proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-16 11:21:02 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

commands/setpci: Restrict setpci command when locked down

Browse Source 
This command can set PCI devices register values, which makes it dangerous
in a locked down configuration. Restrict it so can't be used on this setup.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Javier Martinez Canillas 2021-02-24 22:59:59 +01:00 committed by Daniel Kiper
parent 468a5699b2
commit 58b77d4069
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
grub-core/commands/setpci.c
View File

@ -328,10 +328,10 @@ static grub_extcmd_t cmd;
GRUB_MOD_INIT(setpci)
{
cmd = grub_register_extcmd ("setpci", grub_cmd_setpci, 0,
N_("[-s POSITION] [-d DEVICE] [-v VAR] "
"REGISTER[=VALUE[:MASK]]"),
N_("Manipulate PCI devices."), options);
cmd = grub_register_extcmd_lockdown ("setpci", grub_cmd_setpci, 0,
N_("[-s POSITION] [-d DEVICE] [-v VAR] "
"REGISTER[=VALUE[:MASK]]"),
N_("Manipulate PCI devices."), options);
}
GRUB_MOD_FINI(setpci)