~akashraoind-deactivatedaccount/grub:fix-postinst

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

5b31b1c... by Dimitri John Ledkov on 2020-07-30

When upgrading non-interactively, and grub-pc installation fails on to the configured devices abort the package upgrade. This should prevent missmatch between the grub core installed on the boot device and the grub modules unpacked. Missmatch between core and modules may lead to unpredictable results and boot failures. LP: #1889556

14f06d2... by Chris Coulson on 2020-07-30

releasing 2.04-1ubuntu26.1

55d6e11... by Chris Coulson on 2020-07-27

Add missing #include to grub-core/loader/arm64/linux.c

ec83738... by Colin Watson on 2020-07-27

efilinux: Fix integer overflows in grub_cmd_initrd

These could be triggered by an extremely large number of arguments to
the initrd command on 32-bit architectures, or a crafted filesystem with
very large files on any architecture.

Fixes: CVE-2020-15707

Signed-off-by: Colin Watson <email address hidden>

33b27a7... by Colin Watson on 2020-07-25

linux: Fix integer overflows in initrd size handling

These could be triggered by a crafted filesystem with very large files.

Fixes: CVE-2020-15707

Signed-off-by: Colin Watson <email address hidden>
Reviewed-by: Jan Setje-Eilers <email address hidden>

b47e1a6... by Peter Jones on 2020-07-24

linux loader: avoid overflow on initrd size calculation

Signed-off-by: Peter Jones <email address hidden>

04b3402... by Alexey Makhalov <email address hidden> on 2020-07-17

relocator: Fix grub_relocator_alloc_chunk_align() top memory allocation

Current implementation of grub_relocator_alloc_chunk_align()
does not allow allocation of the top byte.

Assuming input args are:
  max_addr = 0xfffff000;
  size = 0x1000;

And this is valid. But following overflow protection will
unnecessarily move max_addr one byte down (to 0xffffefff):
  if (max_addr > ~size)
    max_addr = ~size;

~size + 1 will fix the situation. In addition, check size
for non zero to do not zero max_addr.

Signed-off-by: Alexey Makhalov <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

a55ad29... by Alexey Makhalov <email address hidden> on 2020-07-08

relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow

This commit introduces integer underflow mitigation in max_addr calculation
in grub_relocator_alloc_chunk_align() invocation.

It consists of 2 fixes:
  1. Introduced grub_relocator_alloc_chunk_align_safe() wrapper function to perform
     sanity check for min/max and size values, and to make safe invocation of
     grub_relocator_alloc_chunk_align() with validated max_addr value. Replace all
     invocations such as grub_relocator_alloc_chunk_align(..., min_addr, max_addr - size, size, ...)
     by grub_relocator_alloc_chunk_align_safe(..., min_addr, max_addr, size, ...).
  2. Introduced UP_TO_TOP32(s) macro for the cases where max_addr is 32-bit top
     address (0xffffffff - size + 1) or similar.

Signed-off-by: Alexey Makhalov <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

e4356cc... by Alexey Makhalov <email address hidden> on 2020-07-15

relocator: Protect grub_relocator_alloc_chunk_addr() input args against integer underflow/overflow

Use arithmetic macros from safemath.h to accomplish it. In this commit,
I didn't want to be too paranoid to check every possible math equation
for overflow/underflow. Only obvious places (with non zero chance of
overflow/underflow) were refactored.

Signed-off-by: Alexey Makhalov <email address hidden>
Reviewed-by: Daniel Kiper <email address hidden>

52538e3... by Chris Coulson on 2020-07-23

chainloader: Avoid a double free when validation fails