[bug #46707] double free when kernel does not match secure boot key

bug-grub

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #46707] double free when kernel does not match secure boot key

From:	Linus Torvalds
Subject:	[bug #46707] double free when kernel does not match secure boot key
Date:	Thu, 17 Dec 2015 23:18:27 +0000
User-agent:	Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36

URL:
  <http://savannah.gnu.org/bugs/?46707>

                 Summary: double free when kernel does not match secure boot
key
                 Project: GNU GRUB
            Submitted by: torvalds
            Submitted on: Thu 17 Dec 2015 11:18:26 PM GMT
                Category: Booting
                Severity: Major
                Priority: 5 - Normal
              Item Group: Software Error
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: Linus Torvalds
        Originator Email: address@hidden
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 
                 Release: 2.02~beta1
         Reproducibility: Every Time
         Planned Release: None

    _______________________________________________________

Details:

I already submitted this to the Fedora bugzilla, since it happens wioth the
F23 grub, which seems to be based on some 2.02 prerelease.

It may be Fedora-specific, but since I tend to try making upstream reports
too, here goes..

When I installed Fedora 23 on my new desktop machine everything worked fine. I
then built my own kernel (of course), and tried to boot it, but I never got
into the kernel, because grub2 failed with:

  double free at 0x616f5760
  Aborted. Press any key to edit.

which is not very helpful, and is obviously a Grub bug.

However, booting the *Fedora* kernel worked fine, so I screatched my head for
a while, and then realized that I had never touched the BIOS secure boot
settings - and I don't sign my kernels with some silly vendor signature.

And sure enough, when I disable secure boot, Grub2 works fine.

So clearly Grub2 does not handle secure boot key failures very gracefully. I
don't expect you to actually boot the kernel, but I would expect a useful
error message, rather than a bug about double free's. Something like

  Not able to boot unsigned kernel in secure mode.
  Aborted. Press any key to edit.

..and hey, if this is all just the Fedora version of Grub2, you can ignore
this bug report, of course.




    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?46707>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[bug #46707] double free when kernel does not match secure boot key, Linus Torvalds <=
- [bug #46707] double free when kernel does not match secure boot key, Vladimir Serbinenko, 2015/12/17

Prev by Date: [bug #46700] AF advanced format drives 4096 sector size are NOT supported
Next by Date: [bug #46691] grub-install always fail when installing into unpartitioned filesystem using blocklist
Previous by thread: problem grub-install after upgrade in wheezy
Next by thread: [bug #46707] double free when kernel does not match secure boot key
Index(es):
- Date
- Thread