grub: clean up CVE patches

Clean up several patches introduced in commit 6732918498 ("grub:fix several CVEs in grub 2.04"). 1) Add CVE tags to individual patches. 2) Rename upstream patches and prefix them with CVE tags. 3) Add description of reference to upstream patch. (From OE-Core rev: 4f395ad49ef9035954d0fda7b7df14dea18b49a0) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit bcb8b6719beaf6625e6b703e91958fe8afba5819) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Yongxin Liu <yongxin.liu@windriver.com> 2020-11-04 08:43:33 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-11-12 13:07:52 +0000
commit: da5ad8a4232beb4de7c0940ef193578e99d36e0f (patch)
tree: ab44d798a6623873f592b052258bb4a39c044e3e /meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch
parent: 5b716fa8e2562a1f942c2d920a3f727c3841c4f3 (diff)
download: poky-da5ad8a4232beb4de7c0940ef193578e99d36e0f.tar.gz
1 files changed, 246 insertions, 0 deletions
diff --git a/meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch b/meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch
new file mode 100644
index 0000000000..c9536e68ef
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch
@@ -0,0 +1,246 @@
+From c005f62f5c4b26a77b916c8f76a852324439ecb3 Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Mon, 15 Jun 2020 12:15:29 -0400
+Subject: [PATCH 2/9] calloc: Make sure we always have an overflow-checking
+ calloc() available
+This tries to make sure that everywhere in this source tree, we always have
+an appropriate version of calloc() (i.e. grub_calloc(), xcalloc(), etc.)
+available, and that they all safely check for overflow and return NULL when
+it would occur.
+Upstream-Status: Backport [commit 64e26162ebfe68317c143ca5ec996c892019f8f8
+from https://git.savannah.gnu.org/git/grub.git]
+Signed-off-by: Peter Jones <pjones@redhat.com>
+Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
+Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
+---
+ grub-core/kern/emu/misc.c          | 12 ++++++++++++
+ grub-core/kern/emu/mm.c            | 10 ++++++++++
+ grub-core/kern/mm.c                | 40 ++++++++++++++++++++++++++++++++++++++
+ grub-core/lib/libgcrypt_wrap/mem.c | 11 +++++++++--
+ grub-core/lib/posix_wrap/stdlib.h  |  8 +++++++-
+ include/grub/emu/misc.h            |  1 +
+ include/grub/mm.h                  |  6 ++++++
+ 7 files changed, 85 insertions(+), 3 deletions(-)
+diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c
+index 65db79b..dfd8a8e 100644
+--- a/grub-core/kern/emu/misc.c
+++ b/grub-core/kern/emu/misc.c
+@@ -85,6 +85,18 @@ grub_util_error (const char *fmt, ...)
+   exit (1);
+ }
+ 
+void *
+xcalloc (grub_size_t nmemb, grub_size_t size)
+{
+  void *p;
+
+  p = calloc (nmemb, size);
+  if (!p)
+    grub_util_error ("%s", _("out of memory"));
+
+  return p;
+}
+
+ void *
+ xmalloc (grub_size_t size)
+ {
+diff --git a/grub-core/kern/emu/mm.c b/grub-core/kern/emu/mm.c
+index f262e95..145b01d 100644
+--- a/grub-core/kern/emu/mm.c
+++ b/grub-core/kern/emu/mm.c
+@@ -25,6 +25,16 @@
+ #include <string.h>
+ #include <grub/i18n.h>
+ 
+void *
+grub_calloc (grub_size_t nmemb, grub_size_t size)
+{
+  void *ret;
+  ret = calloc (nmemb, size);
+  if (!ret)
+    grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
+  return ret;
+}
+
+ void *
+ grub_malloc (grub_size_t size)
+ {
+diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
+index ee88ff6..f2822a8 100644
+--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
+@@ -67,8 +67,10 @@
+ #include <grub/dl.h>
+ #include <grub/i18n.h>
+ #include <grub/mm_private.h>
+#include <grub/safemath.h>
+ 
+ #ifdef MM_DEBUG
+# undef grub_calloc
+ # undef grub_malloc
+ # undef grub_zalloc
+ # undef grub_realloc
+@@ -375,6 +377,30 @@ grub_memalign (grub_size_t align, grub_size_t size)
+   return 0;
+ }
+ 
+/*
+ * Allocate NMEMB instances of SIZE bytes and return the pointer, or error on
+ * integer overflow.
+ */
+void *
+grub_calloc (grub_size_t nmemb, grub_size_t size)
+{
+  void *ret;
+  grub_size_t sz = 0;
+
+  if (grub_mul (nmemb, size, &sz))
+    {
+      grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+      return NULL;
+    }
+
+  ret = grub_memalign (0, sz);
+  if (!ret)
+    return NULL;
+
+  grub_memset (ret, 0, sz);
+  return ret;
+}
+
+ /* Allocate SIZE bytes and return the pointer.  */
+ void *
+ grub_malloc (grub_size_t size)
+@@ -561,6 +587,20 @@ grub_mm_dump (unsigned lineno)
+   grub_printf ("\n");
+ }
+ 
+void *
+grub_debug_calloc (const char *file, int line, grub_size_t nmemb, grub_size_t size)
+{
+  void *ptr;
+
+  if (grub_mm_debug)
+    grub_printf ("%s:%d: calloc (0x%" PRIxGRUB_SIZE ", 0x%" PRIxGRUB_SIZE ") = ",
+                file, line, size);
+  ptr = grub_calloc (nmemb, size);
+  if (grub_mm_debug)
+    grub_printf ("%p\n", ptr);
+  return ptr;
+}
+
+ void *
+ grub_debug_malloc (const char *file, int line, grub_size_t size)
+ {
+diff --git a/grub-core/lib/libgcrypt_wrap/mem.c b/grub-core/lib/libgcrypt_wrap/mem.c
+index beeb661..74c6eaf 100644
+--- a/grub-core/lib/libgcrypt_wrap/mem.c
+++ b/grub-core/lib/libgcrypt_wrap/mem.c
+@@ -4,6 +4,7 @@
+ #include <grub/crypto.h>
+ #include <grub/dl.h>
+ #include <grub/env.h>
+#include <grub/safemath.h>
+ 
+ GRUB_MOD_LICENSE ("GPLv3+");
+ 
+@@ -36,7 +37,10 @@ void *
+ gcry_xcalloc (size_t n, size_t m)
+ {
+   void *ret;
+-  ret = grub_zalloc (n * m);
+  size_t sz;
+  if (grub_mul (n, m, &sz))
+    grub_fatal ("gcry_xcalloc would overflow");
+  ret = grub_zalloc (sz);
+   if (!ret)
+     grub_fatal ("gcry_xcalloc failed");
+   return ret;
+@@ -56,7 +60,10 @@ void *
+ gcry_xcalloc_secure (size_t n, size_t m)
+ {
+   void *ret;
+-  ret = grub_zalloc (n * m);
+  size_t sz;
+  if (grub_mul (n, m, &sz))
+    grub_fatal ("gcry_xcalloc would overflow");
+  ret = grub_zalloc (sz);
+   if (!ret)
+     grub_fatal ("gcry_xcalloc failed");
+   return ret;
+diff --git a/grub-core/lib/posix_wrap/stdlib.h b/grub-core/lib/posix_wrap/stdlib.h
+index 3b46f47..7a8d385 100644
+--- a/grub-core/lib/posix_wrap/stdlib.h
+++ b/grub-core/lib/posix_wrap/stdlib.h
+@@ -21,6 +21,7 @@
+ 
+ #include <grub/mm.h>
+ #include <grub/misc.h>
+#include <grub/safemath.h>
+ 
+ static inline void 
+ free (void *ptr)
+@@ -37,7 +38,12 @@ malloc (grub_size_t size)
+ static inline void *
+ calloc (grub_size_t size, grub_size_t nelem)
+ {
+-  return grub_zalloc (size * nelem);
+  grub_size_t sz;
+
+  if (grub_mul (size, nelem, &sz))
+    return NULL;
+
+  return grub_zalloc (sz);
+ }
+ 
+ static inline void *
+diff --git a/include/grub/emu/misc.h b/include/grub/emu/misc.h
+index ce464cf..ff9c48a 100644
+--- a/include/grub/emu/misc.h
+++ b/include/grub/emu/misc.h
+@@ -47,6 +47,7 @@ grub_util_device_is_mapped (const char *dev);
+ #define GRUB_HOST_PRIuLONG_LONG "llu"
+ #define GRUB_HOST_PRIxLONG_LONG "llx"
+ 
+void * EXPORT_FUNC(xcalloc) (grub_size_t nmemb, grub_size_t size) WARN_UNUSED_RESULT;
+ void * EXPORT_FUNC(xmalloc) (grub_size_t size) WARN_UNUSED_RESULT;
+ void * EXPORT_FUNC(xrealloc) (void *ptr, grub_size_t size) WARN_UNUSED_RESULT;
+ char * EXPORT_FUNC(xstrdup) (const char *str) WARN_UNUSED_RESULT;
+diff --git a/include/grub/mm.h b/include/grub/mm.h
+index 28e2e53..9c38dd3 100644
+--- a/include/grub/mm.h
+++ b/include/grub/mm.h
+@@ -29,6 +29,7 @@
+ #endif
+ 
+ void grub_mm_init_region (void *addr, grub_size_t size);
+void *EXPORT_FUNC(grub_calloc) (grub_size_t nmemb, grub_size_t size);
+ void *EXPORT_FUNC(grub_malloc) (grub_size_t size);
+ void *EXPORT_FUNC(grub_zalloc) (grub_size_t size);
+ void EXPORT_FUNC(grub_free) (void *ptr);
+@@ -48,6 +49,9 @@ extern int EXPORT_VAR(grub_mm_debug);
+ void grub_mm_dump_free (void);
+ void grub_mm_dump (unsigned lineno);
+ 
+#define grub_calloc(nmemb, size)       \
+  grub_debug_calloc (GRUB_FILE, __LINE__, nmemb, size)
+
+ #define grub_malloc(size)      \
+   grub_debug_malloc (GRUB_FILE, __LINE__, size)
+ 
+@@ -63,6 +67,8 @@ void grub_mm_dump (unsigned lineno);
+ #define grub_free(ptr) \
+   grub_debug_free (GRUB_FILE, __LINE__, ptr)
+ 
+void *EXPORT_FUNC(grub_debug_calloc) (const char *file, int line,
+                                     grub_size_t nmemb, grub_size_t size);
+ void *EXPORT_FUNC(grub_debug_malloc) (const char *file, int line,
+                                      grub_size_t size);
+ void *EXPORT_FUNC(grub_debug_zalloc) (const char *file, int line,
+-- 
+2.14.4
author	Yongxin Liu <yongxin.liu@windriver.com>	2020-11-04 08:43:33 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-11-12 13:07:52 +0000
commit	da5ad8a4232beb4de7c0940ef193578e99d36e0f (patch)
tree	ab44d798a6623873f592b052258bb4a39c044e3e /meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch
parent	5b716fa8e2562a1f942c2d920a3f727c3841c4f3 (diff)
download	poky-da5ad8a4232beb4de7c0940ef193578e99d36e0f.tar.gz

diff --git a/meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch b/meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch new file mode 100644 index 0000000000..c9536e68ef --- /dev/null +++ b/meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch
@@ -0,0 +1,246 @@
	1	From c005f62f5c4b26a77b916c8f76a852324439ecb3 Mon Sep 17 00:00:00 2001
	2	From: Peter Jones <pjones@redhat.com>
	3	Date: Mon, 15 Jun 2020 12:15:29 -0400
	4	Subject: [PATCH 2/9] calloc: Make sure we always have an overflow-checking
	5	calloc() available
	6
	7	This tries to make sure that everywhere in this source tree, we always have
	8	an appropriate version of calloc() (i.e. grub_calloc(), xcalloc(), etc.)
	9	available, and that they all safely check for overflow and return NULL when
	10	it would occur.
	11
	12	Upstream-Status: Backport [commit 64e26162ebfe68317c143ca5ec996c892019f8f8
	13	from https://git.savannah.gnu.org/git/grub.git]
	14
	15	Signed-off-by: Peter Jones <pjones@redhat.com>
	16	Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
	17	Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
	18	---
	19	grub-core/kern/emu/misc.c \| 12 ++++++++++++
	20	grub-core/kern/emu/mm.c \| 10 ++++++++++
	21	grub-core/kern/mm.c \| 40 ++++++++++++++++++++++++++++++++++++++
	22	grub-core/lib/libgcrypt_wrap/mem.c \| 11 +++++++++--
	23	grub-core/lib/posix_wrap/stdlib.h \| 8 +++++++-
	24	include/grub/emu/misc.h \| 1 +
	25	include/grub/mm.h \| 6 ++++++
	26	7 files changed, 85 insertions(+), 3 deletions(-)
	27
	28	diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c
	29	index 65db79b..dfd8a8e 100644
	30	--- a/grub-core/kern/emu/misc.c
	31	+++ b/grub-core/kern/emu/misc.c
	32	@@ -85,6 +85,18 @@ grub_util_error (const char *fmt, ...)
	33	exit (1);
	34	}
	35
	36	+void *
	37	+xcalloc (grub_size_t nmemb, grub_size_t size)
	38	+{
	39	+ void *p;
	40	+
	41	+ p = calloc (nmemb, size);
	42	+ if (!p)
	43	+ grub_util_error ("%s", _("out of memory"));
	44	+
	45	+ return p;
	46	+}
	47	+
	48	void *
	49	xmalloc (grub_size_t size)
	50	{
	51	diff --git a/grub-core/kern/emu/mm.c b/grub-core/kern/emu/mm.c
	52	index f262e95..145b01d 100644
	53	--- a/grub-core/kern/emu/mm.c
	54	+++ b/grub-core/kern/emu/mm.c
	55	@@ -25,6 +25,16 @@
	56	#include <string.h>
	57	#include <grub/i18n.h>
	58
	59	+void *
	60	+grub_calloc (grub_size_t nmemb, grub_size_t size)
	61	+{
	62	+ void *ret;
	63	+ ret = calloc (nmemb, size);
	64	+ if (!ret)
	65	+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
	66	+ return ret;
	67	+}
	68	+
	69	void *
	70	grub_malloc (grub_size_t size)
	71	{
	72	diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
	73	index ee88ff6..f2822a8 100644
	74	--- a/grub-core/kern/mm.c
	75	+++ b/grub-core/kern/mm.c
	76	@@ -67,8 +67,10 @@
	77	#include <grub/dl.h>
	78	#include <grub/i18n.h>
	79	#include <grub/mm_private.h>
	80	+#include <grub/safemath.h>
	81
	82	#ifdef MM_DEBUG
	83	+# undef grub_calloc
	84	# undef grub_malloc
	85	# undef grub_zalloc
	86	# undef grub_realloc
	87	@@ -375,6 +377,30 @@ grub_memalign (grub_size_t align, grub_size_t size)
	88	return 0;
	89	}
	90
	91	+/*
	92	+ * Allocate NMEMB instances of SIZE bytes and return the pointer, or error on
	93	+ * integer overflow.
	94	+ */
	95	+void *
	96	+grub_calloc (grub_size_t nmemb, grub_size_t size)
	97	+{
	98	+ void *ret;
	99	+ grub_size_t sz = 0;
	100	+
	101	+ if (grub_mul (nmemb, size, &sz))
	102	+ {
	103	+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
	104	+ return NULL;
	105	+ }
	106	+
	107	+ ret = grub_memalign (0, sz);
	108	+ if (!ret)
	109	+ return NULL;
	110	+
	111	+ grub_memset (ret, 0, sz);
	112	+ return ret;
	113	+}
	114	+
	115	/* Allocate SIZE bytes and return the pointer. */
	116	void *
	117	grub_malloc (grub_size_t size)
	118	@@ -561,6 +587,20 @@ grub_mm_dump (unsigned lineno)
	119	grub_printf ("\n");
	120	}
	121
	122	+void *
	123	+grub_debug_calloc (const char *file, int line, grub_size_t nmemb, grub_size_t size)
	124	+{
	125	+ void *ptr;
	126	+
	127	+ if (grub_mm_debug)
	128	+ grub_printf ("%s:%d: calloc (0x%" PRIxGRUB_SIZE ", 0x%" PRIxGRUB_SIZE ") = ",
	129	+ file, line, size);
	130	+ ptr = grub_calloc (nmemb, size);
	131	+ if (grub_mm_debug)
	132	+ grub_printf ("%p\n", ptr);
	133	+ return ptr;
	134	+}
	135	+
	136	void *
	137	grub_debug_malloc (const char *file, int line, grub_size_t size)
	138	{
	139	diff --git a/grub-core/lib/libgcrypt_wrap/mem.c b/grub-core/lib/libgcrypt_wrap/mem.c
	140	index beeb661..74c6eaf 100644
	141	--- a/grub-core/lib/libgcrypt_wrap/mem.c
	142	+++ b/grub-core/lib/libgcrypt_wrap/mem.c
	143	@@ -4,6 +4,7 @@
	144	#include <grub/crypto.h>
	145	#include <grub/dl.h>
	146	#include <grub/env.h>
	147	+#include <grub/safemath.h>
	148
	149	GRUB_MOD_LICENSE ("GPLv3+");
	150
	151	@@ -36,7 +37,10 @@ void *
	152	gcry_xcalloc (size_t n, size_t m)
	153	{
	154	void *ret;
	155	- ret = grub_zalloc (n * m);
	156	+ size_t sz;
	157	+ if (grub_mul (n, m, &sz))
	158	+ grub_fatal ("gcry_xcalloc would overflow");
	159	+ ret = grub_zalloc (sz);
	160	if (!ret)
	161	grub_fatal ("gcry_xcalloc failed");
	162	return ret;
	163	@@ -56,7 +60,10 @@ void *
	164	gcry_xcalloc_secure (size_t n, size_t m)
	165	{
	166	void *ret;
	167	- ret = grub_zalloc (n * m);
	168	+ size_t sz;
	169	+ if (grub_mul (n, m, &sz))
	170	+ grub_fatal ("gcry_xcalloc would overflow");
	171	+ ret = grub_zalloc (sz);
	172	if (!ret)
	173	grub_fatal ("gcry_xcalloc failed");
	174	return ret;
	175	diff --git a/grub-core/lib/posix_wrap/stdlib.h b/grub-core/lib/posix_wrap/stdlib.h
	176	index 3b46f47..7a8d385 100644
	177	--- a/grub-core/lib/posix_wrap/stdlib.h
	178	+++ b/grub-core/lib/posix_wrap/stdlib.h
	179	@@ -21,6 +21,7 @@
	180
	181	#include <grub/mm.h>
	182	#include <grub/misc.h>
	183	+#include <grub/safemath.h>
	184
	185	static inline void
	186	free (void *ptr)
	187	@@ -37,7 +38,12 @@ malloc (grub_size_t size)
	188	static inline void *
	189	calloc (grub_size_t size, grub_size_t nelem)
	190	{
	191	- return grub_zalloc (size * nelem);
	192	+ grub_size_t sz;
	193	+
	194	+ if (grub_mul (size, nelem, &sz))
	195	+ return NULL;
	196	+
	197	+ return grub_zalloc (sz);
	198	}
	199
	200	static inline void *
	201	diff --git a/include/grub/emu/misc.h b/include/grub/emu/misc.h
	202	index ce464cf..ff9c48a 100644
	203	--- a/include/grub/emu/misc.h
	204	+++ b/include/grub/emu/misc.h
	205	@@ -47,6 +47,7 @@ grub_util_device_is_mapped (const char *dev);
	206	#define GRUB_HOST_PRIuLONG_LONG "llu"
	207	#define GRUB_HOST_PRIxLONG_LONG "llx"
	208
	209	+void * EXPORT_FUNC(xcalloc) (grub_size_t nmemb, grub_size_t size) WARN_UNUSED_RESULT;
	210	void * EXPORT_FUNC(xmalloc) (grub_size_t size) WARN_UNUSED_RESULT;
	211	void * EXPORT_FUNC(xrealloc) (void *ptr, grub_size_t size) WARN_UNUSED_RESULT;
	212	char * EXPORT_FUNC(xstrdup) (const char *str) WARN_UNUSED_RESULT;
	213	diff --git a/include/grub/mm.h b/include/grub/mm.h
	214	index 28e2e53..9c38dd3 100644
	215	--- a/include/grub/mm.h
	216	+++ b/include/grub/mm.h
	217	@@ -29,6 +29,7 @@
	218	#endif
	219
	220	void grub_mm_init_region (void *addr, grub_size_t size);
	221	+void *EXPORT_FUNC(grub_calloc) (grub_size_t nmemb, grub_size_t size);
	222	void *EXPORT_FUNC(grub_malloc) (grub_size_t size);
	223	void *EXPORT_FUNC(grub_zalloc) (grub_size_t size);
	224	void EXPORT_FUNC(grub_free) (void *ptr);
	225	@@ -48,6 +49,9 @@ extern int EXPORT_VAR(grub_mm_debug);
	226	void grub_mm_dump_free (void);
	227	void grub_mm_dump (unsigned lineno);
	228
	229	+#define grub_calloc(nmemb, size) \
	230	+ grub_debug_calloc (GRUB_FILE, __LINE__, nmemb, size)
	231	+
	232	#define grub_malloc(size) \
	233	grub_debug_malloc (GRUB_FILE, __LINE__, size)
	234
	235	@@ -63,6 +67,8 @@ void grub_mm_dump (unsigned lineno);
	236	#define grub_free(ptr) \
	237	grub_debug_free (GRUB_FILE, __LINE__, ptr)
	238
	239	+void EXPORT_FUNC(grub_debug_calloc) (const char file, int line,
	240	+ grub_size_t nmemb, grub_size_t size);
	241	void EXPORT_FUNC(grub_debug_malloc) (const char file, int line,
	242	grub_size_t size);
	243	void EXPORT_FUNC(grub_debug_zalloc) (const char file, int line,
	244	--
	245	2.14.4
	246