Matthew Garrett
a2599ab047
Rework linux command
...
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel into it
before pulling out the individual blocks later on.
2016-01-05 14:35:17 -08:00
Matthew Garrett
f22ee4487c
Measure kernel + initrd
...
Measure the kernel and initrd when loaded on UEFI systems
2016-01-05 14:35:17 -08:00
Matthew Garrett
76fb8e4341
Fix race in EFI validation
...
The Secure Boot code currently reads the kernel from disk, validates the
signature and then reads it from disk again. A sufficiently exciting storage
device could modify the kernel between these two events and trigger the
execution of an untrusted kernel. Avoid re-reading it in order to ensure
this isn't a problem, and in the process speed up boot by not reading the
kernel twice.
2016-01-05 14:14:54 -08:00
Vladimir Serbinenko
5919626c90
sparc64: Fix assembly to let compiler to fill in memory references.
...
This fixes the use of not fully relocatable (they assume that variables are
under 4G limit in virtual memory) references.
2015-12-31 13:07:16 +01:00
Michael Marineau
286f1b63df
Merge branch 'master' of git://git.savannah.gnu.org/grub
2015-12-17 12:01:00 -08:00
Andrei Borzenkov
f4c143789a
Replace numbers with grub_memory_type_t enums
2015-11-27 19:52:16 +03:00
Vladimir Serbinenko
e0bd66c314
multiboot: Don't rely on particular ordering of options.
2015-11-12 11:54:38 +01:00
Vladimir Serbinenko
95ba04606f
multiboot_mbi: Fix handling of --quirk-bad-kludge.
2015-11-12 11:54:13 +01:00
Fu Wei
a771a7b9f6
xen_boot: Remove useless file_name_index variable.
2015-11-12 11:33:55 +01:00
Vladimir Serbinenko
25a9b8f208
fdt.mod: Move license tag to the right file.
2015-11-09 16:15:30 +01:00
Fu Wei
372400b419
fdt.mod: Add missing license tag.
2015-11-09 15:27:59 +01:00
Fu Wei
83cb45e982
arm64: Add support for xen boot protocol.
2015-10-29 15:24:20 +01:00
Vladimir Serbinenko
4d0cb75538
arm64: Move FDT functions to separate module
2015-10-29 14:06:45 +01:00
Michael Marineau
91391dc52b
Merge pull request #14 from coreos/gnu
...
Merge upstream GRUB changes
2015-08-13 13:32:56 -07:00
Michael Marineau
c7c750ecc2
Merge upstream changes as of April 29th
2015-07-31 15:41:48 -07:00
Bernhard Übelacker
61c778f640
loader/linux: Make trailer initrd entry aligned again.
...
Regression from commit:
loader/linux: do not pad initrd with zeroes at the end
a8c473288d
Wimboot fails since the change above because it expects the "trailer"
initrd element on an aligned address.
This issue shows only when newc_name is used and the last initrd
entry has a not aligned size.
2015-07-20 19:07:20 +03:00
Andrei Borzenkov
c058e85615
chainloader: fix resoource leak
...
Found by: Coverity scan.
CID: 96651
2015-06-26 09:25:30 +03:00
Andrei Borzenkov
806bb7999d
loader/bsd: fix memory leak
...
Found by: Coverity scan.
CID: 96662, 96665
2015-06-26 09:25:30 +03:00
Matthew Garrett
e5ee3e8fa5
Add verity hash passthrough
...
Read the verity hash from the kernel binary and pass it to the running
system via the kernel command line
2015-06-23 13:15:53 -07:00
Andrei Borzenkov
867c9b7bec
loader/bsd: free memory leaks
...
Found by: Coverity scan.
CID: 96671, 96658, 96653
2015-06-20 23:38:19 +03:00
Andrei Borzenkov
4a857e63c1
loader/bsd: free memory leaks
...
Found by: Coverity scan.
CID: 96682
2015-06-20 23:38:18 +03:00
Andrei Borzenkov
eb33e61b31
multiboot: fix memory leak
...
Found by: Coverity scan.
CID: 96684
2015-06-20 23:38:18 +03:00
Andrei Borzenkov
20211c0077
loader/bsd: fix memory leak
...
Found by: Coverity scan.
CID: 96686
2015-06-20 23:38:18 +03:00
Andrei Borzenkov
e261fcf4c6
xnu: fix use after free
...
Found by: Coverity scan.
CID: 96706
2015-06-20 23:38:18 +03:00
Andrei Borzenkov
c069460259
efi/chainloader: fix use after free
...
Found by: Coverity scan.
CID: 96714
2015-06-20 23:38:17 +03:00
Vladimir Serbinenko
c856be6bca
multiboot1: never place modules in low memory.
...
While in theory permitted by the spec, modules rarely fit in low memory
anyway and not every kernel is able to handle modules in low memory anyway.
At least VMWare is known not to be able to handle modules at arbitrary
locations.
2015-05-27 08:41:39 +02:00
Andrei Borzenkov
a8c473288d
loader/linux: do not pad initrd with zeroes at the end
...
Syslinux memdisk is using initrd image and needs to know uncompressed
size in advance. For gzip uncompressed size is at the end of compressed
stream. Grub padded each input file to 4 bytes at the end, which means
syslinux got wrong size.
Linux initramfs loader apparently does not care about trailing alignment.
So change code to align beginning of each file instead which atomatically
gives us the correct size for single file.
Reported-By: David Shaw <dshaw@jabberwocky.com>
2015-05-07 20:24:24 +03:00
Vladimir Serbinenko
e5b4ba8c2b
linux.c: Ensure that initrd is page-aligned.
2015-05-07 16:23:39 +02:00
Vladimir Serbinenko
9f731abc7f
Revert parts accidentally committed 2 commits ago.
2015-05-07 16:21:34 +02:00
Fu Wei
f8451af825
arm64: Export useful functions from linux.c
...
Signed-off-by: Fu Wei <fu.wei@linaro.org>
2015-05-07 15:11:04 +02:00
Matthew Garrett
9b669efb38
Fail validation if we can't find shim and Secure Boot is enabled
...
If grub is signed with a key that's in the trusted EFI keyring, an attacker
can point a boot entry at grub rather than at shim and grub will fail to
locate the shim verification protocol. This would then allow booting an
arbitrary kernel image. Fail validation if Secure Boot is enabled and we
can't find the shim protocol in order to prevent this.
2015-04-22 12:47:49 -07:00
Sarah Newman
7d39938474
grub-core/loader/i386/xen.c: Initialized initrd_ctx so we don't free a random pointer from the stack.
...
Signed-off-by: Sarah Newman <srn@prgmr.com>
2015-03-28 07:14:17 +03:00
Vladimir Serbinenko
7ea452a142
Add missing grub_ prefix in memcpy invocation
2015-02-23 22:29:33 +01:00
Daniel Kiper
8e5bc2f4d3
multiboot2: Fix information request tag size calculation
...
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
2015-02-14 19:26:04 +03:00
Andrei Borzenkov
fbb4aa1c05
loader/xnu: fix memory leak.
...
Foound by: Coverity scan.
2015-01-27 22:12:06 +03:00
Vladimir Serbinenko
9ee5ae1fae
Document intentional fallthroughs.
...
Found by: Coverity scan.
2015-01-27 17:17:58 +01:00
Vladimir Serbinenko
a05a6e6f92
xnu: Add missing error check.
...
Found by: Coveriy scan.
2015-01-26 09:45:55 +01:00
Vladimir Serbinenko
e12c3bed90
plan9: Add missing grub_device_close.
...
Found by: Coverity scan.
2015-01-26 09:45:37 +01:00
Vladimir Serbinenko
ef02b4ca93
multiboot: Simplify to avoid confusing assignment.
...
Found by: Coverity scan.
2015-01-26 09:43:52 +01:00
Vladimir Serbinenko
1e0d718371
bsd: Add missing null-pointer check.
...
Found by: Coverity scan.
2015-01-26 09:42:42 +01:00
Vladimir Serbinenko
b666e01b9c
* grub-core/loader/i386/xnu.c (guessfsb): Avoid division by 0.
2015-01-21 17:42:14 +01:00
Vladimir Serbinenko
59d4036594
Replace explicit sizeof divisions by ARRAY_SIZE.
2015-01-21 17:37:31 +01:00
Andrei Borzenkov
3173c7501c
grub-core/loader/i386/xen_fileXX.c: memory leak in grub_xen_get_infoXX
...
CID: 73645, 73782
2014-12-01 21:23:54 +03:00
Matthew Garrett
0de7775230
Add support for linuxefi
2014-11-05 20:40:53 -08:00
Andrei Borzenkov
9a67e1ac8e
Use full initializer for initrd_ctx to avoid fatal warnings with older GCC
...
struct ... foo = { 0, } is valid initializer, but older GCC emits
warning which is fatal error due to -Werror=missing-field-initializer.
So simply use full initializer to avoid these errors. This was fixed
probably in GCC 4.7.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36750
2014-10-14 20:12:15 +04:00
Andrey Borzenkov
954fe77163
cleanup: grub_cpu_to_XXX_compile_time for constants
...
This tries to catch all cases where grub_cpu_to_XXX was used for constant
expressions (including sizeof).
2014-09-22 20:47:10 +04:00
Peter Jones
631a820038
Initialized initrd_ctx so we don't free a random pointer from the stack.
...
Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
into grub_initrd_close() without grub_initrd_init() being called, and thus
it never clears initrd_ctx->components. grub_initrd_close() then frees that
address, which is stale data from the stack. If the stack happens to have a
stale *address* there that matches a recent allocation, then you'll get a
double free later.
So initialize the memory up front.
Signed-off-by: Peter Jones <pjones@redhat.com>
2014-09-21 10:36:42 +04:00
Stephane Rochoy
15bd333e10
* grub-core/loader/i386/bsd.c (grub_netbsd_boot): Pass pointer to
...
EFI system table.
2014-06-22 01:35:52 +02:00
Vladimir Serbinenko
8063ce197f
Replace few instances of memcmp/memcpy in the code that should be grub_memcmp/grub_memcpy.
2014-04-04 07:58:42 +02:00
Fu Wei
68f17b2b30
* grub-core/loader/arm64/linux.c: Remove redundant "0x".
2014-03-26 08:13:07 +01:00
Vladimir Serbinenko
86402b4e0f
* include/grub/i386/openbsd_bootarg.h: Add addr and frequency fields.
...
* grub-core/loader/i386/bsd.c (grub_cmd_openbsd): Fill addr field.
Suggested by: Markus Müller.
2014-02-28 10:50:05 +01:00
Vladimir Serbinenko
4a70fed815
* grub-core/loader/i386/multiboot_mbi.c (grub_multiboot_make_mbi): Limit
...
location to 640K.
2014-02-28 09:48:57 +01:00
Vladimir Serbinenko
61c8482b20
Fix several translatable strings.
...
Suggested by: D. Prévot.
2014-01-24 18:20:27 +01:00
Andrey Borzenkov
f371dd5da8
fix include loop on MinGW due to libintl.h pulling stdio.h
...
In file included from ./include/grub/dl.h:23:0,
from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/list.h:34:18: warning: conflicting types for 'grub_list_push' [en
abled by default]
void EXPORT_FUNC(grub_list_push) (grub_list_t *head, grub_list_t item);
^
./include/grub/symbol.h:68:25: note: in definition of macro 'EXPORT_FUNC'
# define EXPORT_FUNC(x) x
^
In file included from ./include/grub/fs.h:30:0,
from ./include/grub/file.h:25,
from ./grub-core/lib/posix_wrap/stdio.h:23,
from c:\mingw\include\libintl.h:314,
from ./include/grub/i18n.h:33,
from ./include/grub/misc.h:27,
from ./include/grub/list.h:25,
from ./include/grub/dl.h:28,
from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/partition.h:106:3: note: previous implicit declaration of 'grub_l
ist_push' was here
grub_list_push (GRUB_AS_LIST_P (&grub_partition_map_list),
^
list.h needs just ATTRIBUTE_ERROR from misc.h; split compiler features
into separate file grub/compiler.h and include it instead.
2014-01-18 21:22:57 +04:00
Leif Lindholm
4d21c10199
arm64: set correct length of device path end entry
...
The length of the Device Path End entry in the grub_linux_boot()
function was incorrectly set to 0. This triggers an assert failure
in debug builds of Tianocore.
Set it to sizeof (grub_efi_device_path_t).
2014-01-07 17:52:50 +00:00
Vladimir Serbinenko
da98622662
Declare GRUB_EFI_VENDOR_APPLE_GUID.
2013-12-24 14:14:19 +01:00
Vladimir Serbinenko
74fa9ac1a6
* include/grub/arm64/linux.h: Remove leftovers. Add missing prefixes.
2013-12-23 05:56:31 +01:00
Vladimir Serbinenko
62956fe7b9
* grub-core/loader/arm64/linux.c: Add missing bracket.
2013-12-23 05:34:13 +01:00
Vladimir Serbinenko
bbc52c228f
Enable cache on ARM U-Boot port.
...
Without it the port is reidiculously slow.
2013-12-23 05:01:58 +01:00
Leif Lindholm
30a9ab952f
arm64: add EFI Linux loader
...
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
2013-12-22 18:38:44 +00:00
Vladimir Serbinenko
37f617c025
* grub-core/loader/arm/linux.c: Pass arguments through on ATAG
...
platforms.
2013-12-22 18:14:00 +01:00
Vladimir Serbinenko
0d8b81f89a
Fix ARM Linux Loader on non-FDT platforms.
2013-12-22 00:30:19 +01:00
Vladimir Serbinenko
bfdfeb2508
Clarify several translatable messages.
2013-12-21 01:41:16 +01:00
Vladimir Serbinenko
72c9a50773
Remove xen VFB.
...
Due to XEN bug it prevents Linux boot. Remove it at least, until
workaround is found.
2013-12-18 18:43:09 +01:00
Vladimir Serbinenko
64dd5fdc00
Add missing license section in macbless.mod and macho.mod.
2013-12-18 17:11:11 +01:00
Vladimir Serbinenko
9246d5c8a4
* grub-core/commands/fileXX.c: Silence cast-align.
...
* grub-core/loader/i386/xen_fileXX.c: Likewise.
2013-12-18 07:40:43 +01:00
Vladimir Serbinenko
bc8dd11952
* grub-core/loader/arm/linux.c: Use common initrd functions.
2013-12-18 07:34:28 +01:00
Vladimir Serbinenko
57a691b7e7
Decrease number of strings to translate.
2013-12-18 07:26:13 +01:00
Vladimir Serbinenko
184c61ddce
Add Radeon Yeeloong 3A support.
2013-12-17 22:52:04 +01:00
Vladimir Serbinenko
3e88fbfa6e
* grub-core/loader/machoXX.c: Fix compilation on non-i386.
2013-12-17 22:44:46 +01:00
Vladimir Serbinenko
1123bed944
* grub-core/loader/i386/xen_fileXX.c: Silence cast-align.
2013-12-17 20:47:31 +01:00
Vladimir Serbinenko
ebda165f3a
* grub-core/loader/macho.c: Fix compilation on non-i386.
2013-12-17 20:46:33 +01:00
Vladimir Serbinenko
1f032575bb
* grub-core/loader/multiboot_mbi2.c: Implement special value for load_addr.
2013-12-17 15:14:50 +01:00
Vladimir Serbinenko
3086175489
Implement Truecrypt ISO loader.
2013-12-17 14:45:46 +01:00
Vladimir Serbinenko
ec824e0f2a
Implement grub_file tool and use it to implement generating of config
...
in separate root.
2013-12-17 14:39:48 +01:00
Vladimir Serbinenko
71669c3b76
Implement XEN VFB support.
2013-12-17 13:07:26 +01:00
Vladimir Serbinenko
111bf5db8b
* grub-core/loader/i386/linux.c: Use grub_addr_t rather than long when
...
appropriate.
2013-12-15 14:37:12 +01:00
Vladimir Serbinenko
24ca71c93b
* grub-core/loader/i386/linux.c: Use %p rather than %lx for pointers.
2013-12-15 14:35:18 +01:00
Vladimir Serbinenko
7e47e27bd8
Add gcc_struct to all packed structures when compiling with mingw.
...
Just "packed" doesn't always pack the way we expect.
2013-12-15 14:14:30 +01:00
Vladimir Serbinenko
0df77d793c
Implement multiboot2 EFI BS specification.
2013-12-13 12:56:14 +01:00
Vladimir Serbinenko
44bbfa33b8
Propagate the EFI commits to x86-efi specific parts.
2013-12-11 16:11:17 +01:00
Vladimir Serbinenko
219401b8b9
* include/grub/efi/api.h (grub_efi_device_path): Define length as
...
unaligned u16 rather than u8[2].
2013-12-11 15:54:01 +01:00
Vladimir Serbinenko
d5bab2c0e1
* grub-core/loader/i386/bsd.c: Remove variable length arrays.
2013-11-12 16:14:33 +01:00
Vladimir Serbinenko
87d62d7d29
* grub-core/loader/i386/coreboot/chainloader.c (load_segment): Use
...
right buffer for temporary load.
2013-11-11 00:06:52 +01:00
Vladimir Serbinenko
5460cfeba8
* grub-core/loader/i386/coreboot/chainloader.c: Support tianocore.
2013-11-10 23:26:25 +01:00
Vladimir Serbinenko
8997730612
* grub-core/loader/i386/coreboot/chainloader.c: Support lzma-compressed
...
payload.
2013-11-10 20:53:27 +01:00
Vladimir Serbinenko
9612ebc00e
Add new ports: i386-xen and x86_64-xen. This allows running GRUB in
...
XEN PV environment and load kernels.
2013-11-09 21:29:11 +01:00
Vladimir Serbinenko
1a46a3a4b3
* grub-core/loader/i386/multiboot_mbi.c: Handle space in command line.
...
* grub-core/loader/multiboot_mbi2.c: Likewise.
2013-11-09 17:32:37 +01:00
Vladimir Serbinenko
47dcf7b176
* grub-core/loader/multiboot_mbi2.c (grub_multiboot_add_module): Fix
...
NULL pointer dereference.
2013-11-08 04:59:46 +01:00
Vladimir Serbinenko
7f084087b2
* grub-core/net/net.c (grub_net_route_unregister): Remove unused
...
function.
* grub-core/loader/i386/xnu.c (hextoval): Likewise.
* grub-core/disk/geli.c (ascii2hex): Likewise.
2013-11-07 19:31:22 +01:00
Vladimir Serbinenko
e7b66a28de
* grub-core/loader/sparc64/ieee1275/linux.c (get_physbase): Fix
...
signature.
2013-11-02 18:57:35 +01:00
Vladimir Serbinenko
93c120754a
* grub-core/loader/multiboot_mbi2.c: Implement network tag.
2013-10-28 15:53:39 +01:00
Vladimir Serbinenko
1ca4b75ec2
* grub-core/loader/multiboot_mbi2.c: Add EFI memory map to the list
...
of supported tags.
2013-10-28 15:40:34 +01:00
Vladimir Serbinenko
329550c4a9
* grub-core/loader/multiboot_mbi2.c: Implement EFI memory map.
2013-10-28 15:37:00 +01:00
Vladimir Serbinenko
00bfa988fc
* grub-core/loader/multiboot.c: Add support for multiboot kernels
...
quirks.
2013-10-28 15:23:46 +01:00
Vladimir Serbinenko
81afc5cce6
* grub-core/loader/i386/linux.c (allocate_pages): Allocate at least
...
a page in protected space.
2013-10-28 14:30:29 +01:00
Vladimir Serbinenko
cb3c4a4722
* grub-core/loader/multiboot.c (grub_cmd_module): Don't attempt to
...
allocate space for zero-sized modules.
2013-10-28 14:27:19 +01:00
Vladimir Serbinenko
954f7bf5ec
* grub-core/loader/xnu_resume.c (grub_xnu_resume): Reject empty images.
2013-10-28 14:25:22 +01:00
Vladimir Serbinenko
8b46b0ea36
* grub-core/loader/i386/bsd.c (grub_cmd_openbsd): Accept "sd", "cd",
...
"vnd", "rd" and "fd" disks.
2013-10-27 18:59:27 +01:00
Vladimir Serbinenko
c81acb7ff3
Consolidate cpuid code.
2013-10-27 00:02:01 +02:00