Re: [syslinux] Using memdisk with grub2 and a gzip-compressed ISO

Wed, 29 Apr 2015 09:30:06 -0700 

В Wed, 29 Apr 2015 15:55:48 +0200
Vladimir 'φ-coder/phcoder' Serbinenko <[email protected]> пишет:

> On 28.04.2015 00:20, H. Peter Anvin wrote:
> > On 04/23/2015 11:25 PM, Andrei Borzenkov via Syslinux wrote:
> >> On Fri, Apr 24, 2015 at 7:39 AM, H. Peter Anvin <[email protected]> wrote:
> >>> On 04/23/2015 08:41 PM, Andrei Borzenkov wrote:
> >>>>
> >>>> CRC+length (in case of gzip) are located immediately after compressed
> >>>> stream. After stream is decompressed you get location where it ends and
> >>>> automatically where length is located.
> >>>>
> >>>
> >>> I know.  One could decompress it twice,
> >>
> >> Cannot you incrementally reallocate uncompressed buffer?
> >>
> > 
> > That is very hard because of how memory is managed in MEMDISK.
> > 
> It's fine to skip padding if only one file is supplied on command line.

The only reason I can think of to use trailing padding at all is this
line in Documentation/early-userspace/buffer-format.txt:

        cpio_trailer := ALGN(4) + cpio_header + "TRAILER!!!\0" + ALGN(4)

which mandates final alignment. Because grub does not really know
whether file is initrd or initramfs and whether content is compressed
or uncompressed cpio, it is much easier to simply pad everything. If
we accept this as valid reason, number of files does not really matter.

In practice kernel never required trailing alignment, at least since
earliest git version in 2005. So I guess we can remove it. 

> What about:
> diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
> index 117232f..a63a11a 100644
> --- a/grub-core/loader/linux.c
> +++ b/grub-core/loader/linux.c
> @@ -205,7 +205,8 @@ grub_initrd_init (int argc, char *argv[],
>        initrd_ctx->nfiles++;
>        initrd_ctx->components[i].size
>         = grub_file_size (initrd_ctx->components[i].file);
> -      initrd_ctx->size += ALIGN_UP (initrd_ctx->components[i].size, 4);
> +      if (argc != 1)
> +       initrd_ctx->size += ALIGN_UP (initrd_ctx->components[i].size, 4);
>      }
> 

This results in out-of-bound access in grub_initrd_load. The right fix
is to pad before next file instead which automatically gives correct
length in case of single file. I'll commit a patch.

Attachment: pgpfnUWwDLIUI.pgp
Description: OpenPGP digital signature

_______________________________________________
Grub-devel mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/grub-devel

Reply via email to