Michael Marineau
8278022a0b
gpt: improve validation of GPT headers
...
Adds basic validation of all the disk locations in the headers, reducing
the chance of corrupting weird locations on disk.
2016-08-22 17:51:48 -07:00
Michael Marineau
1c205c2c4d
Merge pull request #31 from marineam/verbose-debug
...
Add verbose debug logging to biosdisk and gpt
2016-08-22 17:22:34 -07:00
Michael Marineau
c2f5fde6ab
gpt: add verbose debug logging
2016-08-22 13:02:29 -07:00
Michael Marineau
d38d2d0fb1
biosdisk: add verbose debug logging
2016-08-22 13:02:29 -07:00
Michael Marineau
3d1efb83ed
Merge pull request #32 from marineam/tpm
...
tpm: fix warnings when compiling for platforms other than pc and efi
2016-08-22 12:53:07 -07:00
Michael Marineau
2de6ebf196
tpm: fix warnings when compiling for platforms other than pc and efi
2016-08-21 18:45:02 -07:00
Michael Marineau
a7b0b20c87
Merge pull request #30 from marineam/fwcfg
...
fwconfig: fix unused argument warning
2016-08-21 11:21:47 -07:00
Michael Marineau
9a8cd5a16a
fwconfig: fix unused argument warning
2016-08-20 17:54:47 -07:00
Michael Marineau
2ff7bd91eb
Merge pull request #29 from marineam/big-bad-disk
...
gpt: do not use disk sizes GRUB will reject as invalid later on
2016-07-25 16:05:48 -07:00
Nick Owens
d4602dd67f
Merge pull request #28 from mischief/client-arch
...
net: add client arch and fix user class/terminator
2016-07-25 15:55:23 -07:00
Michael Marineau
a8ad608425
gpt: do not use disk sizes GRUB will reject as invalid later on
...
GRUB assumes that no disk is ever larger than 1EiB and rejects
reads/writes to such locations. Unfortunately this is not conveyed in
the usual way with the special GRUB_DISK_SIZE_UNKNOWN value.
2016-07-25 15:35:01 -07:00
Nick Owens
fbf65674a4
net: add client arch and fix user class/terminator
...
send client arch in bootp requests, for now BIOS and x64/aarch64 EFI is
supported.
fix a bug introduced in 4d5d7be005
where
user class was encoded improperly, although this didn't seem to have any
detrimental effects.
properly insert an option terminator.
2016-07-08 15:39:04 -07:00
Nick Owens
a1724dace5
Merge pull request #27 from mischief/cmddevice
...
set cmddevice when cmdpath is set
2016-06-01 14:08:23 -07:00
Nick Owens
5470929309
set cmddevice when cmdpath is set
2016-06-01 13:55:45 -07:00
Nick Owens
68ae3c416b
Merge pull request #26 from mischief/getenv-efi
...
grub-core: enable getenv for all efi targets
2016-04-14 15:03:43 -07:00
Nick Owens
70b45a45b9
grub-core: enable getenv for all efi targets
2016-04-14 14:47:39 -07:00
mjg59
ad906495e1
Merge pull request #25 from mjg59/tpm
...
Fix event log prefix
2016-03-29 21:29:47 -07:00
Matthew Garrett
aab446306b
Fix event log prefix
...
We're not passing the prefixed version of the description to the event log.
Fix that.
2016-03-29 15:36:49 -07:00
mjg59
a067b998e0
Merge pull request #24 from mjg59/coreos
...
Netboot updates
2016-03-24 15:12:06 -07:00
Matthew Garrett
954fd730ca
Allow protocol to be separated from host with a semicolon
...
Some DHCP servers (such as dnsmasq) tokenise parameters with commas, making
it impossible to pass boot files with commas in them. Allow using a semicolon
to separate the protocol from host if a comma wasn't found.
2016-03-24 13:47:19 -07:00
Matthew Garrett
75b4826d15
Tag the bootp request as a DHCP discover
2016-03-24 13:46:54 -07:00
Matthew Garrett
ec0051a569
Don't allocate a new address buffer if we receive multiple responses
...
The current logic in the DNS resolution code allocates an address buffer
based on the number of addresses in the response packet. If we receive
multiple response packets in response to a single query packet, this means
that we will reallocate a new buffer large enough for only the addresses in
that specific packet, discarding any previous results in the process. Worse,
we still keep track of the *total* number of addresses resolved in response
to this query, not merely the number in the packet being currently processed.
Use realloc() rather than malloc() to avoid overwriting the existing data,
and allocate a buffer large enough for the total set of addresses rather
than merely the number in this specific response.
2016-03-24 13:46:42 -07:00
mjg59
e1b2b265af
Merge pull request #23 from mjg59/coreos
...
TPM fixes
2016-03-24 10:26:40 -07:00
Matthew Garrett
bb3473d7c8
Rework TPM measurements
...
Rework TPM measurements to use fewer PCRs. After discussion with upstream,
it's preferable to avoid using so many PCRs. Instead, measure into PCRs 8
and 9 but use a prefix in the event log to indicate which subsystem carried
out the measurements.
2016-03-23 17:03:43 -07:00
Matthew Garrett
c2eee36ec0
Fix boot when there's no TPM
...
If the firmware has TPM support but has no TPM, we're jumping to core.img
without popping the registers back onto the stack. Fix that.
2016-03-23 17:02:52 -07:00
mjg59
4ccc609994
Merge pull request #22 from mjg59/netboot
...
Add various small patches to improve netboot support
2016-01-08 15:42:13 -08:00
mjg59
b29d1d3258
Merge pull request #21 from mjg59/smbios
...
Add smbios command
2016-01-08 15:41:17 -08:00
Matthew Garrett
4d5d7be005
Send a user class identifier in bootp requests
...
It's helpful to determine that a request was sent by grub in order to permit
the server to provide different information at different stages of the boot
process. Send GRUB2 as a type 77 DHCP option when sending bootp packets in
order to make this possible.
2016-01-08 14:25:52 -08:00
Matthew Garrett
78db6bcf33
Allow non-default ports for HTTP requests
...
Add support for passing ports in HTTP requests. This takes the form of:
(http,serverip:portnum)/file
2016-01-07 17:27:15 -08:00
Matthew Garrett
297e11980b
Allow passing of trusted keys via variables
...
Add support for adding gpg keys to the trusted database with a new command
called "trust_var". This takes the contents of a variable (in ascii-encoded
hex) and interprets it as a gpg public key.
2016-01-07 15:33:36 -08:00
Matthew Garrett
73746f0367
Fix hex representation of binary variable contents
...
The getenv code was mishandling the conversion of binary to hex. Grub's
sprintf() doesn't seem to support the full set of format conversions, so
fix this in the nasty way.
2016-01-07 15:31:36 -08:00
Matthew Garrett
92e46cccf1
Add smbios command
...
Incorporate the smbios command from
https://raw.githubusercontent.com/dm0-/gnuxc/master/patches/grub-2.02~beta2-smbios-module.patch
so we can extract the machine UUID and serial number.
2016-01-06 12:46:22 -08:00
mjg59
d4bc2bf02f
Merge pull request #20 from mjg59/master
...
Add TPM measurement support
2016-01-05 15:32:28 -08:00
Matthew Garrett
a0e69405e2
Measure multiboot images and modules
2016-01-05 14:35:17 -08:00
Matthew Garrett
b47b5685b5
Measure commands
...
Measure each command executed by grub, which includes script execution.
2016-01-05 14:35:17 -08:00
Matthew Garrett
2d410729e9
Measure the kernel commandline
...
Measure the kernel commandline to ensure that it hasn't been modified
2016-01-05 14:35:17 -08:00
Matthew Garrett
20e355fd5a
Measure kernel and initrd on BIOS systems
...
Measure the kernel and initrd when loaded on BIOS systems
2016-01-05 14:35:17 -08:00
Matthew Garrett
738f6f09b3
Rework linux16 command
...
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel int it
before pulling out the individual blocks later on.
2016-01-05 14:35:17 -08:00
Matthew Garrett
a2599ab047
Rework linux command
...
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel into it
before pulling out the individual blocks later on.
2016-01-05 14:35:17 -08:00
Matthew Garrett
1e32d63145
Add BIOS boot measurement
...
Measure the on-disk grub core on BIOS systems - unlike UEFI, the firmware
can't do this stage for us.
2016-01-05 14:35:17 -08:00
Matthew Garrett
f22ee4487c
Measure kernel + initrd
...
Measure the kernel and initrd when loaded on UEFI systems
2016-01-05 14:35:17 -08:00
Matthew Garrett
858f763466
Core TPM support
...
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI and BIOS systems, but
will measure all modules as they're loaded.
2016-01-05 14:35:05 -08:00
Matthew Garrett
76fb8e4341
Fix race in EFI validation
...
The Secure Boot code currently reads the kernel from disk, validates the
signature and then reads it from disk again. A sufficiently exciting storage
device could modify the kernel between these two events and trigger the
execution of an untrusted kernel. Avoid re-reading it in order to ensure
this isn't a problem, and in the process speed up boot by not reading the
kernel twice.
2016-01-05 14:14:54 -08:00
Michael Marineau
fcefc6bbc5
Merge pull request #19 from marineam/merge
...
Merge upstream GRUB changes
2015-12-22 17:30:18 -08:00
Michael Marineau
286f1b63df
Merge branch 'master' of git://git.savannah.gnu.org/grub
2015-12-17 12:01:00 -08:00
Michael Marineau
c81cf64a40
Revert "linguas: use en_US as UTF-8 locale, C.UTF-8 is not a standard locale."
...
This reverts commit 28b0af948e
.
Superseded by a39137aefe
upstream.
2015-12-17 12:00:03 -08:00
Robert Elliott
c79c59f129
lsefimmap: support persistent memory and other UEFI 2.5 features
...
This should accompany
76ce1de740
Translate UEFI persistent memory type
1. Add a string for the EfiPersistentMemory type 14 that was
added in UEFI 2.5.
2. Decode the memory attributes that were added in UEFI 2.5:
* NV (non-volatile)
* MORE_RELIABLE (higher reliable, e.g., mirrored memory in a system
with partial memory mirroring)
* RO (read-only)
3. Use proper IEC binary units (KiB, MiB, etc.) for power-of-two
values rather than misusing SI power-of-ten units (KB, MB, etc.)
4. The lsmmap command only decodes memory ranges sizes up to GiB scale
units. Persistent memory ranges will reach into the TiB scale.
Since 64-bit size field supports TiB, PiB, and EiB, decode all of
them for completeness.
5. In the lsefimmap command, rewrite the print statements to
* avoid rounding
* avoid a big nested if/else tree.
For example: In the sixth entry below, the value of 309MB implies
316416KB but is really reporting 316436KB.
Widen the size column to 6 digits to accommodate typical cases.
The worst case value would require 14 digits; if that happens,
let the columns get out of sync.
Old format:
Type Physical start - end #Pages Size Attributes
conv-mem 0000000000000000-0000000000092fff 00000093 588KB UC WC WT WB
reserved 0000000000093000-0000000000093fff 00000001 4KB UC WC WT WB
conv-mem 0000000000094000-000000000009ffff 0000000c 48KB UC WC WT WB
conv-mem 0000000000100000-000000000fffffff 0000ff00 255MB UC WC WT WB
BS-code 0000000010000000-0000000010048fff 00000049 292KB UC WC WT WB
conv-mem 0000000010049000-000000002354dfff 00013505 309MB UC WC WT WB
ldr-data 000000002354e000-000000003ecfffff 0001b7b2 439MB UC WC WT WB
BS-data 000000003ed00000-000000003ed7ffff 00000080 512KB UC WC WT WB
conv-mem 000000003ed80000-000000006af5ffff 0002c1e0 705MB UC WC WT WB
reserved 000000006af60000-000000006b55ffff 00000600 6MB UC WC WT WB
BS-data 000000006b560000-000000006b560fff 00000001 4KB UC WC WT WB
RT-data 000000006b561000-000000006b5e1fff 00000081 516KB RT UC WC WT WB
BS-data 000000006b5e2000-000000006ecfafff 00003719 55MB UC WC WT WB
BS-code 000000006ecfb000-000000006ecfbfff 00000001 4KB UC WC WT WB
conv-mem 000000006ecfc000-00000000711fafff 000024ff 36MB UC WC WT WB
BS-data 00000000711fb000-000000007128dfff 00000093 588KB UC WC WT WB
Unk 0d 0000000880000000-0000000e7fffffff 00600000 24GB UC WC WT WB NV
reserved 0000001680000000-0000001c7fffffff 00600000 24GB UC WC WT WB NV
New format:
Type Physical start - end #Pages Size Attributes
conv-mem 0000000000000000-0000000000092fff 00000093 588KiB UC WC WT WB
reserved 0000000000093000-0000000000093fff 00000001 4KiB UC WC WT WB
conv-mem 0000000000094000-000000000009ffff 0000000c 48KiB UC WC WT WB
conv-mem 0000000000100000-000000000fffffff 0000ff00 255MiB UC WC WT WB
BS-code 0000000010000000-0000000010048fff 00000049 292KiB UC WC WT WB
conv-mem 0000000010049000-000000002354dfff 00013505 316436KiB UC WC WT WB
ldr-data 000000002354e000-000000003ecfffff 0001b7b2 450248KiB UC WC WT WB
BS-data 000000003ed00000-000000003ed7ffff 00000080 512KiB UC WC WT WB
conv-mem 000000003ed80000-000000006af5ffff 0002c1e0 722816KiB UC WC WT WB
reserved 000000006af60000-000000006b55ffff 00000600 6MiB UC WC WT WB
BS-data 000000006b560000-000000006b560fff 00000001 4KiB UC WC WT WB
RT-data 000000006b561000-000000006b5e1fff 00000081 516KiB RT UC WC WT WB
BS-data 000000006b5e2000-000000006ecfafff 00003719 56420KiB UC WC WT WB
BS-code 000000006ecfb000-000000006ecfbfff 00000001 4KiB UC WC WT WB
conv-mem 000000006ecfc000-0000000071222fff 00002527 38044KiB UC WC WT WB
BS-data 0000000071223000-00000000712ddfff 000000bb 748KiB UC WC WT WB
persist 0000000880000000-0000000e7fffffff 00600000 24GiB UC WC WT WB NV
reserved 0000001680000000-0000001c7fffffff 00600000 24GiB UC WC WT WB NV
2015-12-17 21:00:44 +03:00
Andrei Borzenkov
609c049dcc
kernel: print and reset grub_errno after each embedded config line
...
Otherwise it causes subsequent file open to fail, because grub_file_open
misinterprets set grub_errno for grub_file_get_device_name failure.
Closes: 46540
2015-12-16 21:20:30 +03:00
Andrei Borzenkov
7136b545c1
Erase backspaced character in grub_username_get
...
It probably does not work across linefeed, but hopefully user names are not
that long (and nobody is using terminal that small).
2015-12-16 19:20:10 +03:00
Hector Marco-Gisbert
451d80e52d
Fix security issue when reading username and password
...
This patch fixes two integer underflows at:
* grub-core/lib/crypto.c
* grub-core/normal/auth.c
CVE-2015-8370
Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
Also-By: Andrey Borzenkov <arvidjaar@gmail.com>
2015-12-16 07:57:18 +03:00