Commit graph

52 commits

Author SHA1 Message Date
Matthew Garrett
f4f4e3c715 verifiers: Core TPM support
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI. In future we might
want to have some sort of mechanism for choosing which events get logged
to which PCRs, but this seems like a good default policy and we can wait
to see whether anyone  has a use case before adding more complexity.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2020-09-21 16:43:54 -04:00
Vladimir Serbinenko
aebe31c375 verifiers: File type for fine-grained signature-verification controlling
Let's provide file type info to the I/O layer. This way verifiers
framework and its users will be able to differentiate files and verify
only required ones.

This is preparatory patch.

Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
2020-09-21 13:29:05 -04:00
David Michael
e576eb0cbc Merge remote-tracking branch 'upstream/master' 2017-01-23 14:02:45 -08:00
Matthew Garrett
bf25cda14e Make TPM errors less fatal
Handle TPM errors, and stop trying to use the TPM once we hit one.
2016-10-13 14:01:52 -07:00
Matthew Garrett
bb3473d7c8 Rework TPM measurements
Rework TPM measurements to use fewer PCRs. After discussion with upstream,
it's preferable to avoid using so many PCRs. Instead, measure into PCRs 8
and 9 but use a prefix in the event log to indicate which subsystem carried
out the measurements.
2016-03-23 17:03:43 -07:00
Andrei Borzenkov
67dba97e45 support modules without symbol table
all_video module does not have any code or data and exists solely for
.moddeps section to pull in dependencies. This makes all symbols unneeded.

While in current binutils (last released version as of this commit is 2.26)
``strip --strip-unneeded'' unintentionally adds section symbols for each
existing section, this behavior was considered a bug and changed in commit
14f2c699ddca1e2f706342dffc59a6c7e23e844c to completely strip symbol table
in this case.

Older binutils (verified with 2.17) and some other toolchains (at least
elftoolchain r3223M), both used in FreeBSD, remove symbol table in all_video
as well.

Relax run-time check and do not return error for modules without symbol table.
Add additional checks to module verifier to make sure such modules

a) have non-empty .moddeps section. Without either externally visible symbols
or .moddeps modules are completely useless and should not be built.

b) do not have any relocations.

Closes: 46986

v2: add run-time check for empty symbol table if relocations are present as
    suggested by Vladimir.
2016-02-03 20:34:55 +03:00
Andrei Borzenkov
4f8fe948b9 loader: Unintended sign extension
CID: 96707, 96699, 96693, 96691, 96711, 96709, 96708, 96703, 96702,
96700, 96698, 96696, 96695, 96692, 96710, 96705
2016-01-15 19:18:05 +03:00
Matthew Garrett
858f763466 Core TPM support
Add support for performing basic TPM measurements. Right now this only
supports extending PCRs statically and only on UEFI and BIOS systems, but
will measure all modules as they're loaded.
2016-01-05 14:35:05 -08:00
Michael Marineau
c7c750ecc2 Merge upstream changes as of April 29th 2015-07-31 15:41:48 -07:00
Colin Watson
25850cfd50 Don't allow insmod when secure boot is enabled.
Hi,

Fedora's patch to forbid insmod in UEFI Secure Boot environments is fine
as far as it goes.  However, the insmod command is not the only way that
modules can be loaded.  In particular, the 'normal' command, which
implements the usual GRUB menu and the fully-featured command prompt,
will implicitly load commands not currently loaded into memory.  This
permits trivial Secure Boot violations by writing commands implementing
whatever you want to do and pointing $prefix at the malicious code.

I'm currently test-building this patch (replacing your current
grub-2.00-no-insmod-on-sb.patch), but this should be more correct.  It
moves the check into grub_dl_load_file.
2015-04-22 12:47:49 -07:00
Vladimir Serbinenko
7ea452a142 Add missing grub_ prefix in memcpy invocation 2015-02-23 22:29:33 +01:00
Vladimir Serbinenko
313fb3cef8 Add module loading and parsing boot time checkpoints. 2013-12-22 18:14:42 +01:00
Vladimir Serbinenko
05126706b0 * grub-core/kern/dl.c: Don't discard const attribute. 2013-12-21 13:26:27 +01:00
Vladimir Serbinenko
7a148da6dd Implement sparc64 trampolines (needed for sparc64-emu). 2013-12-10 00:01:27 +01:00
Vladimir Serbinenko
a19293cb75 Move OS-dependent mprotect for module loading to grub-core/osdep/*/dl.c
and implement windows variant.
2013-12-08 18:08:23 +01:00
Vladimir Serbinenko
8c534b85f1 Revamp relocation handling.
Move more code to common dl.c. Add missing veneers for arm and arm64.
	Decreases kernel size by 70 bytes on i386-pc (40-50 compressed)
2013-12-06 09:18:55 +01:00
Vladimir Serbinenko
4906052019 Unify GOT/trampoline handling between PPC, MIPS and IA64 as they
do essentially the same thing, do it in similar way.
2013-11-21 21:54:33 +01:00
Vladimir Serbinenko
80e8b13ac4 * grub-core/kern/dl.c: Unify section-finding algorithm. Saves 30 bytes
on core size.
2013-11-01 15:20:14 +01:00
Vladimir 'phcoder' Serbinenko
7cd0df84f1 New command `nativedisk'. 2013-04-28 15:31:33 +02:00
Vladimir 'phcoder' Serbinenko
a6393224c4 Make 'make check' work on emu. 2013-04-27 02:00:16 +02:00
Vladimir 'phcoder' Serbinenko
cdeb832472 * grub-core/kern/dl.c (grub_dl_resolve_symbols): Handle malloc failure. 2013-04-24 13:58:31 +02:00
Vladimir 'phcoder' Serbinenko
e744219bb6 Implement boot time analysis framework. 2013-03-19 20:25:09 +01:00
Vladimir 'phcoder' Serbinenko
ba287dd8e0 * grub-core/kern/dl.c (grub_dl_add): Make global in order for gdb_grub
to work.
2012-03-19 11:10:11 +01:00
Vladimir 'phcoder' Serbinenko
67093bc0ed Another round of string clarification and adding TRANSLATORS comments. 2012-02-26 17:28:05 +01:00
Vladimir 'phcoder' Serbinenko
ebcecdf1c3 Increase warning level.
* conf/Makefile.common (CFLAGS_GNULIB): Add -Wno-redundant-decls
	-Wno-unreachable-code -Wno-conversion -Wno-old-style-definition.
	* configure.ac (HOST_CFLAGS): Add bunch of -W arguments.
	(TARGET_CFLAGS): Likewise.
	(HOST_CFLAGS): Add -Werror unless --disable-werror is activated.
	* grub-core/Makefile.core.def (decompressor_xz): Add
	-Wno-unreachable-code.
	(normal): Add -Wno-redundant-decls.
	(xzio): Add -Wno-unreachable-code.
	(lzopio): Add -Wno-redundant-decls -Wno-error.
	* grub-core/commands/acpi.c: Add exception to -Wcast-align.
	* grub-core/commands/lsacpi.c: Add exception to -Wcast-align.
	* grub-core/gensymlist.sh: Add exception to -Wmissing-format-attribute.
	* grub-core/kern/dl.c: Add exception to -Wcast-align.
	* grub-core/kern/efi/efi.c (grub_efi_modules_addr): Likewise.
	* grub-core/kern/i386/coreboot/init.c: Add exception to
	-Wsuggest-attribute=noreturn.
	* grub-core/kern/ia64/dl.c: Add exception to -Wcast-align.
	* grub-core/kern/ia64/dl_helper.c: Likewise.
	* grub-core/kern/mips/dl.c: Likewise.
	* grub-core/kern/sparc64/dl.c: Likewise.
	* grub-core/lib/LzmaEnc.c: Add exception to -Wshadow.
	* grub-core/lib/libgcrypt_wrap/cipher_wrap.h (memcpy): Likewise.
	(memcmp): Likewise.
	* grub-core/lib/pbkdf2.c: Add exception to -Wunreachable-code.
	* grub-core/loader/ia64/efi/linux.c: Add exception to -Wcast-align.
	* grub-core/loader/mips/linux.c: Likewise.
	* grub-core/loader/multiboot_elfxx.c: Likewise.
	* grub-core/script/parser.y: Add exception to -Wunreachable-code.
	* grub-core/video/sm712.c: Add exception to -Wcast-align.
	* util/import_gcry.py: Add -Wno-cast-align to modules checked by hand.
	* grub-core/font/font.c (grub_font_loader_init): Add explicit cast and
	fixme.
	* grub-core/fs/iso9660.c (grub_iso9660_iterate_dir): Likewise.
	* grub-core/kern/i386/multiboot_mmap.c (grub_machine_mmap_init):
	Fix prototype.
2012-02-10 16:48:48 +01:00
Vladimir 'phcoder' Serbinenko
9c4b5c13e6 Improve gettext support. Stylistic fixes and error handling fixes while
on it.
2012-02-08 19:26:01 +01:00
Vladimir 'phcoder' Serbinenko
92cd0f6e45 Move platform-dependent files from $prefix to $prefix/$platform.
* config.h.in (GRUB_TARGET_CPU): New definition.
	(GRUB_PLATFORM): Likewise.
	* configure.ac: Define GRUB_TARGET_CPU and GRUB_PLATFORM.
	* grub-core/commands/parttool.c (grub_cmd_parttool): Update dir.
	* grub-core/efiemu/main.c (grub_efiemu_autocore): Likewise.
	* grub-core/kern/dl.c (grub_dl_load): Likewise.
	* grub-core/normal/autofs.c (read_fs_list): Likewise.
	* grub-core/normal/crypto.c (read_crypto_list): Likewise.
	* grub-core/normal/dyncmd.c (read_command_list): Likewise.
	* grub-core/normal/term.c (read_terminal_list): Likewise.
	* grub-core/gettext/gettext.c (grub_mofile_open_lang): Use
	$prefix/locale.
	(grub_gettext_init_ext): Likewise.
	* grub-core/normal/main.c (GRUB_MOD_INIT): Define grub_cpu and
	grub_platform.
	* util/grub-install.in: Update directories.
	* util/grub-mknetdir.in: Likewise.
	* util/grub-mkrescue.in: Likewise.
2012-02-04 21:47:29 +01:00
Vladimir 'phcoder' Serbinenko
10b64f1cf4 * grub-core/kern/dl.c (grub_dl_load_segments): Fix alignment handling. 2011-11-16 21:40:50 +01:00
Vladimir 'phcoder' Serbinenko
bb41695449 * grub-core/kern/dl.c (grub_dl_unload): Fix freeing segments. 2011-11-16 21:38:00 +01:00
Vladimir 'phcoder' Serbinenko
d35d0d3753 Add const keyword to grub_env_get and gettextize week days.
* grub-core/hook/datehook.c (grub_datetime_names): Make const.
	(grub_read_hook_datetime): Return const char *.
	* grub-core/kern/env.c (grub_env_get): Return const char *. All users
	updated.
	* grub-core/normal/datetime.c (grub_weekday_names): Make const.
	Mark for gettext.
	(grub_get_weekday_name): Return const char *. Call gettext.
	* grub-core/script/argv.c (grub_script_argv_append): Receive const
	char * and len as the argument. All users updated.
	(grub_script_argv_split_append): Receive const char *.
	* include/grub/datetime.h (grub_get_weekday_name): Update proto.
	* include/grub/env.h (grub_env_get): Likewise.
	(grub_env_read_hook_t): Return const char *.
	* include/grub/script_sh.h (grub_script_argv_append): Update proto.
	(grub_script_argv_split_append): Likewise.
2011-11-11 20:34:37 +01:00
Vladimir 'phcoder' Serbinenko
ed64e9e279 Support trampoline jumps on powerpc.
* grub-core/kern/dl.c (grub_dl_load_segments) [__powerpc__]: Follow
	__ia64__ path.
	(grub_dl_load_segments): Set mod->sz.
	(grub_dl_flush_cache): Flush whole space occupied by module, not just
	segments.
	* grub-core/kern/ia64/dl.c (nopm): Make const while on it.
	(jump): Likewise.
	* grub-core/kern/powerpc/dl.c (grub_arch_dl_get_tramp_got_size): New
	function.
	(trampoline): New struct.
	(trampoline_template): New const.
	(grub_arch_dl_relocate_symbols): Create trampolines on overflow.
	* include/grub/dl.h (grub_dl): Add sz element.
	[__powerpc__]: Follow __ia64__.
	(GRUB_ARCH_DL_TRAMP_ALIGN): Define on ppc.
	(GRUB_ARCH_DL_GOT_ALIGN): Likewise.
	(GRUB_ARCH_DL_TRAMP_SIZE): Likewise.
	(grub_arch_dl_get_tramp_got_size) [__powerpc__]: New proto.
2011-11-08 11:23:56 +01:00
Vladimir 'phcoder' Serbinenko
c2aa00f059 Fix a memory leak 2011-07-06 17:40:36 +02:00
Tristan Gingold
32297d5ff7 IA64 support.
* Makefile.util.def (libgrubmods.a): Add grub-core/kern/ia64/dl_helper.c
	* configure.ac: Add ia64-efi target.
	Probe for __ia64_trampoline, __udivsi3, __umoddi3, __udivdi3,
	__divsi3, __modsi3, __umodsi3, __moddi3 and __divdi3 symbols.
	* gentpl.py: Add ia64_efi platform.
	Rename x86_efi to efi and Add ia64-efi. All users updated.
	* grub-core/Makefile.am: Set KERNEL_HEADER_FILES for ia64-efi.
	* grub-core/Makefile.core.def (kernel.img): Add compile flags for ia64.
	Remove kern/generic/rtc_get_time_ms.c on EFI.
	Add kern/ia64/efi/startup.S, kern/ia64/efi/init.c, kern/ia64/dl.c,
	kern/ia64/dl_helper.c on ia64-efi.
	Add kern/emu/cache.c on emu.
	(linux): Use on loader/ia64/efi/linux.c on ia64.
	* grub-core/gensymlist.sh (grub_register_exported_symbols): Check
	whether symbol is a function.
	* grub-core/kern/dl.c [GRUB_MACHINE_EMU]: Include sys/mman.h.
	(grub_symbol): New field 'isfunc'.
	(grub_dl_resolve_symbol): Return whole symbol rather than just address.
	(grub_dl_register_symbol): New argument 'isfunc'. All users updated.
	(grub_dl_load_segments): Place all sections into the same region.
	[__ia64__]: Create trampolines and got.
	[GRUB_MACHINE_EMU]: Call mprotect.
	(grub_dl_resolve_symbols): Resolve symbol type as well.
	[__ia64__]: Create function descriptors.
	* grub-core/kern/efi/efi.c (grub_get_rtc): Renamed to ...
	(grub_rtc_get_time_ms): ... this. Expressions simplified.
	(grub_get_rtc): New function.
	* grub-core/kern/emu/cache.c [__ia64__]: New file.
	* grub-core/kern/emu/cache.S: Renamed to ...
	* grub-core/kern/emu/cache_s.S: ... this.
	[__ia64__]: Add a nop.
	* grub-core/kern/emu/full.c (grub_arch_dl_get_tramp_got_size)
	[__ia64__]: New function.
	* grub-core/kern/emu/lite.c [__ia64__]: Include ../ia64/dl.c.
	* grub-core/kern/ia64/dl.c: New file.
	* grub-core/kern/ia64/dl_helper.c: Likewise.
	* grub-core/kern/ia64/efi/init.c: New file.
	* grub-core/kern/ia64/efi/startup.S: Likewise.
	* grub-core/lib/efi/halt.c [__ia64__]: Don't try acpi.
	* grub-core/lib/ia64/longjmp.S: New file (from glibc).
	* grub-core/lib/ia64/setjmp.S: Likewise (from glibc).
	* grub-core/lib/setjmp.S [__ia64__]: Include ./ia64/setjmp.S.
	* grub-core/loader/ia64/efi/linux.c: New file.
	* include/grub/dl.h (GRUB_MOD_NAME): Redefined using C rather than asm.
	(GRUB_MOD_DEP): Likewise.
	(grub_dl) [__ia64__]: New fields got and tramp.
	(grub_dl): New field 'base'.
	(grub_dl_register_symbol): New argument isfunc. All users updated.
	(GRUB_IA64_DL_TRAMP_ALIGN): New definition.
	(GRUB_IA64_DL_TRAMP_SIZE): Likewise.
	(GRUB_IA64_DL_GOT_ALIGN): Likewise.
	(grub_ia64_dl_get_tramp_got_size): New proto.
	(GRUB_ARCH_DL_TRAMP_ALIGN) [__ia64__]: Likewise
	(GRUB_ARCH_DL_GOT_ALIGN) [__ia64__]: Likewise
	(grub_arch_dl_get_tramp_got_size) [__ia64__]: Likewise
	* include/grub/efi/api.h: Skip call wrappers on ia64.
	* include/grub/efi/pe32.h (GRUB_PE32_MACHINE_IA64): New definition.
	* include/grub/efi/time.h (GRUB_TICKS_PER_SECOND): Change to 1000.
	* include/grub/elf.h (ELF_ST_INFO): New definition.
	* include/grub/ia64/efi/kernel.h: New file.
	* include/grub/ia64/efi/memory.h: Likewise.
	* include/grub/ia64/efi/time.h: Likewise.
	* include/grub/ia64/kernel.h: Likewise.
	* include/grub/ia64/setjmp.h: Likewise (from glibc).
	* include/grub/ia64/time.h: New file.
	* include/grub/ia64/types.h: Likewise.
	* include/grub/libgcc.h (__udivsi3, __umodsi3, __umoddi3, __udivdi3,
	__moddi3, __divdi3, __divsi3, __modsi3, __ia64_trampoline):
	New protos.
	* include/grub/offsets.h (GRUB_KERNEL_IA64_EFI_PREFIX): New definition.
	(GRUB_KERNEL_IA64_EFI_PREFIX_END): Likewise.
	* include/grub/types.h (PRIxGRUB_ADDR): Likewise.
	* util/grub-mkimage.c (image_target_desc): New field pe_target.
	All users updated.
	(EFI64_HEADER_SIZE): New definition. All users updated.
	(image_targets): Add ia64-efi.
	* util/grub-mkimagexx.c (relocate_symbols): New arguments jumpers and
	jumpers_addr. All users updated.
	Create function descriptors.
	(count_funcs): New function.
	(unaligned_uint32): New struct.
	(MASK20): New definition.
	(MASK19): Likewise.
	(MASKF21): Likewise.
	(add_value_to_slot_20b): New function.
	(add_value_to_slot_21_real): Likewise.
	(add_value_to_slot_21): Likewise.
	(ia64_kernel_trampoline): New struct.
	(nopm): New variable.
	(jump): Likewise.
	(make_trampoline): New function.
	(relocate_addresses): Handle ia64.
	(make_reloc_section): Likewise.
	(load_image): Likewise.

	Also-By: Robert Millan <rmh.grub@aybabtu.com>

	Also-By: Vladimir Serbinenko <phcoder@gmail.com>
2011-05-15 11:22:59 +02:00
Vladimir 'phcoder' Serbinenko
576881217f * grub-core/kern/dl.c (grub_dl_load_file): Decrease ref counter
rather than resetting it to allow modules to reference themselves
	in init.
2011-05-14 22:42:28 +02:00
Vladimir 'phcoder' Serbinenko
3d2c7e3591 * grub-core/kern/dl.c (grub_dl_unload): Don't decrease reference
counter on dependencies since grub_dl_unref already handles this.
2011-05-14 22:35:56 +02:00
Vladimir 'phcoder' Serbinenko
7b58e65f24 track function symbols 2011-05-08 18:29:37 +02:00
Vladimir 'phcoder' Serbinenko
5452733f35 more or less functional ia64 grub-mkimage 2011-05-08 12:39:08 +02:00
Vladimir 'phcoder' Serbinenko
e745cf0ca6 Implement automatic module license checking according to new GNU
guidelines.

	* grub-core/kern/dl.c (grub_dl_check_license): New function.
	(grub_dl_load_core): Use grub_dl_check_license.
	* include/grub/dl.h (GRUB_MOD_SECTION): New macro.
	(GRUB_MOD_LICENSE): Likewise.
	(GRUB_MOD_DUAL_LICENSE): Likewise.
	All modules updated.
2011-04-11 23:01:51 +02:00
Vladimir 'phcoder' Serbinenko
0718f66d12 Discard a bunch of junk code 2011-01-03 00:56:28 +01:00
phcoder
5faa440cb0 Discard several spurious differences from mainline 2011-01-03 00:47:21 +01:00
Vladimir 'phcoder' Serbinenko
7edf63fce6 merge ia64-emu into ia64 2011-01-02 23:55:50 +01:00
phcoder
f49157dfe5 Restructure module loading and many fixes. Now normal.mod loads successfully 2011-01-02 23:30:25 +01:00
phcoder
bbbf84350e Working hello.mod with extcmd.mod 2011-01-02 19:20:28 +01:00
phcoder
73911575dd support for registering functions from modules (not tested yet) 2011-01-02 14:58:57 +01:00
phcoder
f9c30af6d0 Succesfully loaded return-only module on ia64-emu 2011-01-02 14:09:58 +01:00
Vladimir 'phcoder' Serbinenko
4bec80482e Remove few bad hunks 2010-09-01 10:21:05 +02:00
Vladimir 'phcoder' Serbinenko
07329a9ac9 Fix some compilation problems 2010-09-01 09:44:32 +02:00
Vladimir 'phcoder' Serbinenko
6585de4c0c merge mainline into ia64 2010-08-31 21:47:26 +02:00
Vladimir 'phcoder' Serbinenko
89e07694dc Remove grub_dl_unload_all. It's unnecessary and causes trouble 2010-08-25 21:19:45 +02:00
BVK Chaitanya
297f0c2b6e merge with mainline 2010-07-13 00:43:28 +05:30