loader/i386/linux: Fix initrd maximum address overflow

The current i386 initrd is limited under 1 GiB memory and it works with
most compressed initrds (also initrd_addr_max case reported by kernel).

addr = (addr_max - aligned_size) & ~0xFFF;

Above line is used to calculate the reasonable address to store the initrd.

However, if initrd size is greater than 1 GiB or initrd_addr_max, then it
will get overflow, especially on x86_64 arch.

Therefore, add a check point to prevent it overflows as well as having
a debug log for complex story of initrd addresses.

Signed-off-by: Jeremy Szu <jeremy.szu@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index edd6c2bb1d2301aaa17604d0e435cc9089397e7c..10a367629dfa9282dfb2afb8e1a1cc0f7bb45e05 100644 (file)
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -1085,9 +1085,22 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
 
   addr_min = (grub_addr_t) prot_mode_target + prot_init_space;
 
+  /* Make sure the maximum address is able to store the initrd. */
+  if (addr_max < aligned_size)
+    {
+      grub_error (GRUB_ERR_OUT_OF_RANGE,
+                  N_("the size of initrd is bigger than addr_max"));
+      goto fail;
+    }
+
   /* Put the initrd as high as possible, 4KiB aligned.  */
   addr = (addr_max - aligned_size) & ~0xFFF;
 
+  grub_dprintf ("linux",
+                "Initrd at addr 0x%" PRIxGRUB_ADDR " which is expected in"
+                " ranger 0x%" PRIxGRUB_ADDR " ~ 0x%" PRIxGRUB_ADDR "\n",
+                addr, addr_min, addr_max);
+
   if (addr < addr_min)
     {
       grub_error (GRUB_ERR_OUT_OF_RANGE, "the initrd is too big");