mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-17 02:36:21 +00:00
2d3862d26e
When loading x86 64bit kernel above 4GiB with patched grub2, got kernel
gunzip error.
| early console in decompress_kernel
| decompress_kernel:
| input: [0x807f2143b4-0x807ff61aee]
| output: [0x807cc00000-0x807f3ea29b] 0x027ea29c: output_len
| boot via startup_64
| KASLR using RDTSC...
| new output: [0x46fe000000-0x470138cfff] 0x0338d000: output_run_size
| decompress: [0x46fe000000-0x47007ea29b] <=== [0x807f2143b4-0x807ff61aee]
|
| Decompressing Linux... gz...
|
| uncompression error
|
| -- System halted
the new buffer is at 0x46fe000000ULL, decompressor_gzip is using
0xffffffb901ffffff as out_len. gunzip in lib/zlib_inflate/inflate.c cap
that len to 0x01ffffff and decompress fails later.
We could hit this problem with crashkernel booting that uses kexec loading
kernel above 4GiB.
We have decompress_* support:
1. inbuf[]/outbuf[] for kernel preboot.
2. inbuf[]/flush() for initramfs
3. fill()/flush() for initrd.
This bug only affect kernel preboot path that use outbuf[].
Add __decompress and take real out_buf_len for gunzip instead of guessing
wrong buf size.
Fixes: 1431574a1c4 (lib/decompressors: fix "no limit" output buffer length)
Signed-off-by: Yinghai Lu <yinghai@kernel.org>
Cc: Alexandre Courbot <acourbot@nvidia.com>
Cc: Jon Medhurst <tixy@linaro.org>
Cc: Stephen Warren <swarren@wwwdotorg.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
93 lines
1.8 KiB
C
93 lines
1.8 KiB
C
/*
|
|
* arch/m32r/boot/compressed/misc.c
|
|
*
|
|
* This is a collection of several routines from gzip-1.0.3
|
|
* adapted for Linux.
|
|
*
|
|
* malloc by Hannu Savolainen 1993 and Matthias Urlichs 1994
|
|
*
|
|
* Adapted for SH by Stuart Menefy, Aug 1999
|
|
*
|
|
* 2003-02-12: Support M32R by Takeo Takahashi
|
|
*/
|
|
|
|
/*
|
|
* gzip declarations
|
|
*/
|
|
#define STATIC static
|
|
|
|
#undef memset
|
|
#undef memcpy
|
|
#define memzero(s, n) memset ((s), 0, (n))
|
|
|
|
static void error(char *m);
|
|
|
|
#include "m32r_sio.c"
|
|
|
|
static unsigned long free_mem_ptr;
|
|
static unsigned long free_mem_end_ptr;
|
|
|
|
#ifdef CONFIG_KERNEL_BZIP2
|
|
void *memset(void *s, int c, size_t n)
|
|
{
|
|
char *ss = s;
|
|
|
|
while (n--)
|
|
*ss++ = c;
|
|
return s;
|
|
}
|
|
#endif
|
|
|
|
#ifdef CONFIG_KERNEL_GZIP
|
|
void *memcpy(void *dest, const void *src, size_t n)
|
|
{
|
|
char *d = dest;
|
|
const char *s = src;
|
|
while (n--)
|
|
*d++ = *s++;
|
|
|
|
return dest;
|
|
}
|
|
|
|
#define BOOT_HEAP_SIZE 0x10000
|
|
#include "../../../../lib/decompress_inflate.c"
|
|
#endif
|
|
|
|
#ifdef CONFIG_KERNEL_BZIP2
|
|
#define BOOT_HEAP_SIZE 0x400000
|
|
#include "../../../../lib/decompress_bunzip2.c"
|
|
#endif
|
|
|
|
#ifdef CONFIG_KERNEL_LZMA
|
|
#define BOOT_HEAP_SIZE 0x10000
|
|
#include "../../../../lib/decompress_unlzma.c"
|
|
#endif
|
|
|
|
static void error(char *x)
|
|
{
|
|
puts("\n\n");
|
|
puts(x);
|
|
puts("\n\n -- System halted");
|
|
|
|
while(1); /* Halt */
|
|
}
|
|
|
|
void
|
|
decompress_kernel(int mmu_on, unsigned char *zimage_data,
|
|
unsigned int zimage_len, unsigned long heap)
|
|
{
|
|
unsigned char *input_data = zimage_data;
|
|
int input_len = zimage_len;
|
|
unsigned char *output_data;
|
|
|
|
output_data = (unsigned char *)CONFIG_MEMORY_START + 0x2000
|
|
+ (mmu_on ? 0x80000000 : 0);
|
|
free_mem_ptr = heap;
|
|
free_mem_end_ptr = free_mem_ptr + BOOT_HEAP_SIZE;
|
|
|
|
puts("\nDecompressing Linux... ");
|
|
__decompress(input_data, input_len, NULL, NULL, output_data, 0,
|
|
NULL, error);
|
|
puts("done.\nBooting the kernel.\n");
|
|
}
|