verifiers: Add possibility to verify kernel and modules command lines

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2017-02-07 02:10:14 +01:00 · 2017-02-07 02:10:14 +01:00 · 0f20a51812
commit 0f20a51812
parent 03a713b7ab
19 changed files with 139 additions and 56 deletions
--- a/include/grub/lib/cmdline.h
+++ b/include/grub/lib/cmdline.h
@ -21,11 +21,12 @@
 #define GRUB_CMDLINE_HEADER	1

 #include <grub/types.h>
+#include <grub/verify.h>

 #define LINUX_IMAGE "BOOT_IMAGE="

 unsigned int grub_loader_cmdline_size (int argc, char *argv[]);
-int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
-				grub_size_t size);
+grub_err_t grub_create_loader_cmdline (int argc, char *argv[], char *buf,
+				       grub_size_t size, enum grub_verify_string_type type);

 #endif /* ! GRUB_CMDLINE_HEADER */
--- a/include/grub/verify.h
+++ b/include/grub/verify.h
@ -25,6 +25,12 @@ enum grub_verify_flags
    GRUB_VERIFY_FLAGS_SINGLE_CHUNK	= 2
  };

+enum grub_verify_string_type
+  {
+    GRUB_VERIFY_KERNEL_CMDLINE,
+    GRUB_VERIFY_MODULE_CMDLINE,
+  };
+
 struct grub_file_verifier
 {
  struct grub_file_verifier *next;
@ -48,6 +54,8 @@ struct grub_file_verifier

  grub_err_t (*fini) (void *context);
  void (*close) (void *context);
+
+  grub_err_t (*verify_string) (char *str, enum grub_verify_string_type type);
 };

 extern struct grub_file_verifier *grub_file_verifiers;
@ -63,3 +71,6 @@ grub_verifier_unregister (struct grub_file_verifier *ver)
 {
  grub_list_remove (GRUB_AS_LIST (ver));
 }
+
+grub_err_t
+grub_verify_string (char *str, enum grub_verify_string_type type);