Overview

File 0001-kern-efi-mm-Change-grub_efi_mm_add_regions-to-keep-t.patch of Package grub2.42644

From a6223d1c219ff91459ba54387cb014b379f858d1 Mon Sep 17 00:00:00 2001
From: Mate Kukri <mate.kukri@canonical.com>
Date: Wed, 12 Jun 2024 16:10:49 +0100
Subject: [PATCH] kern/efi/mm: Change grub_efi_mm_add_regions() to keep track
 of map allocation size

If the map was too big for the initial allocation, it was freed and replaced
with a bigger one, but the free call still used the hard-coded size.

Seems like this wasn't hit for a long time, because most firmware maps
fit into 12K.

This bug was triggered on Project Mu firmware with a big memory map, and
results in the heap getting trashed and the firmware ASSERTING on
corrupted heap guard values when GRUB exits.

Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 grub-core/kern/efi/mm.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
index 9b1d3add7..5b4481ee9 100644
--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
@@ -610,13 +610,15 @@ grub_efi_mm_add_regions (grub_size_t required_bytes, unsigned int flags)
   grub_efi_memory_descriptor_t *memory_map_end;
   grub_efi_memory_descriptor_t *filtered_memory_map;
   grub_efi_memory_descriptor_t *filtered_memory_map_end;
+  grub_efi_uintn_t alloc_size;
   grub_efi_uintn_t map_size;
   grub_efi_uintn_t desc_size;
   grub_err_t err;
   int mm_status;
 
   /* Prepare a memory region to store two memory maps.  */
-  memory_map = grub_efi_allocate_any_pages (2 * BYTES_TO_PAGES (MEMORY_MAP_SIZE));
+  alloc_size = 2 * BYTES_TO_PAGES (MEMORY_MAP_SIZE);
+  memory_map = grub_efi_allocate_any_pages (alloc_size);
   if (! memory_map)
     return grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate memory for memory map");
 
@@ -627,14 +629,13 @@ grub_efi_mm_add_regions (grub_size_t required_bytes, unsigned int flags)
 
   if (mm_status == 0)
     {
-      grub_efi_free_pages
-	((grub_efi_physical_address_t) ((grub_addr_t) memory_map),
-	 2 * BYTES_TO_PAGES (MEMORY_MAP_SIZE));
+      grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) memory_map, alloc_size);
 
       /* Freeing/allocating operations may increase memory map size.  */
       map_size += desc_size * 32;
 
-      memory_map = grub_efi_allocate_any_pages (2 * BYTES_TO_PAGES (map_size));
+      alloc_size = 2 * BYTES_TO_PAGES (map_size);
+      memory_map = grub_efi_allocate_any_pages (alloc_size);
       if (! memory_map)
 	return grub_error (GRUB_ERR_OUT_OF_MEMORY, "cannot allocate memory for new memory map");
 
@@ -678,8 +679,7 @@ grub_efi_mm_add_regions (grub_size_t required_bytes, unsigned int flags)
 #endif
 
   /* Release the memory maps.  */
-  grub_efi_free_pages ((grub_addr_t) memory_map,
-		       2 * BYTES_TO_PAGES (MEMORY_MAP_SIZE));
+  grub_efi_free_pages ((grub_efi_physical_address_t)(grub_addr_t) memory_map, alloc_size);
 
   return GRUB_ERR_NONE;
 }
-- 
2.52.0
openSUSE Build Service is sponsored by
Places