From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.90_1)
	id 1lKmAk-0007px-7C
	for mharc-grub-devel@gnu.org; Fri, 12 Mar 2021 13:06:02 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:41914)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <derek@endlessos.org>)
 id 1lKmAh-0007m5-Ie
 for grub-devel@gnu.org; Fri, 12 Mar 2021 13:06:00 -0500
Received: from mail-io1-xd2c.google.com ([2607:f8b0:4864:20::d2c]:36670)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <derek@endlessos.org>)
 id 1lKmAd-0001mT-UA
 for grub-devel@gnu.org; Fri, 12 Mar 2021 13:05:59 -0500
Received: by mail-io1-xd2c.google.com with SMTP id n14so26697155iog.3
 for <grub-devel@gnu.org>; Fri, 12 Mar 2021 10:05:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=endlessos.org; s=google;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=mltcwwB5f4d8AvB8voLAkwHlq58MSYScoOlYM0105M4=;
 b=fEyPnljSU0L47qPRF0H6/LXdbm6JD6BuJAToTEVMni3UJOjjm/kuaqePz/Gw+CWLFP
 DqfmAnVUNiPXwRatmaNZM56126vdmMMlW3XSwjg4auUS1Hzj9Mw03dsZuVp489XDxsMx
 cJMOFce5ihwqo7URAudJnY6DKOoebJbMjob53TvuwdIMFgsc5rAJS3MlP0cho21bJXW3
 WHZ0xfyGx/jEp8XzOwaF8j7ccJ0PlJUfhZZrA7O2Em/+Lz09L+tSkqg4rT5tI8MnZTCp
 rPa+vviFZardHKnafFRsdVEGTVQ6UbpvdUeKpxqxwC0Au+kOO3GTmq6VobCIkpAN4Nv8
 Ivyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=mltcwwB5f4d8AvB8voLAkwHlq58MSYScoOlYM0105M4=;
 b=E3lbeH8d8iPDsgKa7QtB0TINyAW7FsUa0KIwEk3k5YnhC0Eosi/d/tzkaojwQJEp5g
 pW3XT4o3yTsPRshrrEcMEKayKWCSdEN7CY64XbU1/sLV+XXJA11PioKIKDB8XFrKWNWC
 H0llKo3s7IYMOBtIYOkiQdTD1ro8+1g8Vda9icacCZmFcvrCGf1HtRTJosKdXBMh6QHf
 sIYx2NEkpczKTlgEgTenA5GeN0YxBFXqGQy33rHQyc06xjWEGMi4yfCyfyX9n7VZixB9
 TGcsZ6he4xXdfv+mwTQxkWKtZJzKTW/2M0qqWyPIiOJteyHtx94g5a74889MgGKkARKb
 syOA==
X-Gm-Message-State: AOAM5325E+Z5bqt2a33VDRYX+mN9HdXd60rz8Eme2JLhc0A0VYT0RSDV
 3WTB+8P9UpmWxyU+NQ99b7JwwH9A2VwncGWBh6xcx0iHBCzOOv7MixUxexKXqUJngWtsup7hbCy
 o2dmlfhLxhrDdFySwNo5ztQgB1c2RqGwMpui6hdncADHgC+np/rSDsmyd30FOR05r
X-Google-Smtp-Source: ABdhPJz+esP+mAo6ioO2QM+Ible27BXjo8rw4vQos104dffVBn6sjB70FfLgejFa/Fw3RALa+LTjIg==
X-Received: by 2002:a05:6602:1353:: with SMTP id
 i19mr358759iov.202.1615572353172; 
 Fri, 12 Mar 2021 10:05:53 -0800 (PST)
Received: from localhost.localdomain.ca (S0106000c29a85402.wp.shawcable.net.
 [50.71.215.171])
 by smtp.gmail.com with ESMTPSA id a5sm3284993ilh.23.2021.03.12.10.05.51
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 12 Mar 2021 10:05:52 -0800 (PST)
From: Derek Foreman <derek@endlessos.org>
To: grub-devel@gnu.org
Cc: linux@endlessos.org, Daniel Drake <drake@endlessm.com>,
 Derek Foreman <derek@endlessos.org>
Subject: [PATCH] minix: avoid mistakenly probing ext2 filesystems
Date: Fri, 12 Mar 2021 12:05:08 -0600
Message-Id: <20210312180508.641402-1-derek@endlessos.org>
X-Mailer: git-send-email 2.26.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::d2c;
 envelope-from=derek@endlessos.org; helo=mail-io1-xd2c.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
 <mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Mar 2021 18:06:00 -0000

From: Daniel Drake <drake@endlessm.com>

ext2 (and ext3, ext4) filesystems write the number of free inodes to
location 0x410.

On a minix filesystem, that same location is used for the minix superblock
magic number.

If the number of free inodes on an ext2 filesystem is equal to any
of the four minix superblock magic values plus any multiple of 65536,
grub's minix filesystem code will probe it as a minix filesystem.

In the case of an OS using ext2 as the root filesystem, since there will
ordinarily be some amount of file creation and deletion on every bootup,
it effectively means that this situation has a 1:16384 chance of being hit
on every reboot.

This will cause grub's filesystem probing code to mistakenly identify an
ext2 filesystem as minix. This can be seen by e.g. "search --label"
incorrectly indicating that no such ext2 partition with matching label
exists, whereas in fact it does.

After spotting the rough cause of the issue I was facing here, I borrowed
much of the diagnosis/explanation from meierfra who found and investigated
the same issue in util-linux in 2010:

https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/518582

This was fixed in util-linux by having the minix code check for the
ext2 magic. Do the same here.

Signed-off-by: Daniel Drake <drake@endlessm.com>
Reviewed-by: Derek Foreman <derek@endlessos.org>
---

This bug fix was previously sent to the grub-devel list once before:
 https://lists.gnu.org/archive/html/grub-devel/2020-05/msg00205.html
but received no response, so I'm bring it up again.

If my understanding is correct, the bytes in question overlap with the
"maximum file system size" field in the minix superblock, which will
never contain the ext2 magic byte pattern, so there shouldn't be any
unintended side effects.

 grub-core/fs/minix.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/grub-core/fs/minix.c b/grub-core/fs/minix.c
index d0d08363c..db0a83feb 100644
--- a/grub-core/fs/minix.c
+++ b/grub-core/fs/minix.c
@@ -38,6 +38,8 @@ GRUB_MOD_LICENSE ("GPLv3+");
 #define GRUB_MINIX_MAGIC_30	0x138F
 #endif
 
+#define	EXT2_MAGIC		0xEF53
+
 #define GRUB_MINIX_INODE_DIR_BLOCKS	7
 #define GRUB_MINIX_LOG2_BSIZE	1
 #define GRUB_MINIX_ROOT_INODE	1
@@ -466,7 +468,22 @@ grub_minix_find_file (struct grub_minix_data *data, const char *path)
 static struct grub_minix_data *
 grub_minix_mount (grub_disk_t disk)
 {
-  struct grub_minix_data *data;
+  struct grub_minix_data *data = NULL;
+  grub_uint16_t ext2_marker;
+
+  grub_disk_read (disk, 1 * 2, 56, sizeof (ext2_marker),
+                  &ext2_marker);
+  if (grub_errno)
+    goto fail;
+
+  /* ext2 filesystems can sometimes be mistakenly identified
+   * as minix, e.g. due to the number of free ext2 inodes being
+   * written to the same location where the minix superblock
+   * magic is found.
+   * Avoid such situations by skipping any filesystems that
+   * have the ext2 superblock magic. */
+  if (ext2_marker == grub_cpu_to_le16_compile_time (EXT2_MAGIC))
+    goto fail;
 
   data = grub_malloc (sizeof (struct grub_minix_data));
   if (!data)
-- 
2.26.2