From: "Anuj Mittal" <anuj.mittal@intel.com>
To: "steve@sakoman.com" <steve@sakoman.com>
Cc: "openembedded-core@lists.openembedded.org"
<openembedded-core@lists.openembedded.org>
Subject: Re: [OE-core] [gatesgarth][PATCH 17/22] grub: clean up CVE patches
Date: Fri, 6 Nov 2020 16:07:02 +0000 [thread overview]
Message-ID: <0c3c0a75aa3517e922aabcfec56e174989a6a203.camel@intel.com> (raw)
In-Reply-To: <CAOSpxdaGhv8StEKo3GowBfHO6AFgdi82TVUGp5r1dnOCto4bXg@mail.gmail.com>
Hi Steve
On Fri, 2020-11-06 at 05:14 -1000, Steve Sakoman wrote:
> On Thu, Nov 5, 2020 at 8:28 PM Anuj Mittal <anuj.mittal@intel.com>
> wrote:
> >
> > From: Yongxin Liu <yongxin.liu@windriver.com>
> >
> > Clean up several patches introduced in commit 6732918498 ("grub:fix
> > several CVEs in grub 2.04").
> >
> > 1) Add CVE tags to individual patches.
> > 2) Rename upstream patches and prefix them with CVE tags.
> > 3) Add description of reference to upstream patch.
> >
> > Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
> > Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
>
> This hasn't hit master yet. Do we have the same "master first"
> policy
> for gatesgarth as we do for dunfell?
>
Yes, it should be master first. I included this one by mistake and will
drop it and include it later after it has been merged there. Thank you
for noticing.
Thanks,
Anuj
> Steve
>
> > ---
> > ...14308-calloc-Use-calloc-at-most-places.patch} | 10 +++++++---
> > ...rflow-checking-primitives-where-we-do-.patch} | 10 +++++++---
> > ...-use-after-free-when-redefining-a-func.patch} | 10 +++++++---
> > ...eger-overflows-in-initrd-size-handling.patch} | 10 +++++++---
> > ...re-we-always-have-an-overflow-checking.patch} | 0
> > ...-Add-LVM-cache-logical-volume-handling.patch} | 0
> > ...ome-arithmetic-primitives-that-check-f.patch} | 0
> > ...unused-fields-from-grub_script_functio.patch} | 0
> > meta/recipes-bsp/grub/grub2.inc | 16 ++++++++----
> > ----
> > 9 files changed, 36 insertions(+), 20 deletions(-)
> > rename meta/recipes-bsp/grub/files/{0003-calloc-Use-calloc-at-
> > most-places.patch => CVE-2020-14308-calloc-Use-calloc-at-most-
> > places.patch} (99%)
> > rename meta/recipes-bsp/grub/files/{0005-malloc-Use-overflow-
> > checking-primitives-where-we-do-.patch => CVE-2020-14309-CVE-2020-
> > 14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-
> > we-do-.patch} (99%)
> > rename meta/recipes-bsp/grub/files/{0007-script-Avoid-a-use-after-
> > free-when-redefining-a-func.patch => CVE-2020-15706-script-Avoid-a-
> > use-after-free-when-redefining-a-func.patch} (95%)
> > rename meta/recipes-bsp/grub/files/{0008-linux-Fix-integer-
> > overflows-in-initrd-size-handling.patch => CVE-2020-15707-linux-
> > Fix-integer-overflows-in-initrd-size-handling.patch} (96%)
> > rename meta/recipes-bsp/grub/files/{0001-calloc-Make-sure-we-
> > always-have-an-overflow-checking.patch => calloc-Make-sure-we-
> > always-have-an-overflow-checking.patch} (100%)
> > rename meta/recipes-bsp/grub/files/{0002-lvm-Add-LVM-cache-
> > logical-volume-handling.patch => lvm-Add-LVM-cache-logical-volume-
> > handling.patch} (100%)
> > rename meta/recipes-bsp/grub/files/{0004-safemath-Add-some-
> > arithmetic-primitives-that-check-f.patch => safemath-Add-some-
> > arithmetic-primitives-that-check-f.patch} (100%)
> > rename meta/recipes-bsp/grub/files/{0006-script-Remove-unused-
> > fields-from-grub_script_functio.patch => script-Remove-unused-
> > fields-from-grub_script_functio.patch} (100%)
> >
> > diff --git a/meta/recipes-bsp/grub/files/0003-calloc-Use-calloc-at-
> > most-places.patch b/meta/recipes-bsp/grub/files/CVE-2020-14308-
> > calloc-Use-calloc-at-most-places.patch
> > similarity index 99%
> > rename from meta/recipes-bsp/grub/files/0003-calloc-Use-calloc-at-
> > most-places.patch
> > rename to meta/recipes-bsp/grub/files/CVE-2020-14308-calloc-Use-
> > calloc-at-most-places.patch
> > index eb3e42c3af..637e368cb0 100644
> > --- a/meta/recipes-bsp/grub/files/0003-calloc-Use-calloc-at-most-
> > places.patch
> > +++ b/meta/recipes-bsp/grub/files/CVE-2020-14308-calloc-Use-calloc-
> > at-most-places.patch
> > @@ -19,11 +19,15 @@ Among other issues, this fixes:
> >
> > Fixes: CVE-2020-14308
> >
> > -Upstream-Status: Backport [commit
> > f725fa7cb2ece547c5af01eeeecfe8d95802ed41
> > -from https://git.savannah.gnu.org/git/grub.git]
> > -
> > Signed-off-by: Peter Jones <pjones@redhat.com>
> > Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
> > +
> > +Upstream-Status: Backport
> > +CVE: CVE-2020-14308
> > +
> > +Reference to upstream patch:
> > +
> > https://git.savannah.gnu.org/cgit/grub.git/commit/?id=f725fa7cb2ece547c5af01eeeecfe8d95802ed41
> > +
> > [YL: don't patch on grub-core/lib/json/json.c, which is not
> > existing in grub 2.04]
> > Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
> > ---
> > diff --git a/meta/recipes-bsp/grub/files/0005-malloc-Use-overflow-
> > checking-primitives-where-we-do-.patch b/meta/recipes-
> > bsp/grub/files/CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-
> > Use-overflow-checking-primitives-where-we-do-.patch
> > similarity index 99%
> > rename from meta/recipes-bsp/grub/files/0005-malloc-Use-overflow-
> > checking-primitives-where-we-do-.patch
> > rename to meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-
> > 14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-
> > we-do-.patch
> > index 146602cd3e..896a2145d4 100644
> > --- a/meta/recipes-bsp/grub/files/0005-malloc-Use-overflow-
> > checking-primitives-where-we-do-.patch
> > +++ b/meta/recipes-bsp/grub/files/CVE-2020-14309-CVE-2020-14310-
> > CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-
> > .patch
> > @@ -26,11 +26,15 @@ Among other issues, this fixes:
> >
> > Fixes: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
> >
> > -Upstream-Status: Backport [commit
> > 3f05d693d1274965ffbe4ba99080dc2c570944c6
> > -from https://git.savannah.gnu.org/git/grub.git]
> > -
> > Signed-off-by: Peter Jones <pjones@redhat.com>
> > Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
> > +
> > +Upstream-Status: Backport
> > +CVE: CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
> > +
> > +Reference to upstream patch:
> > +
> > https://git.savannah.gnu.org/cgit/grub.git/commit/?id=3f05d693d1274965ffbe4ba99080dc2c570944c6
> > +
> > Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
> > ---
> > grub-core/commands/legacycfg.c | 29 +++++++++++++++++++-----
> > diff --git a/meta/recipes-bsp/grub/files/0007-script-Avoid-a-use-
> > after-free-when-redefining-a-func.patch b/meta/recipes-
> > bsp/grub/files/CVE-2020-15706-script-Avoid-a-use-after-free-when-
> > redefining-a-func.patch
> > similarity index 95%
> > rename from meta/recipes-bsp/grub/files/0007-script-Avoid-a-use-
> > after-free-when-redefining-a-func.patch
> > rename to meta/recipes-bsp/grub/files/CVE-2020-15706-script-Avoid-
> > a-use-after-free-when-redefining-a-func.patch
> > index fedfc5d203..329e554a68 100644
> > --- a/meta/recipes-bsp/grub/files/0007-script-Avoid-a-use-after-
> > free-when-redefining-a-func.patch
> > +++ b/meta/recipes-bsp/grub/files/CVE-2020-15706-script-Avoid-a-
> > use-after-free-when-redefining-a-func.patch
> > @@ -19,11 +19,15 @@ dependent on the current behaviour without
> > being broken.
> >
> > Fixes: CVE-2020-15706
> >
> > -Upstream-Status: Backport [commit
> > 426f57383d647406ae9c628c472059c27cd6e040
> > -from https://git.savannah.gnu.org/git/grub.git]
> > -
> > Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
> > Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
> > +
> > +Upstream-Status: Backport
> > +CVE: CVE-2020-15706
> > +
> > +Reference to upstream patch:
> > +
> > https://git.savannah.gnu.org/cgit/grub.git/commit/?id=426f57383d647406ae9c628c472059c27cd6e040
> > +
> > Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
> > ---
> > grub-core/script/execute.c | 2 ++
> > diff --git a/meta/recipes-bsp/grub/files/0008-linux-Fix-integer-
> > overflows-in-initrd-size-handling.patch b/meta/recipes-
> > bsp/grub/files/CVE-2020-15707-linux-Fix-integer-overflows-in-
> > initrd-size-handling.patch
> > similarity index 96%
> > rename from meta/recipes-bsp/grub/files/0008-linux-Fix-integer-
> > overflows-in-initrd-size-handling.patch
> > rename to meta/recipes-bsp/grub/files/CVE-2020-15707-linux-Fix-
> > integer-overflows-in-initrd-size-handling.patch
> > index 0731f0ec53..d4f9300c0a 100644
> > --- a/meta/recipes-bsp/grub/files/0008-linux-Fix-integer-overflows-
> > in-initrd-size-handling.patch
> > +++ b/meta/recipes-bsp/grub/files/CVE-2020-15707-linux-Fix-integer-
> > overflows-in-initrd-size-handling.patch
> > @@ -7,12 +7,16 @@ These could be triggered by a crafted filesystem
> > with very large files.
> >
> > Fixes: CVE-2020-15707
> >
> > -Upstream-Status: Backport [commit
> > e7b8856f8be3292afdb38d2e8c70ad8d62a61e10
> > -from https://git.savannah.gnu.org/git/grub.git]
> > -
> > Signed-off-by: Colin Watson <cjwatson@debian.org>
> > Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
> > Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
> > +
> > +Upstream-Status: Backport
> > +CVE: CVE-2020-15707
> > +
> > +Reference to upstream patch:
> > +
> > https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e7b8856f8be3292afdb38d2e8c70ad8d62a61e10
> > +
> > Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
> > ---
> > grub-core/loader/linux.c | 74
> > +++++++++++++++++++++++++++++++++++-------------
> > diff --git a/meta/recipes-bsp/grub/files/0001-calloc-Make-sure-we-
> > always-have-an-overflow-checking.patch b/meta/recipes-
> > bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-
> > checking.patch
> > similarity index 100%
> > rename from meta/recipes-bsp/grub/files/0001-calloc-Make-sure-we-
> > always-have-an-overflow-checking.patch
> > rename to meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-
> > have-an-overflow-checking.patch
> > diff --git a/meta/recipes-bsp/grub/files/0002-lvm-Add-LVM-cache-
> > logical-volume-handling.patch b/meta/recipes-bsp/grub/files/lvm-
> > Add-LVM-cache-logical-volume-handling.patch
> > similarity index 100%
> > rename from meta/recipes-bsp/grub/files/0002-lvm-Add-LVM-cache-
> > logical-volume-handling.patch
> > rename to meta/recipes-bsp/grub/files/lvm-Add-LVM-cache-logical-
> > volume-handling.patch
> > diff --git a/meta/recipes-bsp/grub/files/0004-safemath-Add-some-
> > arithmetic-primitives-that-check-f.patch b/meta/recipes-
> > bsp/grub/files/safemath-Add-some-arithmetic-primitives-that-check-
> > f.patch
> > similarity index 100%
> > rename from meta/recipes-bsp/grub/files/0004-safemath-Add-some-
> > arithmetic-primitives-that-check-f.patch
> > rename to meta/recipes-bsp/grub/files/safemath-Add-some-arithmetic-
> > primitives-that-check-f.patch
> > diff --git a/meta/recipes-bsp/grub/files/0006-script-Remove-unused-
> > fields-from-grub_script_functio.patch b/meta/recipes-
> > bsp/grub/files/script-Remove-unused-fields-from-
> > grub_script_functio.patch
> > similarity index 100%
> > rename from meta/recipes-bsp/grub/files/0006-script-Remove-unused-
> > fields-from-grub_script_functio.patch
> > rename to meta/recipes-bsp/grub/files/script-Remove-unused-fields-
> > from-grub_script_functio.patch
> > diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-
> > bsp/grub/grub2.inc
> > index 7c53193ebd..ff17dbe8b7 100644
> > --- a/meta/recipes-bsp/grub/grub2.inc
> > +++ b/meta/recipes-bsp/grub/grub2.inc
> > @@ -19,14 +19,14 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz
> > \
> >
> > file://grub-module-explicitly-keeps-symbole-.module_license.patch \
> >
> > file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \
> > file://CVE-2020-10713.patch \
> > -
> > file://0001-calloc-Make-sure-we-always-have-an-overflow-checking.patch
> > \
> > -
> > file://0002-lvm-Add-LVM-cache-logical-volume-handling.patch \
> > - file://0003-calloc-Use-calloc-at-most-places.patch \
> > -
> > file://0004-safemath-Add-some-arithmetic-primitives-that-check-f.patch
> > \
> > -
> > file://0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch
> > \
> > -
> > file://0006-script-Remove-unused-fields-from-grub_script_functio.patch
> > \
> > -
> > file://0007-script-Avoid-a-use-after-free-when-redefining-a-func.patch
> > \
> > -
> > file://0008-linux-Fix-integer-overflows-in-initrd-size-handling.patch
> > \
> > +
> > file://calloc-Make-sure-we-always-have-an-overflow-checking.patch \
> > +
> > file://lvm-Add-LVM-cache-logical-volume-handling.patch \
> > +
> > file://CVE-2020-14308-calloc-Use-calloc-at-most-places.patch \
> > +
> > file://safemath-Add-some-arithmetic-primitives-that-check-f.patch \
> > +
> > file://CVE-2020-14309-CVE-2020-14310-CVE-2020-14311-malloc-Use-overflow-checking-primitives-where-we-do-.patch
> > \
> > +
> > file://script-Remove-unused-fields-from-grub_script_functio.patch \
> > +
> > file://CVE-2020-15706-script-Avoid-a-use-after-free-when-redefining-a-func.patch
> > \
> > +
> > file://CVE-2020-15707-linux-Fix-integer-overflows-in-initrd-size-handling.patch
> > \
> > "
> > SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934"
> > SRC_URI[sha256sum] =
> > "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea"
> > --
> > 2.28.0
> >
> >
> >
> >
next prev parent reply other threads:[~2020-11-06 16:07 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-06 6:27 [gatesgarth][PATCH 00/22] gatesgarth review request Anuj Mittal
2020-11-06 6:27 ` [gatesgarth][PATCH 01/22] gstreamer1.0: Fix reproducibility issue around libcap Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 02/22] gstreamer1.0: Update 1.16.2 -> Update 1.16.3 Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 03/22] gstreamer1.0-plugins-base: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 04/22] gstreamer1.0-plugins-good: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 05/22] gstreamer1.0-plugins-bad: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 06/22] gstreamer1.0-plugins-ugly: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 07/22] gstreamer1.0-libav: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 08/22] gstreamer1.0-vaapi: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 09/22] gstreamer1.0-rtsp-server: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 10/22] gstreamer1.0-omx: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 11/22] gstreamer1.0-python: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 12/22] gst-validate: " Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 13/22] bluez5: fix CVE-2020-27153 Anuj Mittal
2020-11-06 15:12 ` [OE-core] " Steve Sakoman
2020-11-11 7:06 ` Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 14/22] ruby: fix CVE-2020-25613 Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 15/22] libsdl2: Fix directfb syntax error Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 16/22] libsdl2: Fix directfb SDL_RenderFillRect Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 17/22] grub: clean up CVE patches Anuj Mittal
2020-11-06 15:14 ` [OE-core] " Steve Sakoman
2020-11-06 16:07 ` Anuj Mittal [this message]
2020-11-06 6:28 ` [gatesgarth][PATCH 18/22] qemuboot.bbclass: Fix a typo Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 19/22] common-licenses: add bzip2-1.0.4 Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 20/22] recipes-core/busybox: fixup licensing information Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 21/22] apt: remove host contamination with gtest Anuj Mittal
2020-11-06 6:28 ` [gatesgarth][PATCH 22/22] update_udev_hwdb: clean hwdb.bin Anuj Mittal
2020-11-06 15:45 ` [OE-core] " Steve Sakoman
2020-11-06 16:04 ` Anuj Mittal
2020-11-06 16:30 ` Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0c3c0a75aa3517e922aabcfec56e174989a6a203.camel@intel.com \
--to=anuj.mittal@intel.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=steve@sakoman.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox