From: akuster808 <akuster808@gmail.com>
To: "Belal, Awais" <Awais_Belal@mentor.com>
Cc: "openembedded-core@lists.openembedded.org"
<openembedded-core@lists.openembedded.org>
Subject: Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370
Date: Thu, 7 Jan 2016 18:32:55 -0800 [thread overview]
Message-ID: <568F1FD7.2010606@gmail.com> (raw)
In-Reply-To: <2021B186DC632746BD5A3CE32F12BD28011FB7A8B3@EU-MBX-02.mgc.mentorg.com>
Awais,
hand applied. merged and pushed to
git.yoctoproject.org/poky-contrib.git akuster/dizzy-next
thanks,
Armin
On 01/07/2016 01:56 AM, Belal, Awais wrote:
> Hi Armin,
>
> With dizzy-next from your fork
>
> awais@alpha:~/yocto/build-dizzy-akuster$ bitbake -c patch grub
> Parsing recipes: 100% |##############################################################| Time: 00:00:46
> Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors.
> NOTE: Resolving any missing task queue dependencies
>
> Build Configuration:
> BB_VERSION = "1.24.0"
> BUILD_SYS = "x86_64-linux"
> NATIVELSBSTRING = "Ubuntu-14.04"
> TARGET_SYS = "x86_64-poky-linux"
> MACHINE = "amdfalconx86"
> DISTRO = "poky"
> DISTRO_VERSION = "1.7.3"
> TUNE_FEATURES = "dbfp4"
> TARGET_FPU = ""
> meta
> meta-yocto
> meta-yocto-bsp = "akuster/dizzy-next:4807ff0ca0abf085e6b81257534a4a62fde88d16"
> common
> meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08"
> meta-oe
> meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf"
>
> NOTE: Preparing runqueue
> NOTE: Executing SetScene Tasks
> NOTE: Executing RunQueue Tasks
> NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded.
> awais@alpha:~/yocto/build-dizzy-akuster$ ls tmp/work/dbfp4-poky-linux/grub/2.00-r1/
> 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
> 0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch
> check-if-liblzma-is-disabled.patch
> fix-endianness-problem.patch
> fix-issue-with-flex-2.5.37.patch
> grub-2.00
> grub-2.00-add-oe-kernel.patch
> grub-2.00-fpmath-sse-387-fix.patch
> grub2-remove-sparc64-setup-from-x86-builds.patch
> grub-install.in.patch
> remove-gets.patch
> temp
> awais@alpha:~/yocto/build-dizzy-akuster$
>
> Pretty odd what's happening :)
>
> BR,
> Awais
>
> ________________________________________
> From: akuster808 [akuster808@gmail.com]
> Sent: Wednesday, January 06, 2016 10:15 PM
> To: Belal, Awais
> Cc: openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370
>
> Awais,
>
> this is what I am seeing.
>
> NOTE: Executing RunQueue Tasks
> ERROR: Command Error: exit status: 1 Output:
> Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
> patching file grub-core/lib/crypto.c
> Hunk #1 FAILED at 470.
> 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c
> patching file grub-core/normal/auth.c
> Hunk #1 FAILED at 174.
> 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c
> Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does
> not apply (enforce with -f)
> ERROR: Function failed: patch_do_patch
> ERROR: Logfile of failure stored in:
> /home/akuster/oss/maint/mylayers/poky/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.3029
> ERROR: Task 1
> (/home/akuster/oss/maint/mylayers/poky/meta/recipes-bsp/grub/grub_2.00.bb,
> do_patch) failed with exit code '1'
>
>
> I am using my contrib akuster/dizzy-next.
>
> I will hand fixup the changes. please give me a few days.
>
> - armin
>
>
> On 01/06/2016 01:43 AM, Belal, Awais wrote:
>> Ping!
>>
>> BR,
>> Awais
>>
>> ________________________________________
>> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais
>> Sent: Monday, January 04, 2016 12:53 PM
>> To: akuster808
>> Cc: openembedded-core@lists.openembedded.org
>> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370
>>
>> Hi Armin,
>>
>> Odd, applies cleanly on dizzy for me. Can you please share the patch log?
>>
>> On a scratch build dir, I get the following:
>> --------------------------------------------------------------
>> awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub
>> Parsing recipes: 100% |#############################################################| Time: 00:00:36
>> Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors.
>> NOTE: Resolving any missing task queue dependencies
>>
>> Build Configuration:
>> BB_VERSION = "1.24.0"
>> BUILD_SYS = "x86_64-linux"
>> NATIVELSBSTRING = "Ubuntu-14.04"
>> TARGET_SYS = "x86_64-poky-linux"
>> MACHINE = "amdfalconx86"
>> DISTRO = "poky"
>> DISTRO_VERSION = "1.7.3"
>> TUNE_FEATURES = "dbfp4"
>> TARGET_FPU = ""
>> meta
>> meta-yocto
>> meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6"
>> common
>> meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08"
>> meta-oe
>> meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf"
>>
>> NOTE: Preparing runqueue
>> NOTE: Executing SetScene Tasks
>> NOTE: Executing RunQueue Tasks
>> NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded.
>> awais@alpha:~/yocto/build-dizzy$
>> --------------------------------------------------------------
>>
>> BR,
>> Awais
>>
>> ________________________________________
>> From: akuster808 [akuster808@gmail.com]
>> Sent: Monday, January 04, 2016 7:13 AM
>> To: Belal, Awais
>> Cc: openembedded-core@lists.openembedded.org
>> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370
>>
>> On 12/31/15 5:38 AM, Belal, Awais wrote:
>> Awais,
>>
>>> Ping!
>> This patch does not apply to the current dizzy branch.
>>
>> is there a dependency patch I missed to apply?
>>
>> regards,
>> Armin
>>>
>>> BR,
>>> Awais
>>>
>>> ________________________________________
>>> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais
>>> Sent: Wednesday, December 23, 2015 4:20 PM
>>> To: openembedded-core@lists.openembedded.org
>>> Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370
>>>
>>> http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2
>>>
>>> Signed-off-by: Awais Belal <awais_belal@mentor.com>
>>> ---
>>> ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++
>>> meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 +
>>> meta/recipes-bsp/grub/grub_2.00.bb | 1 +
>>> 3 files changed, 54 insertions(+)
>>> create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
>>>
>>> diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
>>> new file mode 100644
>>> index 0000000..f9252e9
>>> --- /dev/null
>>> +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
>>> @@ -0,0 +1,52 @@
>>> +Upstream-Status: Accepted
>>> +Signed-off-by: Awais Belal <awais_belal@mentor.com>
>>> +
>>> +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001
>>> +From: Hector Marco-Gisbert <hecmargi@upv.es>
>>> +Date: Wed, 16 Dec 2015 04:57:18 +0000
>>> +Subject: Fix security issue when reading username and password
>>> +
>>> +This patch fixes two integer underflows at:
>>> + * grub-core/lib/crypto.c
>>> + * grub-core/normal/auth.c
>>> +
>>> +CVE-2015-8370
>>> +
>>> +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
>>> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
>>> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com>
>>> +---
>>> +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
>>> +index 010e550..683a8aa 100644
>>> +--- a/grub-core/lib/crypto.c
>>> ++++ b/grub-core/lib/crypto.c
>>> +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size)
>>> +
>>> + if (key == '\b')
>>> + {
>>> +- cur_len--;
>>> ++ if (cur_len)
>>> ++ cur_len--;
>>> + continue;
>>> + }
>>> +
>>> +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
>>> +index c6bd96e..8615c48 100644
>>> +--- a/grub-core/normal/auth.c
>>> ++++ b/grub-core/normal/auth.c
>>> +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size)
>>> +
>>> + if (key == '\b')
>>> + {
>>> +- cur_len--;
>>> +- grub_printf ("\b");
>>> ++ if (cur_len)
>>> ++ {
>>> ++ cur_len--;
>>> ++ grub_printf ("\b");
>>> ++ }
>>> + continue;
>>> + }
>>> +
>>> +--
>>> +cgit v0.9.0.2
>>> diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb
>>> index 7674255..6822e7a 100644
>>> --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb
>>> +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb
>>> @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \
>>> file://grub-2.00-add-oe-kernel.patch \
>>> file://grub-efi-fix-with-glibc-2.20.patch \
>>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \
>>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \
>>> "
>>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c"
>>> SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3"
>>> diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb
>>> index d4df676..94b6da9 100644
>>> --- a/meta/recipes-bsp/grub/grub_2.00.bb
>>> +++ b/meta/recipes-bsp/grub/grub_2.00.bb
>>> @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \
>>> file://fix-endianness-problem.patch \
>>> file://grub2-remove-sparc64-setup-from-x86-builds.patch \
>>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \
>>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \
>>> "
>>>
>>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c"
>>> --
>>> 1.9.1
>>>
>>> --
>>> _______________________________________________
>>> Openembedded-core mailing list
>>> Openembedded-core@lists.openembedded.org
>>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
next prev parent reply other threads:[~2016-01-08 2:32 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-23 11:20 [dizzy][PATCH] grub2: Fix CVE-2015-8370 Awais Belal
[not found] ` <1450877091.3760.4.camel@collabora.co.uk>
2015-12-28 10:40 ` Belal, Awais
2016-01-07 11:06 ` Joshua Lock
2015-12-31 13:38 ` Belal, Awais
2016-01-04 2:13 ` akuster808
2016-01-04 7:53 ` Belal, Awais
2016-01-06 9:43 ` Belal, Awais
2016-01-06 17:15 ` akuster808
2016-01-07 9:56 ` Belal, Awais
2016-01-08 2:32 ` akuster808 [this message]
2016-01-08 10:45 ` Belal, Awais
2016-01-11 11:14 ` Joshua Lock
2016-01-11 11:29 ` Belal, Awais
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=568F1FD7.2010606@gmail.com \
--to=akuster808@gmail.com \
--cc=Awais_Belal@mentor.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.