (sizeof (args[0]));
|
||||
if (!args)
|
||||
{
|
||||
- grub_file_close (file);
|
||||
grub_free (suffix);
|
||||
grub_free (entrysrc);
|
||||
return grub_errno;
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -0,0 +1,48 @@
|
||||
From f456add5f4171b27a1f8aca98e02c14e123bbd59 Mon Sep 17 00:00:00 2001
|
||||
From: Rogier <rogier777@gmail.com>
|
||||
Date: Mon, 6 May 2024 15:18:45 -0500
|
||||
Subject: [PATCH] disk/lvm: GRUB fails to detect LVM volumes due to an
|
||||
incorrect computation of mda_end
|
||||
|
||||
When handling a regular LVM volume, GRUB can fail with the message:
|
||||
|
||||
error: disk `lvmid/******-****-****-****-****-****-****/******-****-****-****-****-****-******' not found.
|
||||
|
||||
If the condition which triggers this exists, grub-probe will report the
|
||||
error mentioned above. Similarly, the GRUB boot code will fail to detect
|
||||
LVM volumes, resulting in a failure to boot off of LVM disks/partitions.
|
||||
The condition can be created on any LVM VG by an LVM configuration change,
|
||||
so any system with /boot on LVM can become unbootable at "any" time (after
|
||||
any LVM configuration change).
|
||||
|
||||
The problem is caused by an incorrect computation of mda_end in disk/lvm.c,
|
||||
when the metadata area wraps around. Apparently, this can start happening at
|
||||
around 220 metadata changes to the VG.
|
||||
|
||||
Fixes: 879c4a834 (lvm: Fix two more potential data-dependent alloc overflows)
|
||||
Fixes: https://savannah.gnu.org/bugs/?61620
|
||||
|
||||
Signed-off-by: Rogier <rogier777@gmail.com>
|
||||
Signed-off-by: Glenn Washburn <development@efficientek.com>
|
||||
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
|
||||
Tested-By: Michael Chang <mchang@suse.com>
|
||||
---
|
||||
grub-core/disk/lvm.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c
|
||||
index 794248540..0c32c95f9 100644
|
||||
--- a/grub-core/disk/lvm.c
|
||||
+++ b/grub-core/disk/lvm.c
|
||||
@@ -290,7 +290,7 @@ grub_lvm_detect (grub_disk_t disk,
|
||||
|
||||
p = q = (char *)ptr;
|
||||
|
||||
- if (grub_add ((grub_size_t)metadatabuf, (grub_size_t)mda_size, &ptr))
|
||||
+ if (grub_add (ptr, (grub_size_t) grub_le_to_cpu64 (rlocn->size), &ptr))
|
||||
goto error_parsing_metadata;
|
||||
|
||||
mda_end = (char *)ptr;
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -354,3 +354,5 @@ Patch0354: backport-disk-Generalize-MD_MAX_DISKS-to-GRUB_MDRAID_MAX_DISKS.patch
|
||||
Patch0355: backport-disk-mdraid1x_linux-Prevent-infinite-recursion.patch
|
||||
Patch0356: backport-osdep-Introduce-include-grub-osdep-major-h-and-use-it.patch
|
||||
Patch0357: backport-osdep-linux-hostdisk-Use-stat-instead-of-udevadm.patch
|
||||
Patch0358: backport-commands-legacycfg-Avoid-closing-file-twice.patch
|
||||
Patch0359: backport-disk-lvm-GRUB-fails-to-detect-LVM-volumes-due-to-an-.patch
|
||||
|
||||
@ -14,7 +14,7 @@
|
||||
Name: grub2
|
||||
Epoch: 1
|
||||
Version: 2.06
|
||||
Release: 48
|
||||
Release: 49
|
||||
Summary: Bootloader with support for Linux, Multiboot and more
|
||||
License: GPLv3+
|
||||
URL: http://www.gnu.org/software/grub/
|
||||
@ -453,6 +453,13 @@ fi
|
||||
%{_datadir}/man/man*
|
||||
|
||||
%changelog
|
||||
* Sat Dec 21 2024 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.06-49
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
- SUG:NA
|
||||
- DESC:commands/legacycfg: Avoid closing file twice
|
||||
disk/lvm: GRUB fails to detect LVM volumes due to an incorrect computation of mda_end
|
||||
|
||||
* Mon Jun 24 2024 zhangqiumiao <zhangqiumiao1@huawei.com> - 1:2.06-48
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user