Commit graph

8786 commits

Author SHA1 Message Date
Matthew Garrett
e5ee3e8fa5 Add verity hash passthrough
Read the verity hash from the kernel binary and pass it to the running
system via the kernel command line
2015-06-23 13:15:53 -07:00
Matthew Garrett
2755ecd157 Add efi getenv command
Add a command to obtain the contents of EFI firmware variables.
2015-04-22 13:08:26 -07:00
Matthew Garrett
9b669efb38 Fail validation if we can't find shim and Secure Boot is enabled
If grub is signed with a key that's in the trusted EFI keyring, an attacker
can point a boot entry at grub rather than at shim and grub will fail to
locate the shim verification protocol. This would then allow booting an
arbitrary kernel image. Fail validation if Secure Boot is enabled and we
can't find the shim protocol in order to prevent this.
2015-04-22 12:47:49 -07:00
Colin Watson
25850cfd50 Don't allow insmod when secure boot is enabled.
Hi,

Fedora's patch to forbid insmod in UEFI Secure Boot environments is fine
as far as it goes.  However, the insmod command is not the only way that
modules can be loaded.  In particular, the 'normal' command, which
implements the usual GRUB menu and the fully-featured command prompt,
will implicitly load commands not currently loaded into memory.  This
permits trivial Secure Boot violations by writing commands implementing
whatever you want to do and pointing $prefix at the malicious code.

I'm currently test-building this patch (replacing your current
grub-2.00-no-insmod-on-sb.patch), but this should be more correct.  It
moves the check into grub_dl_load_file.
2015-04-22 12:47:49 -07:00
Michael Marineau
4f35e11003 Merge pull request #7 from marineam/gptprio
Generic GPT partition search commands
2014-12-05 16:46:27 -08:00
Michael Marineau
c70627bc9f gpt: add search by partition label and uuid commands
Builds on the existing filesystem search code. Only for GPT right now.
2014-11-27 18:49:24 -08:00
Michael Marineau
9c61d9bc2c tests: add some partitions to the gpt unit test data 2014-11-27 16:39:07 -08:00
Michael Marineau
daa4fbd477 gpt: switch partition names to a 16 bit type
In UEFI/GPT strings are UTF-16 so use a uint16 to make dealing with the
string practical.
2014-11-27 16:39:07 -08:00
Michael Marineau
13761c8675 gpt: move gpt guid printing function to common library 2014-11-27 16:39:07 -08:00
Michael Marineau
b97f2fa47e Merge pull request #6 from coreos/gnu
Merge upstream GRUB changes
2014-11-23 17:58:18 -07:00
Michael Marineau
d385aa5755 Merge pull request #5 from marineam/gptprio
Initial implementaiton of the gptprio 'next' command for grub.
2014-11-23 15:59:43 -07:00
Michael Marineau
e49d5b587e gpt: new gptprio.next command for selecting priority based partitions
Basic usage would look something like this:

    gptprio.next -d usr_dev -u usr_uuid
    linuxefi ($usr_dev)/boot/vmlinuz mount.usr=PARTUUID=$usr_uuid

After booting the system should set the 'successful' bit on the
partition that was used.
2014-11-23 15:39:57 -07:00
Andrei Borzenkov
e2dd6daa8c grub-fs-tester: consistently print output of grub ls if test fails 2014-11-20 20:56:51 +03:00
Andrei Borzenkov
2ccaa3b9fd Fix date in last ChangeLog entry 2014-11-20 20:54:49 +03:00
Leif Lindholm
004a2b1efd efi: check *path non-null before grub_strrchr
The EFI version of grub_machine_get_bootlocation crops the boot image
name back to the last / in order to get a directory path. However, it
does not check that *name is actually set before calling grub_strrchr
to do this, and neither does grub_strrchr before dereferencing a NULL
pointer.

Parent function, grub_set_prefix_and_root, does check the pointer
before using.
2014-11-17 14:11:01 +00:00
Michael Marineau
d3c2759e83 gpt: split out checksum recomputation
For basic data modifications the full repair function is overkill.
2014-11-15 13:32:37 -08:00
Michael Marineau
6278c3e75f gpt: add a new generic GUID type
In order to do anything with partition GUIDs they need to be stored in a
proper structure like the partition type GUIDs. Additionally add an
initializer macro to simplify defining both GUID types.
2014-11-15 13:32:37 -08:00
Michael Marineau
7ed934533c Merge pull request #4 from marineam/secure
Add support for linuxefi
2014-11-06 12:29:18 -08:00
Matthew Garrett
0de7775230 Add support for linuxefi 2014-11-05 20:40:53 -08:00
Michael Chang
72ec399ad8 icmp6 fix no respond to neighbor solicit message
The structure size used in grub_netbuff_pull to get the pointer to
option header is apparently wrong, which leads to subsequent range check
failed and therefore not responding to any neighbor solicit message in my
testing.
2014-11-03 20:03:04 +03:00
Michael Marineau
6cee30ef82 Merge pull request #2 from marineam/gptprio
GPT write support and repair command
2014-10-21 13:52:22 -07:00
Michael Marineau
051545ddf0 gpt: add write function and gptrepair command
The first hint of something practical, a command that can restore any of
the GPT structures from the alternate location. New test case must run
under QEMU because the loopback device used by the other unit tests does
not support writing.
2014-10-20 14:10:47 -07:00
Michael Marineau
478458d404 gpt: add new repair function to sync up primary and backup tables. 2014-10-20 13:54:58 -07:00
Michael Marineau
dc6076187e gpt: consolidate crc32 computation code
The gcrypt API is overly verbose, wrap it up in a helper function to
keep this rather common operation easy to use.
2014-10-20 13:54:58 -07:00
Michael Marineau
4dd009a6fb gpt: record size of of the entries table
The size of the entries table will be needed later when writing it back
to disk. Restructure the entries reading code to flow a little better.
2014-10-20 13:54:58 -07:00
Michael Marineau
3b2674aef7 gpt: rename misnamed header location fields
The header location fields refer to 'this header' and 'alternate header'
respectively, not 'primary header' and 'backup header'. The previous
field names are backwards for the backup header.
2014-10-20 13:52:55 -07:00
Michael Marineau
7ac3d8a7bf Merge pull request #3 from marineam/tests
tests: fix path to words file on Gentoo/CoreOS
2014-10-20 11:49:35 -07:00
Michael Marineau
e726b8b78d tests: fix path to words file on Gentoo/CoreOS
By default there isn't a linux.words file, but there is words.
2014-10-19 20:44:34 -07:00
Michael Marineau
4324e84c12 Merge pull request #1 from marineam/gptprio
Begin new GPT implementation for GRUB2
2014-10-18 13:57:17 -07:00
Michael Marineau
f82f65f338 gpt: start new GPT module
This module is a new implementation for reading GUID Partition Tables
which is much stricter than the existing part_gpt module and exports GPT
data directly instead of the generic grub_partition structure. It will
be the basis for modules that need to read/write/update GPT data.

The current code does nothing more than read and verify the table.
2014-10-18 13:54:54 -07:00
Michael Marineau
28b0af948e linguas: use en_US as UTF-8 locale, C.UTF-8 is not a standard locale.
Apparently some distros like Debian provide C.UTF-8 but it isn't
actually fully supported by glibc and thus is not available on all
systems, neither Gentoo nor Fedora provide it.

https://sourceware.org/bugzilla/show_bug.cgi?id=17318
2014-10-14 12:20:26 -07:00
Andrei Borzenkov
9a67e1ac8e Use full initializer for initrd_ctx to avoid fatal warnings with older GCC
struct ... foo = { 0, } is valid initializer, but older GCC emits
warning which is fatal error due to -Werror=missing-field-initializer.
So simply use full initializer to avoid these errors. This was fixed
probably in GCC 4.7.

See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36750
2014-10-14 20:12:15 +04:00
Colin Watson
77063f4cb6 Fix in-tree --platform=none
* configure.ac: Only remove include/grub/cpu and
include/grub/machine in the --platform=none case, not all of
include/grub.
2014-09-25 20:59:26 +01:00
Colin Watson
5d90f6e533 Add a new "none" platform that only builds utilities
This makes it possible to build generally-useful utilities such as
grub-mount even if the rest of GRUB has not been ported to the target
CPU.

* configure.ac: Add "none" platform.  Default to it for unsupported
CPUs rather than stopping with a fatal error.  Don't downgrade
x86_64-none to i386.  Define COND_real_platform Automake conditional
if the platform is anything other than "none".  Don't do any include
directory linking for "none".
* Makefile.am: Skip building grub-core and all bootcheck targets if
!COND_real_platform.
* include/grub/time.h: Don't include <grub/cpu/time.h> if GRUB_UTIL
is defined.
2014-09-23 12:06:30 +01:00
Andrey Borzenkov
954fe77163 cleanup: grub_cpu_to_XXX_compile_time for constants
This tries to catch all cases where grub_cpu_to_XXX was used for constant
expressions (including sizeof).
2014-09-22 20:47:10 +04:00
Vladimir Serbinenko
6d05b6383c Revert " Use -Wl,--no-relax rather than -mno-relax for uniformity."
This reverts commit 063f2a04d1.
2014-09-21 19:02:11 +02:00
Valentin Dornauer
0f1f95c7b7 ACPIhalt: Add more ACPI opcodes.
The AML parser implements only a small subset of possible AML
	opcodes. On the Fujitsu Lifebook E744 this and another bug in
	the parser (incorrect handling of TermArg data types) would lead
	to the laptop not turning off (_S5 not found).

	* grub-core/commands/acpihalt.c: Support OpAlias in the AML parser;
	in skip_ext_op(), handle some Type2Opcodes more correctly (TermArgs
	aren't always simply strings!); Add function to skip TermArgs
	* include/grub/acpi.h: Add new opcodes
2014-09-21 18:58:14 +02:00
Vladimir Serbinenko
41c6f91fce * grub-core/normal/main.c: Don't drop to rescue console in
case of password-protected prompt and no menu entries.
2014-09-21 18:51:09 +02:00
Vladimir Serbinenko
7c378c3964 * grub-core/commands/keylayouts.c: Ignore unknown keys. 2014-09-21 18:49:49 +02:00
Vladimir Serbinenko
2988a849fc * grub-core/gmodule.pl.in: Accept newer binutils which output
empty column rather than 0x0.
2014-09-21 18:23:23 +02:00
Vladimir Serbinenko
5e42618e00 Fix wrong commit 2014-09-21 18:18:03 +02:00
Michael Chang
0aece00c54 * grub-core/osdep/unix/config.c: Remove extraneous comma. 2014-09-21 17:49:13 +02:00
Peter Jones
631a820038 Initialized initrd_ctx so we don't free a random pointer from the stack.
Currently, if "linux" fails, the "goto fail;" in grub_cmd_initrd sends us
into grub_initrd_close() without grub_initrd_init() being called, and thus
it never clears initrd_ctx->components.  grub_initrd_close() then frees that
address, which is stale data from the stack.  If the stack happens to have a
stale *address* there that matches a recent allocation, then you'll get a
double free later.

So initialize the memory up front.

Signed-off-by: Peter Jones <pjones@redhat.com>
2014-09-21 10:36:42 +04:00
Colin Watson
60049a0e72 Tidy up ChangeLog formatting. 2014-09-19 14:50:51 +01:00
Khem Raj
a276b84046 Fix build with glibc 2.20
* grub-core/kern/emu/hostfs.c: squahes below warning
  warning: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"

Signed-off-by: Khem Raj <raj.khem@gmail.com>

Upstream-Status: Submitted
2014-09-15 19:59:27 +04:00
Michael Chang
54bd9a0610 Fix incorrect address reference in btrfs
We encountered a weird random kernel initrd unpacking error on btrfs
and finally found it was caused by incorrect address reference in range
check for type GRUB_BTRFS_EXTENT_REGULAR and the entire result is
unpredictable.

This is a quick fix to make the address reference to the
grub_btrfs_extent_data structure correctly, not the pointer variable
to it.

Any suggestions to this patch is welcome.
2014-09-08 11:33:40 +01:00
Colin Watson
2a5a532c00 Support grub-emu on x32 (ILP32 but with x86-64 instruction set)
* configure.ac: Remove -m64 from checks for -mcmodel=large and
-mno-red-zone.  These are always either unnecessary (x86_64-emu) or
already in TARGET_CFLAGS at this point, and they produce incorrect
results when building for x32.
* grub-core/kern/x86_64/dl.c (grub_arch_dl_relocate_symbols): Cast
pointers to Elf64_Xword via grub_addr_t, in order to work on x32.
* include/grub/x86_64/types.h (GRUB_TARGET_SIZEOF_VOID_P,
GRUB_TARGET_SIZEOF_LONG): Define to 4 on x32.
2014-09-07 23:04:50 +01:00
Colin Watson
4d94b2db58 * configure.ac: Remove several unnecessary semicolons. 2014-09-07 20:47:43 +01:00
Colin Watson
1de3a48098 * grub-core/kern/mips/arc/init.c (grub_machine_get_bootlocation):
Initialise pend to pacify GCC.
2014-08-25 15:19:48 -07:00
Andrey Borzenkov
c291f47b2c Fix typo (gettext_print instead of gettext_printf) 2014-08-14 21:02:31 +04:00