verifiers: File type for fine-grained signature-verification controlling

Let's provide file type info to the I/O layer. This way verifiers framework and its users will be able to differentiate files and verify only required ones. This is preparatory patch. Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com> Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com> Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2013-11-20 02:28:29 +01:00 · 2013-11-20 02:28:29 +01:00 · aebe31c375
commit aebe31c375
parent e1bc2b23f1
70 changed files with 292 additions and 221 deletions
--- a/grub-core/loader/i386/bsd.c
+++ b/grub-core/loader/i386/bsd.c
@ -1457,7 +1457,7 @@ grub_bsd_load (int argc, char *argv[])
      goto fail;
    }

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_BSD_KERNEL);
  if (!file)
    goto fail;

@ -1534,7 +1534,7 @@ grub_cmd_freebsd (grub_extcmd_context_t ctxt, int argc, char *argv[])
 	  if (err)
 	    return err;

-	  file = grub_file_open (argv[0]);
+	  file = grub_file_open (argv[0], GRUB_FILE_TYPE_BSD_KERNEL);
 	  if (! file)
 	    return grub_errno;

@ -1693,7 +1693,7 @@ grub_cmd_netbsd (grub_extcmd_context_t ctxt, int argc, char *argv[])
 	{
 	  grub_file_t file;

-	  file = grub_file_open (argv[0]);
+	  file = grub_file_open (argv[0], GRUB_FILE_TYPE_BSD_KERNEL);
 	  if (! file)
 	    return grub_errno;

@ -1802,7 +1802,7 @@ grub_cmd_freebsd_loadenv (grub_command_t cmd __attribute__ ((unused)),
      goto fail;
    }

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_FREEBSD_ENV);
  if ((!file) || (!file->size))
    goto fail;

@ -1907,7 +1907,7 @@ grub_cmd_freebsd_module (grub_command_t cmd __attribute__ ((unused)),
      return 0;
    }

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_FREEBSD_MODULE);
  if ((!file) || (!file->size))
    goto fail;

@ -1958,7 +1958,7 @@ grub_netbsd_module_load (char *filename, grub_uint32_t type)
  void *src;
  grub_err_t err;

-  file = grub_file_open (filename);
+  file = grub_file_open (filename, GRUB_FILE_TYPE_NETBSD_MODULE);
  if ((!file) || (!file->size))
    goto fail;

@ -2048,7 +2048,7 @@ grub_cmd_freebsd_module_elf (grub_command_t cmd __attribute__ ((unused)),
      return 0;
    }

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_FREEBSD_MODULE_ELF);
  if (!file)
    return grub_errno;
  if (!file->size)
@ -2088,7 +2088,7 @@ grub_cmd_openbsd_ramdisk (grub_command_t cmd __attribute__ ((unused)),
  if (!openbsd_ramdisk.max_size)
    return grub_error (GRUB_ERR_BAD_OS, "your kOpenBSD doesn't support ramdisk");

-  file = grub_file_open (args[0]);
+  file = grub_file_open (args[0], GRUB_FILE_TYPE_OPENBSD_RAMDISK);
  if (! file)
    return grub_errno;

--- a/grub-core/loader/i386/coreboot/chainloader.c
+++ b/grub-core/loader/i386/coreboot/chainloader.c
@ -439,7 +439,7 @@ grub_cmd_chain (grub_command_t cmd __attribute__ ((unused)),

  grub_loader_unset ();

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_COREBOOT_CHAINLOADER);
  if (!file)
    return grub_errno;

--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@ -656,7 +656,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
      goto fail;
    }

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL);
  if (! file)
    goto fail;

--- a/grub-core/loader/i386/pc/chainloader.c
+++ b/grub-core/loader/i386/pc/chainloader.c
@ -172,8 +172,8 @@ grub_chainloader_cmd (const char *filename, grub_chainloader_flags_t flags)

  grub_dl_ref (my_mod);

-  grub_file_filter_disable_compression ();
-  file = grub_file_open (filename);
+  file = grub_file_open (filename, GRUB_FILE_TYPE_PCCHAINLOADER
+			 | GRUB_FILE_TYPE_NO_DECOMPRESS);
  if (! file)
    goto fail;

--- a/grub-core/loader/i386/pc/freedos.c
+++ b/grub-core/loader/i386/pc/freedos.c
@ -110,7 +110,7 @@ grub_cmd_freedos (grub_command_t cmd __attribute__ ((unused)),
  if (!rel)
    goto fail;

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_FREEDOS);
  if (! file)
    goto fail;

--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@ -141,7 +141,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
      goto fail;
    }

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL);
  if (! file)
    goto fail;

--- a/grub-core/loader/i386/pc/ntldr.c
+++ b/grub-core/loader/i386/pc/ntldr.c
@ -90,7 +90,7 @@ grub_cmd_ntldr (grub_command_t cmd __attribute__ ((unused)),
  if (!rel)
    goto fail;

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_NTLDR);
  if (! file)
    goto fail;

--- a/grub-core/loader/i386/pc/plan9.c
+++ b/grub-core/loader/i386/pc/plan9.c
@ -413,7 +413,7 @@ grub_cmd_plan9 (grub_extcmd_context_t ctxt, int argc, char *argv[])
  if (!rel)
    goto fail;

-  fill_ctx.file = grub_file_open (argv[0]);
+  fill_ctx.file = grub_file_open (argv[0], GRUB_FILE_TYPE_PLAN9_KERNEL);
  if (! fill_ctx.file)
    goto fail;

--- a/grub-core/loader/i386/pc/pxechainloader.c
+++ b/grub-core/loader/i386/pc/pxechainloader.c
@ -99,7 +99,7 @@ grub_cmd_pxechain (grub_command_t cmd __attribute__ ((unused)),
  if (!rel)
    goto fail;

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_PXECHAINLOADER);
  if (! file)
    goto fail;

--- a/grub-core/loader/i386/pc/truecrypt.c
+++ b/grub-core/loader/i386/pc/truecrypt.c
@ -99,7 +99,7 @@ grub_cmd_truecrypt (grub_command_t cmd __attribute__ ((unused)),

  grub_dl_ref (my_mod);

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_TRUECRYPT);
  if (! file)
    goto fail;

--- a/grub-core/loader/i386/xen.c
+++ b/grub-core/loader/i386/xen.c
@ -648,7 +648,7 @@ grub_cmd_xen (grub_command_t cmd __attribute__ ((unused)),
 			      (char *) xen_state.next_start.cmd_line,
 			      sizeof (xen_state.next_start.cmd_line) - 1);

-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL);
  if (!file)
    return grub_errno;

@ -895,9 +895,8 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),

  xen_state.max_addr = ALIGN_UP (xen_state.max_addr, PAGE_SIZE);

-  if (nounzip)
-    grub_file_filter_disable_compression ();
-  file = grub_file_open (argv[0]);
+  file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_INITRD |
+			 (nounzip ? GRUB_FILE_TYPE_NO_DECOMPRESS : GRUB_FILE_TYPE_NONE));
  if (!file)
    return grub_errno;
  size = grub_file_size (file);
--- a/grub-core/loader/i386/xen_file.c
+++ b/grub-core/loader/i386/xen_file.c
@ -90,7 +90,7 @@ grub_xen_file_and_cmdline (grub_file_t file,
     Trim it.  */
  if (grub_memcmp (magic, XZ_MAGIC, sizeof (XZ_MAGIC) - 1) == 0)
    payload_length -= 4;
-  off_file = grub_file_offset_open (file, payload_offset,
+  off_file = grub_file_offset_open (file, GRUB_FILE_TYPE_LINUX_KERNEL, payload_offset,
 				    payload_length);
  if (!off_file)
    goto fail;
--- a/grub-core/loader/i386/xnu.c
+++ b/grub-core/loader/i386/xnu.c
@ -487,7 +487,7 @@ grub_cmd_devprop_load (grub_command_t cmd __attribute__ ((unused)),
  if (argc != 1)
    return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));

-  file = grub_file_open (args[0]);
+  file = grub_file_open (args[0], GRUB_FILE_XNU_DEVPROP);
  if (! file)
    return grub_errno;
  size = grub_file_size (file);