Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Avoid segfault when user-specified initrd is a symlink to /dev/null #261

Merged
merged 1 commit into from
Oct 11, 2024
Merged

Avoid segfault when user-specified initrd is a symlink to /dev/null #261

merged 1 commit into from
Oct 11, 2024

Conversation

bwarden
Copy link
Member

@bwarden bwarden commented Oct 11, 2024
edited
Loading

We check for a microcode update initrd, so we can early-load it, by comparing the resolved file names to the ending "-ucode.cpio". In the case that a user has explicitly masked an initrd by symlinking a name in /etc/kernel/initrd.d/ to /dev/null, we store NULL in the resolved filename pointer.

Before we do the actual comparison, we do a strlen to make sure the filename is longer than the desired match. For a NULL pointer, that results in a segfault, so for that case, explicitly code the length to 0 instead of calling strlen on it.

Signature:

[277506.631610] clr-boot-manage[2369580]: segfault at 0 ip 0000558974796218 sp 00007ffca90d9658 error 4 cpu 18 in libc-2.40.so[196218,558974628000+184000] likely on CPU 18 (core 8, socket 0)
[277506.631627] Code: 0f 84 5e fd ff ff 48 89 f8 0f bc c9 f3 a4 c3 0f 1f 00 89 f8 62 a1 fd 00 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 28 01 00 00 <62> f1 7d 20 74 07 c5 fb 93 c0 85 c0 74 1a 0f bc c0 c3 66 0f 1f 44

$ sudo CBM_DEBUG=1 clr-boot-manager update
[DEBUG] cbm (../src/cli/cli.c:L142): No such file: //etc/kernel/update_efi_vars
[INFO] cbm (../src/bootman/bootman.c:L788): Current running kernel: 6.10.12-1467.native
[INFO] cbm (../src/bootman/sysconfig.c:L179): Discovered UEFI ESP: /dev/disk/by-partuuid/cb7f514a-2dd7-445d-9dec-2d5d105c6eee
[INFO] cbm (../src/bootman/sysconfig.c:L256): Fully resolved boot device: /dev/sda1
[DEBUG] cbm (../src/bootman/bootman.c:L141): shim-systemd caps: 0x26, wanted: 0x26
[DEBUG] cbm (../src/bootman/bootman.c:L156): UEFI boot now selected (shim-systemd)
[DEBUG] cbm (../src/bootman/bootman.c:L829): Non regular file: ///etc/kernel/initrd.d/.., skipping.
Segmentation fault

(gdb) bt
#0  0x0000555555396218 in __strlen_evex () from /usr/lib64/libc.so.6
#1  0x000055555555b9cc in _boot_manager_enumerate_initrds_freestanding () at ../src/bootman/bootman.c:889
#2  0x000055555555d570 in boot_manager_enumerate_initrds_freestanding () at ../src/bootman/bootman.c:918
#3  0x000055555555b170 in cbm_command_update_do () at ../src/cli/ops/update.c:82
#4  0x000055555555b2ac in cbm_command_update () at ../src/cli/ops/update.c:44
#5  0x000055555555990b in main () at ../src/cli/main.c:296

@bwarden
Avoid segfault when user-specified initrd is a symlink to /dev/null
014224b 
We check for a microcode update initrd, so we can early-load it, by
comparing the resolved file names to the ending "-ucode.cpio". In the
case that a user has explicitly masked an initrd by symlinking a name in
/etc/kernel/initrd.d/ to /dev/null, we store NULL in the resolved
filename pointer.

Before we do the actual comparison, we do a strlen to make sure the
filename is longer than the desired match. For a NULL pointer, that
results in a segfault, so for that case, explicitly code the length to 0
instead of calling strlen on it.

Signature:
[277506.631610] clr-boot-manage[2369580]: segfault at 0 ip 0000558974796218 sp 00007ffca90d9658 error 4 cpu 18 in libc-2.40.so[196218,558974628000+184000] likely on CPU 18 (core 8, socket 0)
[277506.631627] Code: 0f 84 5e fd ff ff 48 89 f8 0f bc c9 f3 a4 c3 0f 1f 00 89 f8 62 a1 fd 00 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 28 01 00 00 <62> f1 7d 20 74 07 c5 fb 93 c0 85 c0 74 1a 0f bc c0 c3 66 0f 1f 44

$ sudo CBM_DEBUG=1 clr-boot-manager update
[DEBUG] cbm (../src/cli/cli.c:L142): No such file: //etc/kernel/update_efi_vars
[INFO] cbm (../src/bootman/bootman.c:L788): Current running kernel: 6.10.12-1467.native
[INFO] cbm (../src/bootman/sysconfig.c:L179): Discovered UEFI ESP: /dev/disk/by-partuuid/cb7f514a-2dd7-445d-9dec-2d5d105c6eee
[INFO] cbm (../src/bootman/sysconfig.c:L256): Fully resolved boot device: /dev/sda1
[DEBUG] cbm (../src/bootman/bootman.c:L141): shim-systemd caps: 0x26, wanted: 0x26
[DEBUG] cbm (../src/bootman/bootman.c:L156): UEFI boot now selected (shim-systemd)
[DEBUG] cbm (../src/bootman/bootman.c:L829): Non regular file: ///etc/kernel/initrd.d/.., skipping.
Segmentation fault

 (gdb) bt
 #0  0x0000555555396218 in __strlen_evex () from /usr/lib64/libc.so.6
 clearlinux#1  0x000055555555b9cc in _boot_manager_enumerate_initrds_freestanding () at ../src/bootman/bootman.c:889
 clearlinux#2  0x000055555555d570 in boot_manager_enumerate_initrds_freestanding () at ../src/bootman/bootman.c:918
 clearlinux#3  0x000055555555b170 in cbm_command_update_do () at ../src/cli/ops/update.c:82
 clearlinux#4  0x000055555555b2ac in cbm_command_update () at ../src/cli/ops/update.c:44
 clearlinux#5  0x000055555555990b in main () at ../src/cli/main.c:296
@bwarden bwarden force-pushed the fix-segfault-in-boot-manager-enumerate-initrds-freestanding branch from 851e7d7 to 014224b Compare October 11, 2024 21:25
@bryteise bryteise merged commit 4e0345e into clearlinux:master Oct 11, 2024
@bwarden
Copy link
Member Author

bwarden commented Oct 11, 2024

Related to clearlinux/distribution#3192

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@bryteise bryteise bryteise approved these changes

@fenrus75 fenrus75 Awaiting requested review from fenrus75

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bwarden @bryteise