Merged with mainline

normal/auth.c

@@ -22,6 +22,7 @@
 #include <grub/misc.h>
 #include <grub/env.h>
 #include <grub/normal.h>
+#include <grub/time.h>
 
 struct grub_auth_user
 {
@@ -35,17 +36,19 @@ struct grub_auth_user
 struct grub_auth_user *users = NULL;
 
 int
-grub_auth_strcmp (const char *user_input, const char *template)
+grub_auth_strcmp (const char *s1, const char *s2)
 {
-  int ok = 1;
-  const char *ptr1, *ptr2;
-  for (ptr1 = user_input, ptr2 = template; *ptr1; ptr1++)
-    if (*ptr1 == (ptr2 ? *ptr2 : ptr1[1]) && ok && ptr2 != NULL)
-      ptr2++;
-    else
-      ok = 0;
+  int ret;
+  grub_uint64_t end;
 
-  return !ok;
+  end = grub_get_time_ms () + 100;
+  ret = grub_strcmp (s1, s2);
+
+  /* This prevents an attacker from deriving information about the
+     password from the time it took to execute this function.  */
+  while (grub_get_time_ms () < end);
+
+  return ret;
 }
 
 static int
@@ -208,6 +211,7 @@ grub_auth_check_authentication (const char *userlist)
   char login[1024];
   struct grub_auth_user *cur = NULL;
   grub_err_t err;
+  static unsigned long punishment_delay = 1;
 
   auto int hook (grub_list_t item);
   int hook (grub_list_t item)
@@ -228,11 +232,14 @@ grub_auth_check_authentication (const char *userlist)
   grub_memset (login, 0, sizeof (login));
 
   if (is_authenticated (userlist))
-    return GRUB_ERR_NONE;
+    {
+      punishment_delay = 1;
+      return GRUB_ERR_NONE;
+    }
 
   if (!grub_cmdline_get ("Enter username: ", login, sizeof (login) - 1,
 			 0, 0, 0))
-    return GRUB_ACCESS_DENIED;
+    goto access_denied;
 
   grub_list_iterate (GRUB_AS_LIST (users), hook);
 
@@ -242,15 +249,25 @@ grub_auth_check_authentication (const char *userlist)
 
       /* No users present at all.  */
       if (!cur)
-	return GRUB_ACCESS_DENIED;
+	goto access_denied;
 
       /* Display any of available authentication schemes.  */
       err = cur->callback (login, 0);
 
-      return GRUB_ACCESS_DENIED;
+      goto access_denied;
     }
   err = cur->callback (login, cur->arg);
   if (is_authenticated (userlist))
-    return GRUB_ERR_NONE;
+    {
+      punishment_delay = 1;
+      return GRUB_ERR_NONE;
+    }
+
+ access_denied:
+  grub_sleep (punishment_delay);
+
+  if (punishment_delay < GRUB_ULONG_MAX / 2)
+    punishment_delay *= 2;
+
   return GRUB_ACCESS_DENIED;
 }

normal/autofs.c

@@ -25,22 +25,15 @@
 #include <grub/normal.h>
 
 /* This is used to store the names of filesystem modules for auto-loading.  */
-struct grub_fs_module_list
-{
-  char *name;
-  struct grub_fs_module_list *next;
-};
-typedef struct grub_fs_module_list *grub_fs_module_list_t;
-
-static grub_fs_module_list_t fs_module_list = 0;
+static grub_named_list_t fs_module_list;
 
 /* The auto-loading hook for filesystems.  */
 static int
 autoload_fs_module (void)
 {
-  grub_fs_module_list_t p;
+  grub_named_list_t p;
 
-  while ((p = fs_module_list) != 0)
+  while ((p = fs_module_list) != NULL)
     {
       if (! grub_dl_get (p->name) && grub_dl_load (p->name))
 	return 1;
@@ -84,7 +77,7 @@ read_fs_list (void)
 		  char *buf;
 		  char *p;
 		  char *q;
-		  grub_fs_module_list_t fs_mod;
+		  grub_named_list_t fs_mod;
 
 		  buf = grub_file_getline (file);
 		  if (! buf)

normal/dyncmd.c

@@ -83,8 +83,8 @@ read_command_list (void)
 	  file = grub_file_open (filename);
 	  if (file)
 	    {
-	      char *buf = 0;
-	      for (;; grub_free(buf))
+	      char *buf = NULL;
+	      for (;; grub_free (buf))
 		{
 		  char *p, *name, *modname;
 		  grub_command_t cmd;

normal/handler.c

@@ -181,8 +181,8 @@ read_handler_list (void)
 	  file = grub_file_open (filename);
 	  if (file)
 	    {
-	      char *buf = 0;
-	      for (;; grub_free(buf))
+	      char *buf = NULL;
+	      for (;; grub_free (buf))
 		{
 		  char *p;