Commit graph

3757 commits

Author SHA1 Message Date
Andrei Borzenkov
d4561cd080 tcp: fix memory leaks
Found by: Coverity scan.
CID: 96639, 96647
2016-01-16 20:59:50 +03:00
Andrei Borzenkov
9b4256bf05 net: fix memory leaks
Found by: Coverity scan.
CID: 96638, 96648
2016-01-16 20:48:33 +03:00
Andrei Borzenkov
eefa3239c2 legacycfg: fix memory leaks and add NULL check
Memory leaks found by Coverity scan.
CID: 96642, 96645
2016-01-16 20:34:02 +03:00
Andrei Borzenkov
4f8fe948b9 loader: Unintended sign extension
CID: 96707, 96699, 96693, 96691, 96711, 96709, 96708, 96703, 96702,
96700, 96698, 96696, 96695, 96692, 96710, 96705
2016-01-15 19:18:05 +03:00
Andrei Borzenkov
b95e926788 script: fix memory leak
Found by: Coverity scan.
CID: 96637
2016-01-12 22:50:30 +03:00
Andrei Borzenkov
26533fe6bc normal: fix memory leak
Found by: Coverity scan.
CID: 96641, 96670, 96667
2016-01-12 22:40:03 +03:00
Andrei Borzenkov
29862fdc3a xnu: fix memory leak
Found by: Coverity scan.
CID: 96663
2016-01-12 21:52:51 +03:00
Andrei Borzenkov
9daf7aae8b truecrypt: fix memory leak
Found by: Coverity scan.
CID: 156611
2016-01-12 21:52:51 +03:00
Andrei Borzenkov
a4b1326f0d gfxmenu: fix memory leak
Found by: Coverity scan.
CID: 96657
2016-01-12 21:52:50 +03:00
Andrei Borzenkov
dbb0f9fa4f efiemu: fix memory leak
Found by: Coverity scan.
CID: 156610
2016-01-12 21:52:50 +03:00
Andrei Borzenkov
e9d71db53a efidisk: fix memory leak
Found by: Coverity scan.
CID: 96644
2016-01-12 21:52:50 +03:00
Andrei Borzenkov
6c35ce72ba verify: fix memory leak
Found by: Coverity scan.
CID: 96643
2016-01-12 21:52:42 +03:00
Andrei Borzenkov
f3c84fa798 password_pbkdf2: fix memory leak
Found by: Coverity scan.
CID: 96656
2016-01-12 20:53:26 +03:00
Andrei Borzenkov
5db2190f2c parttool: fix memory leak
Found by: Coverity scan.
CID: 96652
2016-01-12 20:41:44 +03:00
Andrei Borzenkov
1bff60e5aa nativedisk: fix memory leak
Based on Coverity scan.
CID: 96660

Extended to also cover other error return places.
2016-01-12 20:37:43 +03:00
Andrei Borzenkov
8fe17d91af acpi: fix memory leak
Found by: Coverity scan.
CID: 96673
2016-01-12 20:26:30 +03:00
Andrei Borzenkov
528256932b net: remove dead and redundant code
server cannot be NULL at this point (we return error earlier if it is).
Also structure is zalloc'ed, so no need to explicitly initialize
members to 0.

Found by: Coverity scan.
CID: 73837
2016-01-10 11:33:13 +03:00
Andrei Borzenkov
269a522c7d hostdisk: fix device detection
Condition was apparently reversed so GRUB assumed all devices were
files. This later made it skip BLKFLSBUF ioctl on Linux which caused
various page cache coherency issues. Observed were

- failure to validate blocklist install (read content did not match
  just written)

- failure to detect Linux MD on disk after online hot addition
  (GRUB got stale superblock)

Closes: 46691
2016-01-10 10:41:04 +03:00
Andrei Borzenkov
31f6506c57 loader/multiboot: fix unintended sign extension
Found by: Coveruty scan.
CID: 73700, 73763
2016-01-09 19:58:51 +03:00
Andrei Borzenkov
9fecb0588e kern/elf: fix unintended sign extension
Found by: Coverity scan.
CID: 73729, 73735, 73758, 73760
2016-01-09 19:41:26 +03:00
Andrei Borzenkov
aafd205c92 xfs: fix possible inode corruption in directory scan
grub_xfs_iterate_dir did not restore first character after inline
name when match was found. Dependning on XFS format this character
could be inode number and we could return to the same node later in
find_file if processing cycled symlinks.

CID: 86724
2016-01-09 18:55:55 +03:00
Andrei Borzenkov
bd60f5a207 rescue_parser: restructure code to avoid Coverity false positive
If line contains single word, line and argv[0] are aliases, so
no NULL dereference is possible, but Coverity does not know it.
Change code to avoid ambiguity and also remove redundant call to
grub_strchr.

CID: 86725
2016-01-09 18:15:27 +03:00
Andrei Borzenkov
fa2af21ec8 gfxmenu: fix memory leak
Found by: Coverity scan.
CID: 73766
2016-01-09 13:55:28 +03:00
Andrei Borzenkov
67d9ce82ac efiemu: check return value of grub_efiemu_write_value
Found by: Coverity scan.
CID: 73590
2016-01-09 11:36:42 +03:00
Andrei Borzenkov
12bf87466f efiemu: change code to avoid Coverity false positive
CID: 73623
2016-01-09 11:36:42 +03:00
Andrei Borzenkov
97c41e1216 efiemu: fix unintended sign extension
Found by: Coverity scan.
CID: 73883, 73637
2016-01-09 11:36:42 +03:00
Andrei Borzenkov
8ab2675ede hfs: fix memory leak
Found by: Coverity scan.
CID: 156531
2016-01-09 11:36:42 +03:00
Matthew Garrett
4d5d7be005 Send a user class identifier in bootp requests
It's helpful to determine that a request was sent by grub in order to permit
the server to provide different information at different stages of the boot
process. Send GRUB2 as a type 77 DHCP option when sending bootp packets in
order to make this possible.
2016-01-08 14:25:52 -08:00
Matthew Garrett
78db6bcf33 Allow non-default ports for HTTP requests
Add support for passing ports in HTTP requests. This takes the form of:
(http,serverip:portnum)/file
2016-01-07 17:27:15 -08:00
Matthew Garrett
297e11980b Allow passing of trusted keys via variables
Add support for adding gpg keys to the trusted database with a new command
called "trust_var". This takes the contents of a variable (in ascii-encoded
hex) and interprets it as a gpg public key.
2016-01-07 15:33:36 -08:00
Matthew Garrett
73746f0367 Fix hex representation of binary variable contents
The getenv code was mishandling the conversion of binary to hex. Grub's
sprintf() doesn't seem to support the full set of format conversions, so
fix this in the nasty way.
2016-01-07 15:31:36 -08:00
Vladimir Serbinenko
e4c49cab9b arm64/setjmp: Add missing move for arg1 == 0 case. 2016-01-07 21:10:05 +01:00
Mark Salter
7eb27a49e9 arm-efi: Reduce timer event frequency by 10
Timer event to keep grub msec counter was running at 1000HZ. This was too
fast for UEFI timer driver and resulted in a 10x slowdown in grub time
versus wallclock. Reduce the timer event frequency and increase tick
increment accordingly to keep better time.
2016-01-07 20:54:20 +01:00
Vladimir Serbinenko
607d66116a iee1275/datetime: Fix off-by-1 error. 2016-01-07 15:53:42 +01:00
Matthew Garrett
92e46cccf1 Add smbios command
Incorporate the smbios command from
https://raw.githubusercontent.com/dm0-/gnuxc/master/patches/grub-2.02~beta2-smbios-module.patch
so we can extract the machine UUID and serial number.
2016-01-06 12:46:22 -08:00
Matthew Garrett
a0e69405e2 Measure multiboot images and modules 2016-01-05 14:35:17 -08:00
Matthew Garrett
b47b5685b5 Measure commands
Measure each command executed by grub, which includes script execution.
2016-01-05 14:35:17 -08:00
Matthew Garrett
2d410729e9 Measure the kernel commandline
Measure the kernel commandline to ensure that it hasn't been modified
2016-01-05 14:35:17 -08:00
Matthew Garrett
20e355fd5a Measure kernel and initrd on BIOS systems
Measure the kernel and initrd when loaded on BIOS systems
2016-01-05 14:35:17 -08:00
Matthew Garrett
738f6f09b3 Rework linux16 command
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel int it
before pulling out the individual blocks later on.
2016-01-05 14:35:17 -08:00
Matthew Garrett
a2599ab047 Rework linux command
We want a single buffer that contains the entire kernel image in order to
perform a TPM measurement. Allocate one and copy the entire kernel into it
before pulling out the individual blocks later on.
2016-01-05 14:35:17 -08:00
Matthew Garrett
1e32d63145 Add BIOS boot measurement
Measure the on-disk grub core on BIOS systems - unlike UEFI, the firmware
can't do this stage for us.
2016-01-05 14:35:17 -08:00
Matthew Garrett
f22ee4487c Measure kernel + initrd
Measure the kernel and initrd when loaded on UEFI systems
2016-01-05 14:35:17 -08:00
Matthew Garrett
858f763466 Core TPM support
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI and BIOS systems, but
will measure all modules as they're loaded.
2016-01-05 14:35:05 -08:00
Matthew Garrett
76fb8e4341 Fix race in EFI validation
The Secure Boot code currently reads the kernel from disk, validates the
signature and then reads it from disk again. A sufficiently exciting storage
device could modify the kernel between these two events and trigger the
execution of an untrusted kernel. Avoid re-reading it in order to ensure
this isn't a problem, and in the process speed up boot by not reading the
kernel twice.
2016-01-05 14:14:54 -08:00
Vladimir Serbinenko
f86fd54cf0 Add memdisk support to grub-emu.
Use it to add custom files, so that tests which need them work.
2016-01-05 21:10:27 +01:00
Vladimir Serbinenko
3f430a0126 Move file loading functions to grub-emu.
So that we can use it in grub-emu as well as utils.
2016-01-05 21:10:27 +01:00
Vladimir Serbinenko
f2b54835f2 Disable progress indicator in grub-shell.
This disables progress indicator for tests. This in turn fixes test
flakiness as they ended up timing-dependent.
2016-01-05 21:10:10 +01:00
Vladimir Serbinenko
300be005a8 Update checksums 2016-01-05 11:55:30 +01:00
Andrei Borzenkov
aa7bb4607b acpihalt: add GRUB_ACPI_OPCODE_CREATE_DWORD_FIELD (0x8a)
Fixes ACPI halt on ASUSTeK P8B75-V,
Bios: American Megatrends v: 0414 date: 04/24/2012

Reported-By: Goh Lip <g.lip@gmx.com>
2016-01-02 21:33:18 +03:00