proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-21 16:24:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3d157bbd06
grub2/grub-core/commands/efi
History
Javier Martinez Canillas 468a5699b2 commands: Restrict commands that can load BIOS or DT blobs when locked down 
There are some more commands that should be restricted when the GRUB is
locked down. Following is the list of commands and reasons to restrict:

  * fakebios:   creates BIOS-like structures for backward compatibility with
                existing OSes. This should not be allowed when locked down.

  * loadbios:   reads a BIOS dump from storage and loads it. This action
                should not be allowed when locked down.

  * devicetree: loads a Device Tree blob and passes it to the OS. It replaces
                any Device Tree provided by the firmware. This also should
                not be allowed when locked down.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2021-03-02 15:54:15 +01:00
..
efifwsetup.c efi: Return grub_efi_status_t from grub_efi_get_variable() 2020-12-11 13:54:54 +01:00
fixvideo.c Remove nested functions from PCI iterators. 2013-01-13 01:10:41 +00:00
loadbios.c commands: Restrict commands that can load BIOS or DT blobs when locked down 2021-03-02 15:54:15 +01:00
lsefi.c Fix a segfault in lsefi 2017-08-03 20:03:09 +02:00
lsefimmap.c lsefimmap: support persistent memory and other UEFI 2.5 features 2015-12-17 21:00:44 +03:00
lsefisystab.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
lssal.c * grub-core/commands/efi/lssal.c: Fix terminating condition. 2013-12-11 15:59:12 +01:00
smbios.c smbios: Add a module for retrieving SMBIOS information 2019-07-11 21:06:12 +02:00
tpm.c efi/tpm: Extract duplicate code into independent functions 2020-12-12 01:19:03 +01:00