From: Thomas Schmitt via Grub-devel <grub-devel@gnu.org>
To: grub-devel@gnu.org
Cc: Thomas Schmitt <scdbackup@gmx.net>, development@efficientek.com
Subject: Re: [SECURITY PATCH 18/73] fs/ntfs: Implement attribute verification
Date: Mon, 03 Mar 2025 10:32:37 +0100 [thread overview]
Message-ID: <25141325082121180327@scdbackup.webframe.org> (raw)
In-Reply-To: <20250303021725.5d476848@crass-HP-ZBook-15-G2>
Hi,
i wrote:
> > it is quite some hurdle that some of the tests need to be run as
> > superuser.
Glenn Washburn wrote:
> Yes, not ideal. I have spent an embarrassing amount of time developing
> scripts that do away with with root requirement, and it works. The way
> they are able to run the root required tests as an unprivileged user is
> by compiling a user mode linux kernel and running the tests in the UML
> process. Would you be interested in trying out these scripts?
Yes, if you can describe the necessary activities for a dummy who sends
a mail twice because a completely unrelated mail caused protests by
the mail provider.
(I stopped myself from sending a third mail with an apology.)
> > I wonder what happened to the fixes for the file leaks of
> > grub_cmd_cryptomount which we discussed in
> > https://lists.gnu.org/archive/html/grub-devel/2024-09/msg00222.html
> I meant to send a v2, but hadn't gotten around to it. It is now sent and
> now that the security patches are out, hopefully Daniel will be able to
> get to them soon.
I will try to remember what we discussed and how these topics reflect
in patch v2.
(I will also have to revisit my patch from last summer which was meant
to make error messages visible in the tests.
When testing it, i ran into the grub_cmd_cryptomount leaks.
The patch is archived as
[PATCH 0/2] grub-fstest: Show error message if command causes grub_errno
https://lists.gnu.org/archive/html/grub-devel/2024-06/msg00197.html
of which the first motivating paragraph of the cover letter was eaten by
git send-email and later added by
https://lists.gnu.org/archive/html/grub-devel/2024-06/msg00201.html
Especially i will have to compare it with your recent patch set
[PATCH v6 0/6] More ls improvements
https://lists.gnu.org/archive/html/grub-devel/2025-03/msg00012.html
and check whether our patch sets overlap.
)
Have a nice day :)
Thomas
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
next prev parent reply other threads:[~2025-03-03 9:32 UTC|newest]
Thread overview: 102+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-18 18:00 [SECURITY PATCH 00/73] GRUB2 vulnerabilities - 2025/02/18 Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 01/73] misc: Implement grub_strlcpy() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 02/73] fs/ufs: Fix a heap OOB write Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 03/73] fs/hfs: Fix stack OOB write with grub_strcpy() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 04/73] fs/tar: Initialize name in grub_cpio_find_file() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 05/73] fs/tar: Integer overflow leads to heap OOB write Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 06/73] fs/f2fs: Set a grub_errno if mount fails Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 07/73] fs/hfsplus: " Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 08/73] fs/iso9660: " Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 09/73] fs/iso9660: Fix invalid free Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 10/73] fs/jfs: Fix OOB read in jfs_getent() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 11/73] fs/jfs: Fix OOB read caused by invalid dir slot index Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 12/73] fs/jfs: Use full 40 bits offset and address for a data extent Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 13/73] fs/jfs: Inconsistent signed/unsigned types usage in return values Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 14/73] fs/ext2: Fix out-of-bounds read for inline extents Daniel Kiper via Grub-devel
2025-02-21 1:15 ` Michael Chang via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 15/73] fs/ntfs: Fix out-of-bounds read Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 16/73] fs/ntfs: Track the end of the MFT attribute buffer Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 17/73] fs/ntfs: Use a helper function to access attributes Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 18/73] fs/ntfs: Implement attribute verification Daniel Kiper via Grub-devel
2025-02-28 9:55 ` Andreas Klauer
2025-02-28 13:04 ` Daniel Kiper via Grub-devel
2025-03-01 22:43 ` Glenn Washburn
2025-03-02 8:09 ` Thomas Schmitt via Grub-devel
2025-03-02 8:41 ` Thomas Schmitt via Grub-devel
2025-03-03 8:17 ` Glenn Washburn
2025-03-03 9:32 ` Thomas Schmitt via Grub-devel [this message]
2025-02-18 18:00 ` [SECURITY PATCH 19/73] fs/xfs: Fix out-of-bounds read Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 20/73] fs/xfs: Ensuring failing to mount sets a grub_errno Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 21/73] kern/file: Ensure file->data is set Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 22/73] kern/file: Implement filesystem reference counting Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 23/73] disk/cryptodisk: Require authentication after TPM unlock for CLI access Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 24/73] disk/loopback: Reference tracking for the loopback Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 25/73] kern/disk: Limit recursion depth Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 26/73] kern/partition: Limit recursion in part_iterate() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 27/73] script/execute: Limit the recursion depth Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 28/73] net: Unregister net_default_ip and net_default_mac variables hooks on unload Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 29/73] net: Remove variables hooks when interface is unregisted Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 30/73] net: Fix OOB write in grub_net_search_config_file() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 31/73] net/tftp: Fix stack buffer overflow in tftp_open() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 32/73] video/readers/jpeg: Do not permit duplicate SOF0 markers in JPEG Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 33/73] kern/dl: Fix for an integer overflow in grub_dl_ref() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 34/73] kern/dl: Use correct segment in grub_dl_set_mem_attrs() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 35/73] kern/dl: Check for the SHF_INFO_LINK flag in grub_dl_relocate_symbols() Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 36/73] commands/extcmd: Missing check for failed allocation Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 37/73] commands/ls: Fix NULL dereference Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 38/73] commands/pgp: Unregister the "check_signatures" hooks on module unload Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 39/73] normal: Remove variables " Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 40/73] gettext: " Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 41/73] gettext: Integer overflow leads to heap OOB write or read Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 42/73] gettext: Integer overflow leads to heap OOB write Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 43/73] commands/read: Fix an integer overflow when supplying more than 2^31 characters Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 44/73] commands/test: Stack overflow due to unlimited recursion depth Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 45/73] commands/minicmd: Block the dump command in lockdown mode Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 46/73] commands/memrw: Disable memory reading " Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 47/73] commands/hexdump: " Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 48/73] fs/bfs: Disable under lockdown Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 49/73] fs: Disable many filesystems " Daniel Kiper via Grub-devel
2025-02-19 8:15 ` Petr Řehák
2025-02-20 16:43 ` Daniel Kiper
2025-02-21 11:20 ` Pascal Hambourg
2025-02-24 14:16 ` Daniel Kiper
2025-03-02 17:11 ` Andrew Hamilton
2025-02-19 15:43 ` Andrew Hamilton
2025-02-24 14:18 ` Daniel Kiper via Grub-devel
2025-02-24 19:30 ` Andrew Hamilton
2025-10-21 9:12 ` Joseph Lee via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 50/73] disk: Use safe math macros to prevent overflows Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 51/73] disk: Prevent overflows when allocating memory for arrays Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 52/73] disk: Check if returned pointer for allocated memory is NULL Daniel Kiper via Grub-devel
2025-02-18 18:00 ` [SECURITY PATCH 53/73] disk/ieee1275/ofdisk: Call grub_ieee1275_close() when grub_malloc() fails Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 54/73] fs: Use safe math macros to prevent overflows Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 55/73] fs: Prevent overflows when allocating memory for arrays Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 56/73] fs: Prevent overflows when assigning returned values from read_number() Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 57/73] fs/zfs: Use safe math macros to prevent overflows Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 58/73] fs/zfs: Prevent overflows when allocating memory for arrays Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 59/73] fs/zfs: Check if returned pointer for allocated memory is NULL Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 60/73] fs/zfs: Add missing NULL check after grub_strdup() call Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 61/73] net: Use safe math macros to prevent overflows Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 62/73] net: Prevent overflows when allocating memory for arrays Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 63/73] net: Check if returned pointer for allocated memory is NULL Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 64/73] fs/sfs: Check if " Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 65/73] script/execute: Fix potential underflow and NULL dereference Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 66/73] osdep/unix/getroot: Fix potential underflow Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 67/73] misc: Ensure consistent overflow error messages Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 68/73] bus/usb/ehci: Define GRUB_EHCI_TOGGLE as grub_uint32_t Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 69/73] normal/menu: Use safe math to avoid an integer overflow Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 70/73] kern/partition: Add sanity check after grub_strtoul() call Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 71/73] kern/misc: " Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 72/73] loader/i386/linux: Cast left shift to grub_uint32_t Daniel Kiper via Grub-devel
2025-02-18 18:01 ` [SECURITY PATCH 73/73] loader/i386/bsd: Use safe math to avoid underflow Daniel Kiper via Grub-devel
2025-02-18 18:26 ` [SECURITY PATCH 00/73] GRUB2 vulnerabilities - 2025/02/18 Tobias Powalowski via Grub-devel
2025-02-24 15:08 ` Daniel Kiper
2025-02-18 19:33 ` Didier Spaier via Grub-devel
2025-02-19 12:03 ` Daniel Kiper via Grub-devel
2025-02-19 13:48 ` Didier Spaier via Grub-devel
2025-02-21 10:06 ` Christian Hesse
2025-02-24 14:34 ` Daniel Kiper via Grub-devel
2025-02-27 10:03 ` Christian Hesse
2025-02-28 12:57 ` Daniel Kiper via Grub-devel
2025-03-03 7:55 ` Christian Hesse
2025-03-04 12:57 ` Daniel Kiper via Grub-devel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=25141325082121180327@scdbackup.webframe.org \
--to=grub-devel@gnu.org \
--cc=development@efficientek.com \
--cc=scdbackup@gmx.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.