Commit graph

9302 commits

Author SHA1 Message Date
Michael Marineau
87dfbf34c4 Merge pull request #33 from marineam/repair-corruption
Fix gptprio to properly detect and repair corruption
2016-08-22 19:40:21 -07:00
Michael Marineau
f9fe0d781a Merge pull request #34 from marineam/extended-validation
Add stricter validation of GPT headers
2016-08-22 19:39:30 -07:00
Michael Marineau
b2ca30d335 fix checking alternate_lba 2016-08-22 18:30:56 -07:00
Michael Marineau
c68fcd3b1a gpt: refuse to write to sector 0 2016-08-22 17:51:48 -07:00
Michael Marineau
8278022a0b gpt: improve validation of GPT headers
Adds basic validation of all the disk locations in the headers, reducing
the chance of corrupting weird locations on disk.
2016-08-22 17:51:48 -07:00
Michael Marineau
6078f83638 gpt: properly detect and repair invalid tables
GPT_BOTH_VALID is 4 bits so simple a boolean check is not sufficient.
This broken condition allowed gptprio to trust bogus disk locations in
headers that were marked invalid causing arbitrary disk corruption.
2016-08-22 17:33:17 -07:00
Michael Marineau
4d91c78833 gptprio_test: check GPT is repaired when appropriate 2016-08-22 17:33:17 -07:00
Michael Marineau
6bc5c77bd5 gptrepair_test: fix typo in cleanup trap 2016-08-22 17:33:17 -07:00
Michael Marineau
1c205c2c4d Merge pull request #31 from marineam/verbose-debug
Add verbose debug logging to biosdisk and gpt
2016-08-22 17:22:34 -07:00
Michael Marineau
c2f5fde6ab gpt: add verbose debug logging 2016-08-22 13:02:29 -07:00
Michael Marineau
d38d2d0fb1 biosdisk: add verbose debug logging 2016-08-22 13:02:29 -07:00
Michael Marineau
3d1efb83ed Merge pull request #32 from marineam/tpm
tpm: fix warnings when compiling for platforms other than pc and efi
2016-08-22 12:53:07 -07:00
Michael Marineau
2de6ebf196 tpm: fix warnings when compiling for platforms other than pc and efi 2016-08-21 18:45:02 -07:00
Michael Marineau
a7b0b20c87 Merge pull request #30 from marineam/fwcfg
fwconfig: fix unused argument warning
2016-08-21 11:21:47 -07:00
Michael Marineau
9a8cd5a16a fwconfig: fix unused argument warning 2016-08-20 17:54:47 -07:00
Michael Marineau
2ff7bd91eb Merge pull request #29 from marineam/big-bad-disk
gpt: do not use disk sizes GRUB will reject as invalid later on
2016-07-25 16:05:48 -07:00
Nick Owens
d4602dd67f Merge pull request #28 from mischief/client-arch
net: add client arch and fix user class/terminator
2016-07-25 15:55:23 -07:00
Michael Marineau
a8ad608425 gpt: do not use disk sizes GRUB will reject as invalid later on
GRUB assumes that no disk is ever larger than 1EiB and rejects
reads/writes to such locations. Unfortunately this is not conveyed in
the usual way with the special GRUB_DISK_SIZE_UNKNOWN value.
2016-07-25 15:35:01 -07:00
Nick Owens
fbf65674a4 net: add client arch and fix user class/terminator
send client arch in bootp requests, for now BIOS and x64/aarch64 EFI is
supported.

fix a bug introduced in 4d5d7be005 where
user class was encoded improperly, although this didn't seem to have any
detrimental effects.

properly insert an option terminator.
2016-07-08 15:39:04 -07:00
Nick Owens
a1724dace5 Merge pull request #27 from mischief/cmddevice
set cmddevice when cmdpath is set
2016-06-01 14:08:23 -07:00
Nick Owens
5470929309 set cmddevice when cmdpath is set 2016-06-01 13:55:45 -07:00
Nick Owens
68ae3c416b Merge pull request #26 from mischief/getenv-efi
grub-core: enable getenv for all efi targets
2016-04-14 15:03:43 -07:00
Nick Owens
70b45a45b9 grub-core: enable getenv for all efi targets 2016-04-14 14:47:39 -07:00
mjg59
ad906495e1 Merge pull request #25 from mjg59/tpm
Fix event log prefix
2016-03-29 21:29:47 -07:00
Matthew Garrett
aab446306b Fix event log prefix
We're not passing the prefixed version of the description to the event log.
Fix that.
2016-03-29 15:36:49 -07:00
mjg59
a067b998e0 Merge pull request #24 from mjg59/coreos
Netboot updates
2016-03-24 15:12:06 -07:00
Matthew Garrett
954fd730ca Allow protocol to be separated from host with a semicolon
Some DHCP servers (such as dnsmasq) tokenise parameters with commas, making
it impossible to pass boot files with commas in them. Allow using a semicolon
to separate the protocol from host if a comma wasn't found.
2016-03-24 13:47:19 -07:00
Matthew Garrett
75b4826d15 Tag the bootp request as a DHCP discover 2016-03-24 13:46:54 -07:00
Matthew Garrett
ec0051a569 Don't allocate a new address buffer if we receive multiple responses
The current logic in the DNS resolution code allocates an address buffer
based on the number of addresses in the response packet. If we receive
multiple response packets in response to a single query packet, this means
that we will reallocate a new buffer large enough for only the addresses in
that specific packet, discarding any previous results in the process. Worse,
we still keep track of the *total* number of addresses resolved in response
to this query, not merely the number in the packet being currently processed.
Use realloc() rather than malloc() to avoid overwriting the existing data,
and allocate a buffer large enough for the total set of addresses rather
than merely the number in this specific response.
2016-03-24 13:46:42 -07:00
mjg59
e1b2b265af Merge pull request #23 from mjg59/coreos
TPM fixes
2016-03-24 10:26:40 -07:00
Matthew Garrett
bb3473d7c8 Rework TPM measurements
Rework TPM measurements to use fewer PCRs. After discussion with upstream,
it's preferable to avoid using so many PCRs. Instead, measure into PCRs 8
and 9 but use a prefix in the event log to indicate which subsystem carried
out the measurements.
2016-03-23 17:03:43 -07:00
Matthew Garrett
c2eee36ec0 Fix boot when there's no TPM
If the firmware has TPM support but has no TPM, we're jumping to core.img
without popping the registers back onto the stack. Fix that.
2016-03-23 17:02:52 -07:00
mjg59
4ccc609994 Merge pull request #22 from mjg59/netboot
Add various small patches to improve netboot support
2016-01-08 15:42:13 -08:00
mjg59
b29d1d3258 Merge pull request #21 from mjg59/smbios
Add smbios command
2016-01-08 15:41:17 -08:00
Matthew Garrett
4d5d7be005 Send a user class identifier in bootp requests
It's helpful to determine that a request was sent by grub in order to permit
the server to provide different information at different stages of the boot
process. Send GRUB2 as a type 77 DHCP option when sending bootp packets in
order to make this possible.
2016-01-08 14:25:52 -08:00
Matthew Garrett
78db6bcf33 Allow non-default ports for HTTP requests
Add support for passing ports in HTTP requests. This takes the form of:
(http,serverip:portnum)/file
2016-01-07 17:27:15 -08:00
Matthew Garrett
297e11980b Allow passing of trusted keys via variables
Add support for adding gpg keys to the trusted database with a new command
called "trust_var". This takes the contents of a variable (in ascii-encoded
hex) and interprets it as a gpg public key.
2016-01-07 15:33:36 -08:00
Matthew Garrett
73746f0367 Fix hex representation of binary variable contents
The getenv code was mishandling the conversion of binary to hex. Grub's
sprintf() doesn't seem to support the full set of format conversions, so
fix this in the nasty way.
2016-01-07 15:31:36 -08:00
Matthew Garrett
92e46cccf1 Add smbios command
Incorporate the smbios command from
https://raw.githubusercontent.com/dm0-/gnuxc/master/patches/grub-2.02~beta2-smbios-module.patch
so we can extract the machine UUID and serial number.
2016-01-06 12:46:22 -08:00
mjg59
d4bc2bf02f Merge pull request #20 from mjg59/master
Add TPM measurement support
2016-01-05 15:32:28 -08:00
Matthew Garrett
a0e69405e2 Measure multiboot images and modules 2016-01-05 14:35:17 -08:00
Matthew Garrett
b47b5685b5 Measure commands
Measure each command executed by grub, which includes script execution.
2016-01-05 14:35:17 -08:00
Matthew Garrett
2d410729e9 Measure the kernel commandline
Measure the kernel commandline to ensure that it hasn't been modified
2016-01-05 14:35:17 -08:00
Matthew Garrett
20e355fd5a Measure kernel and initrd on BIOS systems
Measure the kernel and initrd when loaded on BIOS systems
2016-01-05 14:35:17 -08:00
Matthew Garrett
738f6f09b3 Rework linux16 command
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel int it
before pulling out the individual blocks later on.
2016-01-05 14:35:17 -08:00
Matthew Garrett
a2599ab047 Rework linux command
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel into it
before pulling out the individual blocks later on.
2016-01-05 14:35:17 -08:00
Matthew Garrett
1e32d63145 Add BIOS boot measurement
Measure the on-disk grub core on BIOS systems - unlike UEFI, the firmware
can't do this stage for us.
2016-01-05 14:35:17 -08:00
Matthew Garrett
f22ee4487c Measure kernel + initrd
Measure the kernel and initrd when loaded on UEFI systems
2016-01-05 14:35:17 -08:00
Matthew Garrett
858f763466 Core TPM support
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI and BIOS systems, but
will measure all modules as they're loaded.
2016-01-05 14:35:05 -08:00
Matthew Garrett
76fb8e4341 Fix race in EFI validation
The Secure Boot code currently reads the kernel from disk, validates the
signature and then reads it from disk again. A sufficiently exciting storage
device could modify the kernel between these two events and trigger the
execution of an untrusted kernel. Avoid re-reading it in order to ensure
this isn't a problem, and in the process speed up boot by not reading the
kernel twice.
2016-01-05 14:14:54 -08:00