Re: Proposal v2: fs/iso9660: Prevent skipping CE or ST at start of continuation area
Hi,
i created another bad ISO which i expect to lead to an endless loop in
existing GRUB (i.e. before applying the proposed change).
Both ISOs can be downloaded as gzip-compressed files now:
http://scdbackup.webframe.org/ce_loop.iso.gz
SHA256: d86b73b0cc260968f50c30a5207b798f5fc2396233aee5eb3cedf9cef069f3c2
http://scdbackup.webframe.org/ce_loop2.iso.gz
SHA256: a6bde0c1562de8959d783bca0a79ad750da2bc129bdea2362b4a7c3e83426b2c
They are smaller than 1 KB and expand to 128 KiB, each.
(Please do not load these ISOs into existing xorriso programs by commands
like -indev. ce_loop.iso leads to SIGSEGV. ce_loop2.iso leads to an
endless loop. The libisofs code fix is only in git for now.)
Test proposals for GRUB:
If reading ce_loop.iso by GRUB leads to an error message, then my proposed
change is in effect and protected against endless loops.
Original GRUB is supposed to just ignore that situation, because it skips
over the CE entry by mistake.
If reading ce_loop2.iso by GRUB leads to an error message, then the
proposed safety precaution against endless loops is in effect.
I expect unpatched GRUB to loop endlessly with this ISO.
About the production of ce_loop2.iso:
The CE entry of its file /x points to a dummy SUSP entry XY of length 8
which sits directly before the CE entry. So this dummy entry is the
first to be read by GRUB from the pseudo-contination area, gets processed
by the hook() function (with no side effects), and is then followed by
the CE entry.
Because of the existence of the XY entry, i expect the CE entry not to
be skipped by existing GRUB.
# Production begins by the bad ISO of January 9 where the CE entry
# points to itself
cp ce_loop.iso ce_loop2.iso
# Cut out a copy of the bad CE entry
dd if=ce_loop2.iso bs=1 skip=102734 count=28 of=ce_entry
# After the CE entry is plenty of unused space in the same block.
# The length of the directory entry of /x plus 8 will not exceed 255.
# So put the copy back with an offset of 8 bytes.
dd if=ce_entry bs=1 seek=102742 conv=notrunc of=ce_loop2.iso
# Rename the old CE entry head to XY
echo "XY" | dd bs=1 seek=102734 count=2 conv=notrunc of=ce_loop2.iso
# Give it the length of 8
echo $'\x08' | dd bs=1 seek=102736 count=1 conv=notrunc of=ce_loop2.iso
# Set in the new CE entry the continuation area length to 8 + 28 = 36
echo $'\x24' | dd bs=1 seek=102762 count=1 conv=notrunc of=ce_loop2.iso
echo $'\x24' | dd bs=1 seek=102769 count=1 conv=notrunc of=ce_loop2.iso
# Change the length of the directory record from 134 to 142
echo $'\x8e' | dd bs=1 seek=102628 count=1 conv=notrunc of=ce_loop2.iso
The resulting bytes of the whole directory record of /x are then:
000190e0 :.. .. .. .. 8e 00 37 00 00 00 00 00 00 37 02 00
. . . . 7 7
102624 : ... ... ... ... 142 0 55 0 0 0 0 0 0 55 2 0
000190f0 :00 00 00 00 00 02 7b 01 09 08 08 1c 00 00 00 00
{
102640 : 0 0 0 0 0 2 123 1 9 8 8 28 0 0 0 0
00019100 :01 00 00 01 04 58 2e 3b 31 00 50 58 24 01 a4 81
X . ; 1 P X $
102656 : 1 0 0 1 4 88 46 59 49 0 80 88 36 1 164 129
00019110 :00 00 00 00 81 a4 01 00 00 00 00 00 00 01 e8 03
102672 : 0 0 0 0 129 164 1 0 0 0 0 0 0 1 232 3
00019120 :00 00 00 00 03 e8 e8 03 00 00 00 00 03 e8 54 46
T F
102688 : 0 0 0 0 3 232 232 3 0 0 0 0 3 232 84 70
00019130 :1a 01 0e 7b 01 09 08 08 1c 00 7b 01 09 08 08 2f
{ { /
102704 :26 1 14 123 1 9 8 8 28 0 123 1 9 8 8 47
00019140 :00 7b 01 09 08 08 1c 00 4e 4d 06 01 00 78 58 59
{ N M x X Y
102720 : 0 123 1 9 8 8 28 0 78 77 6 1 0 120 88 89
00019150 :08 01 32 00 00 00 43 45 1c 01 32 00 00 00 00 00
2 C E 2
102736 : 8 1 50 0 0 0 67 69 28 1 50 0 0 0 0 0
00019160 :00 32 4e 01 00 00 00 00 01 4e 24 00 00 00 00 00
2 N N $
102752 : 0 50 78 1 0 0 0 0 1 78 36 0 0 0 0 0
00019170 :00 24 .. .. .. .. .. .. .. .. .. .. .. .. .. ..
$ . . . . . . . . . . . . . .
102768 : 0 36 ... ... ... ... ... ... ... ... ... ... ... ... ... .
Re: [PATCH] tests: Fix help test to reflect updated help output
On Tue, Jan 10, 2023 at 03:02:15PM -0600, Glenn Washburn wrote: > Commit f5759a878 (normal/help: Add paging instructions to normal and help > prompts) changed the output of the help command, which broke the help > test. This change allows the test to pass. > > Signed-off-by: Glenn Washburn Reviewed-by: Daniel Kiper ... but... > --- > tests/help_test.in | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/tests/help_test.in b/tests/help_test.in > index b08cf20138..630e9860ae 100644 > --- a/tests/help_test.in > +++ b/tests/help_test.in > @@ -8,6 +8,9 @@ Show a help message. > > -h, --help Display this help and exit. > -u, --usage Display the usage of this command and exit. > + > + > +To enable less(1)-like paging, \"set pager=1\". > Hello World" > outpu="$(echo 'help help; hello' | @builddir@/grub-shell)" We could do s/outpu/output/ on the occasion. I can do it before the push... Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: [PATCH] gdbstub: Unregister gdbstub_break when unloading module
On Tue, Jan 10, 2023 at 03:03:59PM -0600, Glenn Washburn wrote: > Signed-off-by: Glenn Washburn Reviewed-by: Daniel Kiper Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
3rd gen Ipad to Boot Linux
I am just curious if GNU GRUB has the ability to boot onto an Apple device like a 3rd gen Ipad to load Ubuntu or Kali. I just want to see if it is possible. ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: [PATCH 0/3] Trivial changes
On Tue, Jan 10, 2023 at 03:08:32PM -0600, Glenn Washburn wrote: > Some spelling and spacing changes. Feel free to merge together or with other > changes as desired. > > Glenn > > Glenn Washburn (3): > misc: Spelling fixes > misc: Fix spacing > misc: efi: Fix spacing For all the patches Reviewed-by: Daniel Kiper ... Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: [PATCH] gzio: Remove confusing, out-dated comment
On Tue, Jan 10, 2023 at 03:10:34PM -0600, Glenn Washburn wrote: > The "transparent" parameter to grub_gzio_open was removed in 2010, fc2ef1172c > (* grub-core/io/gzio.c (grub_gzio_open): Removed "transparent" parameter.) > > Signed-off-by: Glenn Washburn Reviewed-by: Daniel Kiper Daniel ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: [PATCH v10] plainmount: Support plain encryption mode
--- Original Message ---
On Tuesday, January 10th, 2023 at 5:17 PM, Daniel Kiper
wrote:
>
>
> On Wed, Dec 28, 2022 at 05:47:29PM +, Maxim Fomin wrote:
>
> > --- Original Message ---
> > On Wednesday, December 28th, 2022 at 5:20 PM, Maxim Fomin ma...@fomin.one
> > wrote:
> >
> > > From e7f54a0b78353c01bf4c966f871b3e3590222743 Mon Sep 17 00:00:00 2001
> > > From: Maxim Fomin ma...@fomin.one
> > >
> > > Date: Wed, 28 Dec 2022 13:19:36 +
> > > Subject: [PATCH v10] plainmount: Support plain encryption mode
> > >
> > > This patch adds support for plain encryption mode (plain dm-crypt) via
> > > new module/command named 'plainmount'.
> > >
> > > Signed-off-by: Maxim Fomin ma...@fomin.one
> > >
> > > ---
> > > Interdiff against v9:
> > > diff --git a/grub-core/disk/plainmount.c b/grub-core/disk/plainmount.c
> > > index eabedf4c3..47e64805f 100644
> > > --- a/grub-core/disk/plainmount.c
> > > +++ b/grub-core/disk/plainmount.c
> > > @@ -326,7 +326,7 @@ grub_cmd_plainmount (grub_extcmd_context_t ctxt, int
> > > argc, char *args)
> > > * Arbitrary data keys are supported via keyfiles.
> > > /
> > > password_size = grub_strlen (state[OPTION_PASSWORD].arg);
> > > - grub_memcpy (key_data, state[OPTION_PASSWORD].arg, password_size);
> > > + grub_strcpy ((char) key_data, state[OPTION_PASSWORD].arg);
> > > }
> > >
> > > / Set cipher mode (tested above) */
> > > @@ -334,9 +334,16 @@ grub_cmd_plainmount (grub_extcmd_context_t ctxt, int
> > > argc, char **args)
> > > mode++ = '\0';
> > >
> > > / Check cipher */
> > > - if (grub_cryptodisk_setcipher (dev, cipher, mode) != GRUB_ERR_NONE)
> > > + err = grub_cryptodisk_setcipher (dev, cipher, mode);
> > > + if (err != GRUB_ERR_NONE)
> > > {
> > > - err = grub_error (GRUB_ERR_BAD_ARGUMENT, N_("invalid cipher %s"),
> > > cipher);
> > > + if (err == GRUB_ERR_FILE_NOT_FOUND)
> > > + err = grub_error (GRUB_ERR_BAD_ARGUMENT, N_("invalid cipher %s"),
> > > cipher);
> > > + else if (err == GRUB_ERR_BAD_ARGUMENT)
> > > + err = grub_error (GRUB_ERR_BAD_ARGUMENT, N_("invalid mode %s"), mode);
> > > + else
> > > + err = grub_error (GRUB_ERR_BAD_ARGUMENT, N_("invalid cipher %s or mode
> > > %s"),
> > > + cipher, mode);
> > > goto fail;
> > > }
> >
> > Hi, Daniel. Unfortunately I was very busy last time and could not get back
> > to the patch earlier.
>
>
> No problem...
>
> > I have removed one instance of memcpy() where the function operates on C
> > string. Other calls to
> > memcpy() operate on data buffers. Also, I improved error message where
> > cipher was correct, but
> > the mode was wrong. In previous version for input 'aes-xts-blah' error was
> > 'invalid cipher aes'.
>
>
> Now your patch is in the upstream. Thank you for doing this work!
>
> Daniel
Thanks! I am glad to see this patch merged)
Best regards,
Maxim Fomin
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
Re: [PATCH] tests: Fix help test to reflect updated help output
On Wed, 11 Jan 2023 19:48:06 +0100 Daniel Kiper wrote: > On Tue, Jan 10, 2023 at 03:02:15PM -0600, Glenn Washburn wrote: > > Commit f5759a878 (normal/help: Add paging instructions to normal > > and help prompts) changed the output of the help command, which > > broke the help test. This change allows the test to pass. > > > > Signed-off-by: Glenn Washburn > > Reviewed-by: Daniel Kiper > > ... but... > > > --- > > tests/help_test.in | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/tests/help_test.in b/tests/help_test.in > > index b08cf20138..630e9860ae 100644 > > --- a/tests/help_test.in > > +++ b/tests/help_test.in > > @@ -8,6 +8,9 @@ Show a help message. > > > > -h, --help Display this help and exit. > > -u, --usage Display the usage of this command and exit. > > + > > + > > +To enable less(1)-like paging, \"set pager=1\". > > Hello World" > > outpu="$(echo 'help help; hello' | @builddir@/grub-shell)" > > We could do s/outpu/output/ on the occasion. I can do it before the > push... Sure thing, go ahead. Glenn ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: 3rd gen Ipad to Boot Linux
On Wed, Jan 11, 2023 at 10:48:30AM -0800, Mr. Disorganized wrote: > I am just curious if GNU GRUB has the ability to boot onto an Apple device > like a 3rd gen Ipad to load Ubuntu or Kali. I just want to see if it is > possible. As far as I know, you need openiboot for those devices, assuming anything supports them at all. -- Len Sorensen ___ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
Re: Proposal v2: fs/iso9660: Prevent skipping CE or ST at start of continuation area
Hi Thomas,
> On Jan 11, 2023, at 3:54 AM, Thomas Schmitt wrote:
>
> Hi,
>
> i created another bad ISO which i expect to lead to an endless loop in
> existing GRUB (i.e. before applying the proposed change).
>
> Both ISOs can be downloaded as gzip-compressed files now:
>
> http://scdbackup.webframe.org/ce_loop.iso.gz
> SHA256: d86b73b0cc260968f50c30a5207b798f5fc2396233aee5eb3cedf9cef069f3c2
>
> http://scdbackup.webframe.org/ce_loop2.iso.gz
> SHA256: a6bde0c1562de8959d783bca0a79ad750da2bc129bdea2362b4a7c3e83426b2c
>
> They are smaller than 1 KB and expand to 128 KiB, each.
>
> (Please do not load these ISOs into existing xorriso programs by commands
> like -indev. ce_loop.iso leads to SIGSEGV. ce_loop2.iso leads to an
> endless loop. The libisofs code fix is only in git for now.)
>
I have downloaded the ISOs. Thanks!
>
> Test proposals for GRUB:
>
> If reading ce_loop.iso by GRUB leads to an error message, then my proposed
> change is in effect and protected against endless loops.
> Original GRUB is supposed to just ignore that situation, because it skips
> over the CE entry by mistake.
>
> If reading ce_loop2.iso by GRUB leads to an error message, then the
> proposed safety precaution against endless loops is in effect.
> I expect unpatched GRUB to loop endlessly with this ISO.
>
To test it, I am thinking to add the ISO entry in 40_custom script, then select
the ISO from Grub menu. Is it the right way to test it? Or, is there a better
way
to it?
>
> About the production of ce_loop2.iso:
>
> The CE entry of its file /x points to a dummy SUSP entry XY of length 8
> which sits directly before the CE entry. So this dummy entry is the
> first to be read by GRUB from the pseudo-contination area, gets processed
> by the hook() function (with no side effects), and is then followed by
> the CE entry.
> Because of the existence of the XY entry, i expect the CE entry not to
> be skipped by existing GRUB.
>
> # Production begins by the bad ISO of January 9 where the CE entry
> # points to itself
> cp ce_loop.iso ce_loop2.iso
>
> # Cut out a copy of the bad CE entry
> dd if=ce_loop2.iso bs=1 skip=102734 count=28 of=ce_entry
>
> # After the CE entry is plenty of unused space in the same block.
> # The length of the directory entry of /x plus 8 will not exceed 255.
> # So put the copy back with an offset of 8 bytes.
> dd if=ce_entry bs=1 seek=102742 conv=notrunc of=ce_loop2.iso
>
> # Rename the old CE entry head to XY
> echo "XY" | dd bs=1 seek=102734 count=2 conv=notrunc of=ce_loop2.iso
>
> # Give it the length of 8
> echo $'\x08' | dd bs=1 seek=102736 count=1 conv=notrunc of=ce_loop2.iso
>
> # Set in the new CE entry the continuation area length to 8 + 28 = 36
> echo $'\x24' | dd bs=1 seek=102762 count=1 conv=notrunc of=ce_loop2.iso
> echo $'\x24' | dd bs=1 seek=102769 count=1 conv=notrunc of=ce_loop2.iso
>
> # Change the length of the directory record from 134 to 142
> echo $'\x8e' | dd bs=1 seek=102628 count=1 conv=notrunc of=ce_loop2.iso
>
> The resulting bytes of the whole directory record of /x are then:
>
> 000190e0 :.. .. .. .. 8e 00 37 00 00 00 00 00 00 37 02 00
> . . . . 7 7
> 102624 : ... ... ... ... 142 0 55 0 0 0 0 0 0 55 2 0
>
> 000190f0 :00 00 00 00 00 02 7b 01 09 08 08 1c 00 00 00 00
> {
> 102640 : 0 0 0 0 0 2 123 1 9 8 8 28 0 0 0 0
>
> 00019100 :01 00 00 01 04 58 2e 3b 31 00 50 58 24 01 a4 81
> X . ; 1 P X $
> 102656 : 1 0 0 1 4 88 46 59 49 0 80 88 36 1 164 129
>
> 00019110 :00 00 00 00 81 a4 01 00 00 00 00 00 00 01 e8 03
>
> 102672 : 0 0 0 0 129 164 1 0 0 0 0 0 0 1 232 3
>
> 00019120 :00 00 00 00 03 e8 e8 03 00 00 00 00 03 e8 54 46
> T F
> 102688 : 0 0 0 0 3 232 232 3 0 0 0 0 3 232 84 70
>
> 00019130 :1a 01 0e 7b 01 09 08 08 1c 00 7b 01 09 08 08 2f
> { { /
> 102704 :26 1 14 123 1 9 8 8 28 0 123 1 9 8 8 47
>
> 00019140 :00 7b 01 09 08 08 1c 00 4e 4d 06 01 00 78 58 59
> { N M x X Y
> 102720 : 0 123 1 9 8 8 28 0 78 77 6 1 0 120 88 89
>
> 00019150 :08 01 32 00 00 00 43 45 1c 01 32 00 00 00 00 00
> 2 C E 2
> 102736 : 8 1 50 0 0 0 67 69 28 1 50 0 0 0 0 0
