b53a2f2c66
Recent work around x86 Linux kernel loader revealed an underflow in the setup_header length calculation and another related issue. Both lead to the memory overwrite and later machine crash. Currently when the GRUB copies the setup_header into the linux_params (struct boot_params, traditionally known as "zero page") it assumes the setup_header size as sizeof(linux_i386_kernel_header/lh). This is incorrect. It should use the value calculated accordingly to the Linux kernel boot protocol. Otherwise in case of pretty old kernel, to be exact Linux kernel boot protocol, the GRUB may write more into linux_params than it was expected to. Fortunately this is not very big issue. Though it has to be fixed. However, there is also an underflow which is grave. It happens when sizeof(linux_i386_kernel_header/lh) > "real size of the setup_header". Then len value wraps around and grub_file_read() reads whole kernel into the linux_params overwriting memory past it. This leads to the GRUB memory allocator breakage and finally to its crash during boot. The patch fixes both issues. Additionally, it moves the code not related to grub_memset(linux_params)/grub_memcpy(linux_params)/grub_file_read(linux_params) section outside of it to not confuse the reader. Fixes: e683cfb0cf5 (loader/i386/linux: Calculate the setup_header length) Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Javier Martinez Canillas <javierm@redhat.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com> Reviewed-by: Krystian Hebel <krystian.hebel@3mdeb.com>
This is GRUB 2, the second version of the GRand Unified Bootloader. GRUB 2 is rewritten from scratch to make GNU GRUB cleaner, safer, more robust, more powerful, and more portable. See the file NEWS for a description of recent changes to GRUB 2. See the file INSTALL for instructions on how to build and install the GRUB 2 data and program files. Please visit the official web page of GRUB 2, for more information. The URL is <http://www.gnu.org/software/grub/grub.html>. More extensive documentation is available in the Info manual, accessible using 'info grub' after building and installing GRUB 2. There are a number of important user-visible differences from the first version of GRUB, now known as GRUB Legacy. For a summary, please see: info grub Introduction 'Changes from GRUB Legacy'