encounter general protection fault while pxe booting from MaaS server
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
dellserver |
New
|
Undecided
|
Unassigned | ||
grub2 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Unassigned | ||
grub2-signed (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned | ||
grub2-unsigned (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Medium
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
grub can cause a general protection fault in EFI by freeing the wrong number of bytes for an address it allocated, causing the machine not to boot.
[Test plan]
1. Have a Dell 14G server with ubuntu OS and MAAS 2.9.2 application installed. Configure MaaS Deploy Settings to Centos7.
2. Configure another Dell 14G SUT with PXE on boot and enlist it in MAAS.
3. Deploy Centos7 in SUT through MaaS.
4. Power off the system after Centos deployment.
5. Power on the system, SUT goes to MaaS-PXE and we now should be able to boot to installed Centos-7 (Issue is RSOD here).
[Where problems could occur]
We could free too little or too much memory if the code is wrong? Basically all this does is change a free() call to use sizeof() instead of a hardcoded value that was used previously to allocate the buffer. Which should lead to the same result as now in the worst case.
[Original bug report]
Observing RSOD when ubuntu installed server setup with MaaS application as per below procedure and pointing out different OS images from grub to deploying OS for connected server.
certification-
Steps to reproduce the issue,
1. Have a server with ubuntu OS and MAAS 2.9.2 application installed
2. Make sure remote server is configured with PXE and enlisted into MAAS application.
[In remote server enable PXE boot in the BIOD network settings and also configure uEFI boot mode and PXE boot device in BIOS settings]
4. Go to MAAS server and use curl command to check the current grub configuration for new enlisted server and make sure current grub configuration mapping to the "MAC address of NIC which is pointing to the CentOS image to deploy or to install into remote server which is enlisted into MAAS. [please refer "grub_commission" snapshot for more details]
5. After above check power on the new enlisted server and run the PXE boot via NIC port.
RSOD should be able to triggered at stage of "booting under maas direction.." [please refer "RSOD_error" snapshot for mroe details]
6. In step 4, if groub config for commissioned machine is pointing to ubuntu boot kernel the RSOD wont be triggered.
Related branches
- Ubuntu Core Development Team: Pending requested
-
Diff: 25480 lines (+18809/-711) (has conflicts)166 files modifiedChangeLog (+5278/-0)
INSTALL (+31/-21)
Makefile.am (+1/-1)
Makefile.in (+270/-54)
Makefile.util.am (+16/-7)
Makefile.util.def (+15/-40)
NEWS (+14/-0)
README (+6/-0)
acinclude.m4 (+36/-2)
aclocal.m4 (+1/-0)
autogen.sh (+1/-1)
conf/Makefile.common (+2/-0)
conf/Makefile.extra-dist (+21/-0)
config-util.h.in (+6/-0)
config.h.in (+0/-2)
configure (+192/-39)
configure.ac (+99/-104)
debian/.git-dpm (+3/-0)
debian/NEWS (+8/-0)
debian/README.source (+3/-0)
debian/apport/source_grub2.py (+14/-5)
debian/build-efi-images (+27/-11)
debian/changelog (+1253/-1)
debian/control (+40/-24)
debian/dirs.in (+1/-0)
debian/grub-check-signatures (+21/-0)
debian/grub-common.service (+13/-0)
debian/grub-efi-amd64-bin.maintscript.in (+1/-0)
debian/grub-efi-arm64-bin.maintscript.in (+1/-0)
debian/grub-extras/915resolution/.gitignore (+3/-0)
debian/grub-extras/915resolution/915resolution.c (+29/-8)
debian/grub-extras/disabled/gpxe/.gitignore (+3/-0)
debian/grub-extras/disabled/zfs/.gitignore (+5/-0)
debian/grub-extras/lua/.gitignore (+3/-0)
debian/grub-extras/ntldr-img/.gitignore (+3/-0)
debian/grub.d/05_debian_theme (+2/-2)
debian/legacy/upgrade-from-grub-legacy (+3/-1)
debian/patches/0076-ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch (+37/-0)
debian/patches/0077-ubuntu-Update-the-linux-boot-protocol-version-check.patch (+7/-0)
debian/patches/0096-linuxefi-fail-kernel-validation-without-shim-protoco.patch (+36/-0)
debian/patches/0099-chainloader-Avoid-a-double-free-when-validation-fail.patch (+14/-0)
debian/patches/0105-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch (+7/-0)
debian/patches/0241-Call-hwmatch-only-on-the-grub-pc-platform.patch (+47/-0)
debian/patches/at_keyboard-module-init.patch (+4/-1)
debian/patches/bash-completion-drop-have-checks.patch (+5/-2)
debian/patches/blacklist-1440x900x32.patch (+4/-1)
debian/patches/bootp-new-net_bootp6-command.patch (+22/-17)
debian/patches/bootp-process-dhcpack-http-boot.patch (+20/-15)
debian/patches/cherrypick-efi-grub_efi_close_protocol.patch (+79/-0)
debian/patches/cherrypick-efinet-correct-closing-snp-protocol.patch (+106/-0)
debian/patches/core-in-fs.patch (+3/-4)
debian/patches/debug_verifiers.patch (+27/-0)
debian/patches/default-grub-d.patch (+34/-17)
debian/patches/dejavu-font-path.patch (+22/-0)
debian/patches/disable-floppies.patch (+1/-2)
debian/patches/dpkg-version-comparison.patch (+3/-4)
debian/patches/efi-variable-storage-minimise-writes.patch (+60/-11)
debian/patches/efinet-set-dns-from-uefi-proto.patch (+13/-8)
debian/patches/efinet-set-network-from-uefi-devpath.patch (+8/-5)
debian/patches/efinet-uefi-ipv6-pxe-support.patch (+8/-5)
debian/patches/gettext-quiet.patch (+4/-1)
debian/patches/gfxpayload-dynamic.patch (+23/-7)
debian/patches/gfxpayload-keep-default.patch (+9/-0)
debian/patches/grub-install-pvxen-paths.patch (+14/-3)
debian/patches/grub-legacy-0-based-partitions.patch (+1/-2)
debian/patches/grub.cfg-400.patch (+2/-3)
debian/patches/ieee1275-clear-reset.patch (+4/-1)
debian/patches/ignore-grub_func_test-failures.patch (+4/-1)
debian/patches/insmod-xzio-and-lzopio-on-xen.patch (+7/-0)
debian/patches/install-efi-adjust-distributor.patch (+33/-0)
debian/patches/install-efi-fallback.patch (+5/-2)
debian/patches/install-efi-ubuntu-flavours.patch (+3/-0)
debian/patches/install-locale-langpack.patch (+10/-7)
debian/patches/install-powerpc-machtypes.patch (+18/-11)
debian/patches/install-stage2-confusion.patch (+9/-6)
debian/patches/maybe-quiet.patch (+30/-21)
debian/patches/minilzo-2.10.patch (+2538/-0)
debian/patches/mkconfig-loopback.patch (+11/-4)
debian/patches/mkconfig-mid-upgrade.patch (+3/-0)
debian/patches/mkconfig-nonexistent-loopback.patch (+11/-8)
debian/patches/mkconfig-other-inits.patch (+14/-3)
debian/patches/mkconfig-recovery-title.patch (+17/-10)
debian/patches/mkconfig-signed-kernel.patch (+9/-0)
debian/patches/mkconfig-ubuntu-distributor.patch (+7/-0)
debian/patches/mkconfig-ubuntu-recovery.patch (+18/-5)
debian/patches/mkimage-fix-section-sizes.patch (+108/-0)
debian/patches/mkrescue-efi-modules.patch (+6/-3)
debian/patches/net-read-bracketed-ipv6-addr.patch (+20/-16)
debian/patches/no-devicetree-if-secure-boot.patch (+8/-5)
debian/patches/no-insmod-on-sb.patch (+8/-58)
debian/patches/olpc-prefix-hack.patch (+1/-2)
debian/patches/pc-verifiers-module.patch (+166/-0)
debian/patches/ppc64el-disable-vsx.patch (+4/-1)
debian/patches/probe-fusionio.patch (+8/-5)
debian/patches/quick-boot-lvm.patch (+6/-3)
debian/patches/quick-boot.patch (+34/-20)
debian/patches/restore-mkdevicemap.patch (+26/-13)
debian/patches/rhboot-f34-dont-use-int-for-efi-status.patch (+7/-0)
debian/patches/rhboot-f34-efinet-also-use-the-firmware-acceleration-for-http.patch (+26/-0)
debian/patches/rhboot-f34-make-exit-take-a-return-code.patch (+68/-0)
debian/patches/rhboot-f34-make-pmtimer-tsc-calibration-fast.patch (+11/-0)
debian/patches/series (+69/-4)
debian/patches/skip-grub_cmd_set_date.patch (+4/-1)
debian/patches/sleep-shift.patch (+3/-0)
debian/patches/suse-AUDIT-0-http-boot-tracker-bug.patch (+68/-0)
debian/patches/suse-add-support-for-UEFI-network-protocols.patch (+4941/-0)
debian/patches/suse-grub.texi-add-net_bootp6-document.patch (+49/-0)
debian/patches/tests-ahci-update-qemu-device-name.patch (+33/-0)
debian/patches/tpm-unknown-error-non-fatal.patch (+30/-0)
debian/patches/ubuntu-add-devicetree-command-support.patch (+7/-0)
debian/patches/ubuntu-add-initrd-less-boot-fallback.patch (+44/-0)
debian/patches/ubuntu-add-initrd-less-boot-messages.patch (+24/-0)
debian/patches/ubuntu-boot-from-multipath-dependent-symlink.patch (+7/-0)
debian/patches/ubuntu-dont-verify-loopback-images.patch (+11/-0)
debian/patches/ubuntu-efi-allow-loopmount-chainload.patch (+27/-0)
debian/patches/ubuntu-fix-lzma-decompressor-objcopy.patch (+10/-0)
debian/patches/ubuntu-fix-reproducible-squashfs-test.patch (+7/-0)
debian/patches/ubuntu-flavour-order.patch (+17/-0)
debian/patches/ubuntu-fuse3.patch (+108/-0)
debian/patches/ubuntu-grub-install-extra-removable.patch (+37/-0)
debian/patches/ubuntu-install-signed.patch (+41/-0)
debian/patches/ubuntu-linuxefi-arm64-set-base-addr.patch (+18/-0)
debian/patches/ubuntu-linuxefi-arm64.patch (+35/-0)
debian/patches/ubuntu-linuxefi.patch (+432/-0)
debian/patches/ubuntu-mkconfig-leave-breadcrumbs.patch (+10/-0)
debian/patches/ubuntu-os-prober-auto.patch (+51/-0)
debian/patches/ubuntu-recovery-dis_ucode_ldr.patch (+11/-0)
debian/patches/ubuntu-resilient-boot-boot-order.patch (+45/-0)
debian/patches/ubuntu-resilient-boot-ignore-alternative-esps.patch (+11/-0)
debian/patches/ubuntu-shorter-version-info.patch (+18/-0)
debian/patches/ubuntu-skip-disk-by-id-lvm-pvm-uuid-entries.patch (+10/-0)
debian/patches/ubuntu-speed-zsys-history.patch (+11/-0)
debian/patches/ubuntu-support-initrd-less-boot.patch (+27/-0)
debian/patches/ubuntu-temp-keep-auto-nvram.patch (+7/-0)
debian/patches/ubuntu-verifiers-last.patch (+59/-0)
debian/patches/ubuntu-zfs-enhance-support.patch (+25/-0)
debian/patches/ubuntu-zfs-gfxpayload-dynamic.patch (+95/-0)
debian/patches/ubuntu-zfs-gfxpayload-keep-default.patch (+38/-0)
debian/patches/ubuntu-zfs-insmod-xzio-and-lzopio-on-xen.patch (+32/-0)
debian/patches/ubuntu-zfs-maybe-quiet.patch (+72/-0)
debian/patches/ubuntu-zfs-mkconfig-recovery-title.patch (+49/-0)
debian/patches/ubuntu-zfs-mkconfig-signed-kernel.patch (+51/-0)
debian/patches/ubuntu-zfs-mkconfig-ubuntu-distributor.patch (+36/-0)
debian/patches/ubuntu-zfs-mkconfig-ubuntu-recovery.patch (+66/-0)
debian/patches/ubuntu-zfs-quick-boot.patch (+50/-0)
debian/patches/ubuntu-zfs-vt-handoff.patch (+77/-0)
debian/patches/uefi-firmware-setup.patch (+3/-0)
debian/patches/uefi-secure-boot-cryptomount.patch (+11/-0)
debian/patches/vsnprintf-upper-case-hex.patch (+3/-0)
debian/patches/vt-handoff.patch (+9/-2)
debian/patches/wubi-no-windows.patch (+6/-3)
debian/patches/xen-no-xsm-policy-in-non-xsm-options.patch (+34/-0)
debian/patches/xfs-fix-v4-superblock.patch (+121/-0)
debian/patches/zpool-full-device-name.patch (+4/-1)
debian/patches/zstd-require-8-byte-buffer.patch (+63/-0)
debian/postinst.in (+86/-6)
debian/postrm.in (+2/-2)
debian/rules (+102/-5)
debian/sbat.debian.csv.in (+3/-0)
debian/sbat.ubuntu.csv.in (+3/-0)
debian/signing-template/control.in (+1/-1)
dev/null (+0/-1)
docs/Makefile.in (+2/-2)
docs/grub-dev.info (+113/-45)
docs/grub-dev.texi (+65/-1)
docs/grub.info (+2/-1)
- Ubuntu Core Development Team: Pending requested
-
Diff: 25480 lines (+18809/-711) (has conflicts)166 files modifiedChangeLog (+5278/-0)
INSTALL (+31/-21)
Makefile.am (+1/-1)
Makefile.in (+270/-54)
Makefile.util.am (+16/-7)
Makefile.util.def (+15/-40)
NEWS (+14/-0)
README (+6/-0)
acinclude.m4 (+36/-2)
aclocal.m4 (+1/-0)
autogen.sh (+1/-1)
conf/Makefile.common (+2/-0)
conf/Makefile.extra-dist (+21/-0)
config-util.h.in (+6/-0)
config.h.in (+0/-2)
configure (+192/-39)
configure.ac (+99/-104)
debian/.git-dpm (+3/-0)
debian/NEWS (+8/-0)
debian/README.source (+3/-0)
debian/apport/source_grub2.py (+14/-5)
debian/build-efi-images (+27/-11)
debian/changelog (+1253/-1)
debian/control (+40/-24)
debian/dirs.in (+1/-0)
debian/grub-check-signatures (+21/-0)
debian/grub-common.service (+13/-0)
debian/grub-efi-amd64-bin.maintscript.in (+1/-0)
debian/grub-efi-arm64-bin.maintscript.in (+1/-0)
debian/grub-extras/915resolution/.gitignore (+3/-0)
debian/grub-extras/915resolution/915resolution.c (+29/-8)
debian/grub-extras/disabled/gpxe/.gitignore (+3/-0)
debian/grub-extras/disabled/zfs/.gitignore (+5/-0)
debian/grub-extras/lua/.gitignore (+3/-0)
debian/grub-extras/ntldr-img/.gitignore (+3/-0)
debian/grub.d/05_debian_theme (+2/-2)
debian/legacy/upgrade-from-grub-legacy (+3/-1)
debian/patches/0076-ubuntu-Make-the-linux-command-in-EFI-grub-always-try.patch (+37/-0)
debian/patches/0077-ubuntu-Update-the-linux-boot-protocol-version-check.patch (+7/-0)
debian/patches/0096-linuxefi-fail-kernel-validation-without-shim-protoco.patch (+36/-0)
debian/patches/0099-chainloader-Avoid-a-double-free-when-validation-fail.patch (+14/-0)
debian/patches/0105-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch (+7/-0)
debian/patches/0241-Call-hwmatch-only-on-the-grub-pc-platform.patch (+47/-0)
debian/patches/at_keyboard-module-init.patch (+4/-1)
debian/patches/bash-completion-drop-have-checks.patch (+5/-2)
debian/patches/blacklist-1440x900x32.patch (+4/-1)
debian/patches/bootp-new-net_bootp6-command.patch (+22/-17)
debian/patches/bootp-process-dhcpack-http-boot.patch (+20/-15)
debian/patches/cherrypick-efi-grub_efi_close_protocol.patch (+79/-0)
debian/patches/cherrypick-efinet-correct-closing-snp-protocol.patch (+106/-0)
debian/patches/core-in-fs.patch (+3/-4)
debian/patches/debug_verifiers.patch (+27/-0)
debian/patches/default-grub-d.patch (+34/-17)
debian/patches/dejavu-font-path.patch (+22/-0)
debian/patches/disable-floppies.patch (+1/-2)
debian/patches/dpkg-version-comparison.patch (+3/-4)
debian/patches/efi-variable-storage-minimise-writes.patch (+60/-11)
debian/patches/efinet-set-dns-from-uefi-proto.patch (+13/-8)
debian/patches/efinet-set-network-from-uefi-devpath.patch (+8/-5)
debian/patches/efinet-uefi-ipv6-pxe-support.patch (+8/-5)
debian/patches/gettext-quiet.patch (+4/-1)
debian/patches/gfxpayload-dynamic.patch (+23/-7)
debian/patches/gfxpayload-keep-default.patch (+9/-0)
debian/patches/grub-install-pvxen-paths.patch (+14/-3)
debian/patches/grub-legacy-0-based-partitions.patch (+1/-2)
debian/patches/grub.cfg-400.patch (+2/-3)
debian/patches/ieee1275-clear-reset.patch (+4/-1)
debian/patches/ignore-grub_func_test-failures.patch (+4/-1)
debian/patches/insmod-xzio-and-lzopio-on-xen.patch (+7/-0)
debian/patches/install-efi-adjust-distributor.patch (+33/-0)
debian/patches/install-efi-fallback.patch (+5/-2)
debian/patches/install-efi-ubuntu-flavours.patch (+3/-0)
debian/patches/install-locale-langpack.patch (+10/-7)
debian/patches/install-powerpc-machtypes.patch (+18/-11)
debian/patches/install-stage2-confusion.patch (+9/-6)
debian/patches/maybe-quiet.patch (+30/-21)
debian/patches/minilzo-2.10.patch (+2538/-0)
debian/patches/mkconfig-loopback.patch (+11/-4)
debian/patches/mkconfig-mid-upgrade.patch (+3/-0)
debian/patches/mkconfig-nonexistent-loopback.patch (+11/-8)
debian/patches/mkconfig-other-inits.patch (+14/-3)
debian/patches/mkconfig-recovery-title.patch (+17/-10)
debian/patches/mkconfig-signed-kernel.patch (+9/-0)
debian/patches/mkconfig-ubuntu-distributor.patch (+7/-0)
debian/patches/mkconfig-ubuntu-recovery.patch (+18/-5)
debian/patches/mkimage-fix-section-sizes.patch (+108/-0)
debian/patches/mkrescue-efi-modules.patch (+6/-3)
debian/patches/net-read-bracketed-ipv6-addr.patch (+20/-16)
debian/patches/no-devicetree-if-secure-boot.patch (+8/-5)
debian/patches/no-insmod-on-sb.patch (+8/-58)
debian/patches/olpc-prefix-hack.patch (+1/-2)
debian/patches/pc-verifiers-module.patch (+166/-0)
debian/patches/ppc64el-disable-vsx.patch (+4/-1)
debian/patches/probe-fusionio.patch (+8/-5)
debian/patches/quick-boot-lvm.patch (+6/-3)
debian/patches/quick-boot.patch (+34/-20)
debian/patches/restore-mkdevicemap.patch (+26/-13)
debian/patches/rhboot-f34-dont-use-int-for-efi-status.patch (+7/-0)
debian/patches/rhboot-f34-efinet-also-use-the-firmware-acceleration-for-http.patch (+26/-0)
debian/patches/rhboot-f34-make-exit-take-a-return-code.patch (+68/-0)
debian/patches/rhboot-f34-make-pmtimer-tsc-calibration-fast.patch (+11/-0)
debian/patches/series (+69/-4)
debian/patches/skip-grub_cmd_set_date.patch (+4/-1)
debian/patches/sleep-shift.patch (+3/-0)
debian/patches/suse-AUDIT-0-http-boot-tracker-bug.patch (+68/-0)
debian/patches/suse-add-support-for-UEFI-network-protocols.patch (+4941/-0)
debian/patches/suse-grub.texi-add-net_bootp6-document.patch (+49/-0)
debian/patches/tests-ahci-update-qemu-device-name.patch (+33/-0)
debian/patches/tpm-unknown-error-non-fatal.patch (+30/-0)
debian/patches/ubuntu-add-devicetree-command-support.patch (+7/-0)
debian/patches/ubuntu-add-initrd-less-boot-fallback.patch (+44/-0)
debian/patches/ubuntu-add-initrd-less-boot-messages.patch (+24/-0)
debian/patches/ubuntu-boot-from-multipath-dependent-symlink.patch (+7/-0)
debian/patches/ubuntu-dont-verify-loopback-images.patch (+11/-0)
debian/patches/ubuntu-efi-allow-loopmount-chainload.patch (+27/-0)
debian/patches/ubuntu-fix-lzma-decompressor-objcopy.patch (+10/-0)
debian/patches/ubuntu-fix-reproducible-squashfs-test.patch (+7/-0)
debian/patches/ubuntu-flavour-order.patch (+17/-0)
debian/patches/ubuntu-fuse3.patch (+108/-0)
debian/patches/ubuntu-grub-install-extra-removable.patch (+37/-0)
debian/patches/ubuntu-install-signed.patch (+41/-0)
debian/patches/ubuntu-linuxefi-arm64-set-base-addr.patch (+18/-0)
debian/patches/ubuntu-linuxefi-arm64.patch (+35/-0)
debian/patches/ubuntu-linuxefi.patch (+432/-0)
debian/patches/ubuntu-mkconfig-leave-breadcrumbs.patch (+10/-0)
debian/patches/ubuntu-os-prober-auto.patch (+51/-0)
debian/patches/ubuntu-recovery-dis_ucode_ldr.patch (+11/-0)
debian/patches/ubuntu-resilient-boot-boot-order.patch (+45/-0)
debian/patches/ubuntu-resilient-boot-ignore-alternative-esps.patch (+11/-0)
debian/patches/ubuntu-shorter-version-info.patch (+18/-0)
debian/patches/ubuntu-skip-disk-by-id-lvm-pvm-uuid-entries.patch (+10/-0)
debian/patches/ubuntu-speed-zsys-history.patch (+11/-0)
debian/patches/ubuntu-support-initrd-less-boot.patch (+27/-0)
debian/patches/ubuntu-temp-keep-auto-nvram.patch (+7/-0)
debian/patches/ubuntu-verifiers-last.patch (+59/-0)
debian/patches/ubuntu-zfs-enhance-support.patch (+25/-0)
debian/patches/ubuntu-zfs-gfxpayload-dynamic.patch (+95/-0)
debian/patches/ubuntu-zfs-gfxpayload-keep-default.patch (+38/-0)
debian/patches/ubuntu-zfs-insmod-xzio-and-lzopio-on-xen.patch (+32/-0)
debian/patches/ubuntu-zfs-maybe-quiet.patch (+72/-0)
debian/patches/ubuntu-zfs-mkconfig-recovery-title.patch (+49/-0)
debian/patches/ubuntu-zfs-mkconfig-signed-kernel.patch (+51/-0)
debian/patches/ubuntu-zfs-mkconfig-ubuntu-distributor.patch (+36/-0)
debian/patches/ubuntu-zfs-mkconfig-ubuntu-recovery.patch (+66/-0)
debian/patches/ubuntu-zfs-quick-boot.patch (+50/-0)
debian/patches/ubuntu-zfs-vt-handoff.patch (+77/-0)
debian/patches/uefi-firmware-setup.patch (+3/-0)
debian/patches/uefi-secure-boot-cryptomount.patch (+11/-0)
debian/patches/vsnprintf-upper-case-hex.patch (+3/-0)
debian/patches/vt-handoff.patch (+9/-2)
debian/patches/wubi-no-windows.patch (+6/-3)
debian/patches/xen-no-xsm-policy-in-non-xsm-options.patch (+34/-0)
debian/patches/xfs-fix-v4-superblock.patch (+121/-0)
debian/patches/zpool-full-device-name.patch (+4/-1)
debian/patches/zstd-require-8-byte-buffer.patch (+63/-0)
debian/postinst.in (+86/-6)
debian/postrm.in (+2/-2)
debian/rules (+102/-5)
debian/sbat.debian.csv.in (+3/-0)
debian/sbat.ubuntu.csv.in (+3/-0)
debian/signing-template/control.in (+1/-1)
dev/null (+0/-1)
docs/Makefile.in (+2/-2)
docs/grub-dev.info (+113/-45)
docs/grub-dev.texi (+65/-1)
docs/grub.info (+2/-1)
information type: | Private Security → Private |
information type: | Private → Public |
tags: | added: fr-2047 |
Changed in grub2 (Ubuntu): | |
importance: | Undecided → Medium |
tags: | added: servcert-224 |
tags: | added: servcert-225 |
tags: | added: servcert-226 |
tags: | added: servcert-227 |
tags: | added: servcert-228 |
tags: | removed: servcert-224 servcert-225 servcert-226 servcert-227 servcert-228 |
description: | updated |
tags: | added: foundations-todo |
Changed in grub2-unsigned (Ubuntu Bionic): | |
importance: | Undecided → Medium |
Changed in grub2-unsigned (Ubuntu Focal): | |
importance: | Undecided → Medium |
Changed in grub2-unsigned (Ubuntu Bionic): | |
status: | New → Triaged |
Changed in grub2-unsigned (Ubuntu Focal): | |
status: | New → Triaged |
Changed in grub2-unsigned (Ubuntu Bionic): | |
status: | Triaged → Fix Released |
tags: | removed: foundations-todo |
As per our internal evaluation, seems issue is in GRUB utility used by MAAS (2.9.2).
In the source code of grub(.. /grub-core/ loader/ i386/efi/ linux.c) at line #215 "gub_efi_ allocate_ pages_max" allocates ONE PAGE but while freeing the pages in line #365 FOUR PAGES are got freed in "grub_efi_ free_pages" ,
/*Line 215*/ params = grub_efi_ allocate_ pages_max (0x3fffffff, PAGES(sizeof( *params) )); efi_physical_ address_ t)(grub_ addr_t) params, PAGES(16384) );
/*Line 216*/ BYTES_TO_
/*Line 365*/ grub_efi_free_pages ((grub_
/*Line 366*/ BYTES_TO_
And RSOD is not observed after changing the above code as like below in line #366, efi_physical_ address_ t)(grub_ addr_t) params, PAGES(sizeof( *params) );
/* Line 365*/ grub_efi_free_pages ((grub_
/* Line 366*/ BYTES_TO_
Kindly help us verifying and confirming above observations.