[Bug 1475337] [NEW] grub-probe can't probe large logical volumes (LVM)
Rarylson Freitas
rarylson at gmail.com
Thu Jul 16 14:32:34 UTC 2015
Public bug reported:
Hi,
I've had a problem when using the `grub-probe` binary to probe large LVM
partitions (for example, a 1.5 TB partition).
This problem was discovered/tested in an Ubuntu 12.04.5.
When trying to probe these large LVM partitions, we get erros like:
$ grub-probe -vvv /PATH/TO/MY/LVM
[...]
grub-core/kern/disk.c:494: Read out of range: sector 0x0 (out of disk).
[...]
grub-probe: error: unknown filesystem.
This bug seems like this one:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1027363
So, a debug the problem and I discovered that the problem occurs due to
an inappropriate multiplication in the file grub-core/disk/lvm.c:
lv->size += seg->extent_count * vg->extent_size;
The lv->size var is an unsigned 64-bits integer. However, the next two
vars are respectively an unsigned int and an int. As the result of
(unsigned int) * (int) is an integer, it's very easy to get a
multiplication overflow (in my case, the result of the multiplication
was zero -> lv->size = 0, resulting in the "out of disk" error).
So, I'm proposing a patch for this bug (file lvm_big_size.patch, to be
applied after all Debian patched):
Index: grub2-1.99/grub-core/disk/lvm.c
===================================================================
--- grub2-1.99.orig/grub-core/disk/lvm.c 2011-04-18 21:16:16.000000000 +0000
+++ grub2-1.99/grub-core/disk/lvm.c 2015-07-16 03:05:41.624035502 +0000
-629,7 +629,8 @@
goto lvs_segment_fail;
p += sizeof("type = \"") - 1;
- lv->size += seg->extent_count * vg->extent_size;
+ lv->size += ((grub_uint64_t) seg->extent_count
+ * (grub_uint64_t) vg->extent_size);
if (grub_memcmp (p, "striped\"",
sizeof ("striped\"") - 1) == 0)
I have already tested this patch using the following commands and it
worked:
quilt push -a
DEB_BUILD_OPTIONS=nocheck fakeroot debian/rules build/grub-coreboot
I'm attaching this patch.
Additional info: I discovered that this bug already exists in the GRUB
upstream (file grub-core/disk/lvm.c, line 466). I will also report after
this bug for them.
** Affects: grub2 (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "lvm_big_size.patch"
https://bugs.launchpad.net/bugs/1475337/+attachment/4430093/+files/lvm_big_size.patch
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/1475337
Title:
grub-probe can't probe large logical volumes (LVM)
Status in grub2 package in Ubuntu:
New
Bug description:
Hi,
I've had a problem when using the `grub-probe` binary to probe large
LVM partitions (for example, a 1.5 TB partition).
This problem was discovered/tested in an Ubuntu 12.04.5.
When trying to probe these large LVM partitions, we get erros like:
$ grub-probe -vvv /PATH/TO/MY/LVM
[...]
grub-core/kern/disk.c:494: Read out of range: sector 0x0 (out of disk).
[...]
grub-probe: error: unknown filesystem.
This bug seems like this one:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1027363
So, a debug the problem and I discovered that the problem occurs due
to an inappropriate multiplication in the file grub-core/disk/lvm.c:
lv->size += seg->extent_count * vg->extent_size;
The lv->size var is an unsigned 64-bits integer. However, the next two
vars are respectively an unsigned int and an int. As the result of
(unsigned int) * (int) is an integer, it's very easy to get a
multiplication overflow (in my case, the result of the multiplication
was zero -> lv->size = 0, resulting in the "out of disk" error).
So, I'm proposing a patch for this bug (file lvm_big_size.patch, to be
applied after all Debian patched):
Index: grub2-1.99/grub-core/disk/lvm.c
===================================================================
--- grub2-1.99.orig/grub-core/disk/lvm.c 2011-04-18 21:16:16.000000000 +0000
+++ grub2-1.99/grub-core/disk/lvm.c 2015-07-16 03:05:41.624035502 +0000
-629,7 +629,8 @@
goto lvs_segment_fail;
p += sizeof("type = \"") - 1;
- lv->size += seg->extent_count * vg->extent_size;
+ lv->size += ((grub_uint64_t) seg->extent_count
+ * (grub_uint64_t) vg->extent_size);
if (grub_memcmp (p, "striped\"",
sizeof ("striped\"") - 1) == 0)
I have already tested this patch using the following commands and it
worked:
quilt push -a
DEB_BUILD_OPTIONS=nocheck fakeroot debian/rules build/grub-coreboot
I'm attaching this patch.
Additional info: I discovered that this bug already exists in the GRUB
upstream (file grub-core/disk/lvm.c, line 466). I will also report
after this bug for them.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1475337/+subscriptions
More information about the foundations-bugs
mailing list