proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-10-13 07:31:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
03d18df312
grub2/grub-core/loader/i386
History
Luca Boccassi b2c4515a83 Do not overwrite sentinel byte in boot_params, breaks lockdown 
grub currently copies the entire boot_params, which includes setting
sentinel byte to 0xff, which triggers sanitize_boot_params in the kernel
which in turn clears various boot_params variables, including the
indication that the bootloader chain is verified and thus the kernel
disables lockdown mode.  According to the information on the Fedora bug
tracker, only the information from byte 0x1f1 is necessary, so start
copying from there instead.

Author: Luca Boccassi <bluca@debian.org>
Bug-Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=1418360
Forwarded: no

Patch-Name: fix-lockdown.patch
2021-09-27 20:09:39 +01:00
..
coreboot verifiers: File type for fine-grained signature-verification controlling 2018-11-09 13:25:31 +01:00
efi Do not overwrite sentinel byte in boot_params, breaks lockdown 2021-09-27 20:09:39 +01:00
pc loader/i386/pc/linux: Use PRI* macros to get correct format string code across architectures 2021-03-10 14:59:26 +01:00
bsd32.c automake commit without merge history 2010-05-06 11:34:04 +05:30
bsd64.c automake commit without merge history 2010-05-06 11:34:04 +05:30
bsd_pagetable.c * grub-core/commands/legacycfg.c (grub_cmd_legacy_kernel): 2010-10-16 22:16:52 +02:00
bsd.c grub_error: Use format code PRIuGRUB_SIZE for variables of type grub_size_t 2021-03-10 14:50:44 +01:00
bsdXX.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
linux.c Add "linuxefi" loader which avoids ExitBootServices 2021-09-27 20:09:34 +01:00
multiboot_mbi.c relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow 2020-07-29 16:55:48 +02:00
xen_file32.c Add new ports: i386-xen and x86_64-xen. This allows running GRUB in 2013-11-09 21:29:11 +01:00
xen_file64.c Add new ports: i386-xen and x86_64-xen. This allows running GRUB in 2013-11-09 21:29:11 +01:00
xen_file.c verifiers: File type for fine-grained signature-verification controlling 2018-11-09 13:25:31 +01:00
xen_fileXX.c misc: Make grub_strtol() "end" pointers have safer const qualifiers 2020-02-28 12:41:29 +01:00
xen.c relocator: Protect grub_relocator_alloc_chunk_addr() input args against integer underflow/overflow 2020-07-29 16:55:48 +02:00
xnu.c efi: Fix some malformed device path arithmetic errors 2020-07-29 16:55:48 +02:00