Commit graph

200 commits

Author SHA1 Message Date
Matthew Garrett
e5ee3e8fa5 Add verity hash passthrough
Read the verity hash from the kernel binary and pass it to the running
system via the kernel command line
2015-06-23 13:15:53 -07:00
Matthew Garrett
9b669efb38 Fail validation if we can't find shim and Secure Boot is enabled
If grub is signed with a key that's in the trusted EFI keyring, an attacker
can point a boot entry at grub rather than at shim and grub will fail to
locate the shim verification protocol. This would then allow booting an
arbitrary kernel image. Fail validation if Secure Boot is enabled and we
can't find the shim protocol in order to prevent this.
2015-04-22 12:47:49 -07:00
Matthew Garrett
0de7775230 Add support for linuxefi 2014-11-05 20:40:53 -08:00
Andrei Borzenkov
9a67e1ac8e Use full initializer for initrd_ctx to avoid fatal warnings with older GCC
struct ... foo = { 0, } is valid initializer, but older GCC emits
warning which is fatal error due to -Werror=missing-field-initializer.
So simply use full initializer to avoid these errors. This was fixed
probably in GCC 4.7.

See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36750
2014-10-14 20:12:15 +04:00
Andrey Borzenkov
954fe77163 cleanup: grub_cpu_to_XXX_compile_time for constants
This tries to catch all cases where grub_cpu_to_XXX was used for constant
expressions (including sizeof).
2014-09-22 20:47:10 +04:00
Peter Jones
631a820038 Initialized initrd_ctx so we don't free a random pointer from the stack.
Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
into grub_initrd_close() without grub_initrd_init() being called, and thus
it never clears initrd_ctx->components.  grub_initrd_close() then frees that
address, which is stale data from the stack.  If the stack happens to have a
stale *address* there that matches a recent allocation, then you'll get a
double free later.

So initialize the memory up front.

Signed-off-by: Peter Jones <pjones@redhat.com>
2014-09-21 10:36:42 +04:00
Stephane Rochoy
15bd333e10 * grub-core/loader/i386/bsd.c (grub_netbsd_boot): Pass pointer to
EFI system table.
2014-06-22 01:35:52 +02:00
Vladimir Serbinenko
8063ce197f Replace few instances of memcmp/memcpy in the code that should be grub_memcmp/grub_memcpy. 2014-04-04 07:58:42 +02:00
Vladimir Serbinenko
86402b4e0f * include/grub/i386/openbsd_bootarg.h: Add addr and frequency fields.
* grub-core/loader/i386/bsd.c (grub_cmd_openbsd): Fill addr field.

	Suggested by: Markus Müller.
2014-02-28 10:50:05 +01:00
Vladimir Serbinenko
4a70fed815 * grub-core/loader/i386/multiboot_mbi.c (grub_multiboot_make_mbi): Limit
location to 640K.
2014-02-28 09:48:57 +01:00
Andrey Borzenkov
f371dd5da8 fix include loop on MinGW due to libintl.h pulling stdio.h
In file included from ./include/grub/dl.h:23:0,
                 from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/list.h:34:18: warning: conflicting types for 'grub_list_push' [en
abled by default]
 void EXPORT_FUNC(grub_list_push) (grub_list_t *head, grub_list_t item);
                  ^
./include/grub/symbol.h:68:25: note: in definition of macro 'EXPORT_FUNC'
 # define EXPORT_FUNC(x) x
                         ^
In file included from ./include/grub/fs.h:30:0,
                 from ./include/grub/file.h:25,
                 from ./grub-core/lib/posix_wrap/stdio.h:23,
                 from c:\mingw\include\libintl.h:314,
                 from ./include/grub/i18n.h:33,
                 from ./include/grub/misc.h:27,
                 from ./include/grub/list.h:25,
                 from ./include/grub/dl.h:28,
                 from grub-core/lib/libgcrypt-grub/cipher/rfc2268.c:3:
./include/grub/partition.h:106:3: note: previous implicit declaration of 'grub_l
ist_push' was here
   grub_list_push (GRUB_AS_LIST_P (&grub_partition_map_list),
   ^
list.h needs just ATTRIBUTE_ERROR from misc.h; split compiler features
into separate file grub/compiler.h and include it instead.
2014-01-18 21:22:57 +04:00
Vladimir Serbinenko
72c9a50773 Remove xen VFB.
Due to XEN bug it prevents Linux boot. Remove it at least, until
	workaround is found.
2013-12-18 18:43:09 +01:00
Vladimir Serbinenko
9246d5c8a4 * grub-core/commands/fileXX.c: Silence cast-align.
* grub-core/loader/i386/xen_fileXX.c: Likewise.
2013-12-18 07:40:43 +01:00
Vladimir Serbinenko
57a691b7e7 Decrease number of strings to translate. 2013-12-18 07:26:13 +01:00
Vladimir Serbinenko
184c61ddce Add Radeon Yeeloong 3A support. 2013-12-17 22:52:04 +01:00
Vladimir Serbinenko
1123bed944 * grub-core/loader/i386/xen_fileXX.c: Silence cast-align. 2013-12-17 20:47:31 +01:00
Vladimir Serbinenko
3086175489 Implement Truecrypt ISO loader. 2013-12-17 14:45:46 +01:00
Vladimir Serbinenko
ec824e0f2a Implement grub_file tool and use it to implement generating of config
in separate root.
2013-12-17 14:39:48 +01:00
Vladimir Serbinenko
71669c3b76 Implement XEN VFB support. 2013-12-17 13:07:26 +01:00
Vladimir Serbinenko
111bf5db8b * grub-core/loader/i386/linux.c: Use grub_addr_t rather than long when
appropriate.
2013-12-15 14:37:12 +01:00
Vladimir Serbinenko
24ca71c93b * grub-core/loader/i386/linux.c: Use %p rather than %lx for pointers. 2013-12-15 14:35:18 +01:00
Vladimir Serbinenko
7e47e27bd8 Add gcc_struct to all packed structures when compiling with mingw.
Just "packed" doesn't always pack the way we expect.
2013-12-15 14:14:30 +01:00
Vladimir Serbinenko
44bbfa33b8 Propagate the EFI commits to x86-efi specific parts. 2013-12-11 16:11:17 +01:00
Vladimir Serbinenko
d5bab2c0e1 * grub-core/loader/i386/bsd.c: Remove variable length arrays. 2013-11-12 16:14:33 +01:00
Vladimir Serbinenko
87d62d7d29 * grub-core/loader/i386/coreboot/chainloader.c (load_segment): Use
right buffer for temporary load.
2013-11-11 00:06:52 +01:00
Vladimir Serbinenko
5460cfeba8 * grub-core/loader/i386/coreboot/chainloader.c: Support tianocore. 2013-11-10 23:26:25 +01:00
Vladimir Serbinenko
8997730612 * grub-core/loader/i386/coreboot/chainloader.c: Support lzma-compressed
payload.
2013-11-10 20:53:27 +01:00
Vladimir Serbinenko
9612ebc00e Add new ports: i386-xen and x86_64-xen. This allows running GRUB in
XEN PV environment and load kernels.
2013-11-09 21:29:11 +01:00
Vladimir Serbinenko
1a46a3a4b3 * grub-core/loader/i386/multiboot_mbi.c: Handle space in command line.
* grub-core/loader/multiboot_mbi2.c: Likewise.
2013-11-09 17:32:37 +01:00
Vladimir Serbinenko
7f084087b2 * grub-core/net/net.c (grub_net_route_unregister): Remove unused
function.
	* grub-core/loader/i386/xnu.c (hextoval): Likewise.
	* grub-core/disk/geli.c (ascii2hex): Likewise.
2013-11-07 19:31:22 +01:00
Vladimir Serbinenko
329550c4a9 * grub-core/loader/multiboot_mbi2.c: Implement EFI memory map. 2013-10-28 15:37:00 +01:00
Vladimir Serbinenko
00bfa988fc * grub-core/loader/multiboot.c: Add support for multiboot kernels
quirks.
2013-10-28 15:23:46 +01:00
Vladimir Serbinenko
81afc5cce6 * grub-core/loader/i386/linux.c (allocate_pages): Allocate at least
a page in protected space.
2013-10-28 14:30:29 +01:00
Vladimir Serbinenko
8b46b0ea36 * grub-core/loader/i386/bsd.c (grub_cmd_openbsd): Accept "sd", "cd",
"vnd", "rd" and "fd" disks.
2013-10-27 18:59:27 +01:00
Vladimir Serbinenko
c81acb7ff3 Consolidate cpuid code. 2013-10-27 00:02:01 +02:00
Vladimir Serbinenko
c1bee64676 Move cpuid code to cpuid.h and TSC code to tsc.c. 2013-10-26 23:39:10 +02:00
Vladimir 'phcoder' Serbinenko
2e4659b810 * grub-core/loader/i386/bsd.c: Remove variable length arrays. 2013-10-20 23:45:43 +02:00
Vladimir 'phcoder' Serbinenko
e89c2d48a9 Lift 255x255 erminal sie restriction to 65535x65535. Also change from
bitmasks to small structures of size chosen to fit in registers.
2013-10-19 23:59:32 +02:00
Vladimir 'phcoder' Serbinenko
6de9ee86bf Pass-through unknown E820 types. It required reorganisation of mmap
module.
2013-10-14 16:33:44 +02:00
Vladimir 'phcoder' Serbinenko
f82d79c984 * include/grub/mm.h (grub_extend_alloc): Remove.
* grub-core/loader/i386/pc/plan9.c: Use own version of
	grub_extend_alloc with appropriate types.
2013-08-22 16:44:20 +02:00
sutre@tahoe
ad1fe3f91f Always fill bootdisk info and improve check for NetBSD disklabel. 2013-08-16 19:41:33 +02:00
Vladimir 'phcoder' Serbinenko
99c971afd3 Add support for processed coreboot payload chainloading. 2013-06-16 02:54:37 +02:00
Vladimir 'phcoder' Serbinenko
d22840ec12 Mark few forgotten strings for translation. 2013-05-07 11:41:47 +02:00
Vladimir 'phcoder' Serbinenko
095accd14b * grub-core/loader/i386/linux.c (grub_linux_setup_video): Add
GRUB_VIDEO_ADAPTER_CAPTURE: to handled drived ids.
2013-05-02 18:06:39 +02:00
Vladimir 'phcoder' Serbinenko
02adbb932d * grub-core/io/lzopio.c: Use GRUB_PROPERLY_ALIGNED_ARRAY.
* grub-core/loader/i386/bsd.c: Likewise.
2013-04-28 15:18:50 +02:00
Vladimir 'phcoder' Serbinenko
1a40f80c98 * grub-core/loader/i386/linux.c (grub_linux_boot): Default to
gfxpayload=keep if cbfb is active.
2013-04-24 14:53:00 +02:00
Vladimir 'phcoder' Serbinenko
45fbd9a23f Add missing video ids to coreboot and ieee1275 video. 2013-04-24 14:44:15 +02:00
Vladimir 'phcoder' Serbinenko
cc2fa5ec1e * grub-core/loader/i386/linux.c: Remove useless leftover pointer. 2013-04-14 19:01:23 +02:00
Vladimir 'phcoder' Serbinenko
6a7fb94bfb Replace the region at 0 from coreboot tables to available in BSD
memory map.
2013-03-25 10:23:04 +01:00
Vladimir 'phcoder' Serbinenko
92750e4c60 Add ability to generate newc additions on runtime. 2013-03-22 21:01:28 +01:00