proxmox-mirrors/grub2
1
0
Fork 0
mirror of https://git.proxmox.com/git/grub2 synced 2025-07-27 05:57:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
578c95298b
grub2/grub-core/kern
History
Javier Martinez Canillas 578c95298b kern: Add lockdown support 
When the GRUB starts on a secure boot platform, some commands can be
used to subvert the protections provided by the verification mechanism and
could lead to booting untrusted system.

To prevent that situation, allow GRUB to be locked down. That way the code
may check if GRUB has been locked down and further restrict the commands
that are registered or what subset of their functionality could be used.

The lockdown support adds the following components:

* The grub_lockdown() function which can be used to lockdown GRUB if,
  e.g., UEFI Secure Boot is enabled.

* The grub_is_lockdown() function which can be used to check if the GRUB
  was locked down.

* A verifier that flags OS kernels, the GRUB modules, Device Trees and ACPI
  tables as GRUB_VERIFY_FLAGS_DEFER_AUTH to defer verification to other
  verifiers. These files are only successfully verified if another registered
  verifier returns success. Otherwise, the whole verification process fails.

  For example, PE/COFF binaries verification can be done by the shim_lock
  verifier which validates the signatures using the shim_lock protocol.
  However, the verification is not deferred directly to the shim_lock verifier.
  The shim_lock verifier is hooked into the verification process instead.

* A set of grub_{command,extcmd}_lockdown functions that can be used by
  code registering command handlers, to only register unsafe commands if
  the GRUB has not been locked down.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2021-03-02 15:54:15 +01:00
..
arm efi: Fix use-after-free in halt/reboot path 2020-07-29 16:55:48 +02:00
arm64 efi: Fix use-after-free in halt/reboot path 2020-07-29 16:55:48 +02:00
coreboot arm-coreboot: Start new port. 2017-05-08 20:53:28 +02:00
efi efi: Move the shim_lock verifier to the GRUB core 2021-03-02 15:54:15 +01:00
emu emu: Make grub_free(NULL) safe 2020-07-29 16:55:48 +02:00
generic rtc_get_time_ms.c (grub_rtc_get_time_ms): Avoid division by zero. 2015-01-21 17:42:14 +01:00
i386 i386: Don't include <grub/cpu/linux.h> in coreboot and ieee1275 startup.S 2020-12-11 13:52:18 +01:00
ia64 efi: Fix use-after-free in halt/reboot path 2020-07-29 16:55:48 +02:00
ieee1275 ieee1275: NULL pointer dereference in grub_ieee1275_encode_devname() 2019-04-04 18:34:05 +02:00
mips disk: Rename grub_disk_get_size() to grub_disk_native_sectors() 2020-12-12 01:19:03 +01:00
powerpc Support R_PPC_PLTREL24 2019-03-25 15:08:49 +01:00
riscv efi: Fix use-after-free in halt/reboot path 2020-07-29 16:55:48 +02:00
sparc64 sparc64: #blocks64 disk node method 2018-03-05 15:26:36 +01:00
uboot calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
x86_64 x86-64: Treat R_X86_64_PLT32 as R_X86_64_PC32 2018-02-23 22:25:30 +01:00
xen xen: Add basic hooks for PVH in current code 2018-12-12 12:03:27 +01:00
acpi.c Make grub_acpi_find_fadt accessible generically 2016-02-12 11:35:48 +01:00
command.c kern: Add lockdown support 2021-03-02 15:54:15 +01:00
compiler-rt.c mips: Enable __clzdi2() 2020-12-18 23:04:36 +01:00
corecmd.c Change fs functions to add fs_ prefix 2019-04-09 10:03:29 +10:00
device.c Remove nested functions from device iterators. 2013-01-20 15:52:15 +00:00
disk_common.c disk: Move hardcoded max disk size literal to a GRUB_DISK_MAX_SECTORS in disk.h 2020-12-12 01:19:03 +01:00
disk.c disk: Rename grub_disk_get_size() to grub_disk_native_sectors() 2020-12-12 01:19:03 +01:00
dl.c RISC-V: Add awareness for RISC-V reloations 2019-02-25 11:34:09 +01:00
elf.c verifiers: File type for fine-grained signature-verification controlling 2018-11-09 13:25:31 +01:00
elfXX.c kern/elf: fix unintended sign extension 2016-01-09 19:41:26 +03:00
env.c * grub-core/kern/env.c, include/grub/env.h: Change iterator through 2013-03-03 01:34:27 +01:00
err.c * grub-core/kern/misc.c (grub_abort): Make static 2013-10-27 14:13:39 +01:00
file.c Change fs functions to add fs_ prefix 2019-04-09 10:03:29 +10:00
fs.c fs: Fix block lists not being able to address to end of disk sometimes 2020-12-12 01:19:03 +01:00
list.c Remove prio_list. 2012-02-26 22:49:24 +01:00
lockdown.c kern: Add lockdown support 2021-03-02 15:54:15 +01:00
main.c verifiers: Move verifiers API to kernel image 2021-03-02 15:54:15 +01:00
misc.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
mm.c calloc: Make sure we always have an overflow-checking calloc() available 2020-07-29 16:55:47 +02:00
parser.c calloc: Use calloc() at most places 2020-07-29 16:55:47 +02:00
partition.c misc: Make grub_strtol() "end" pointers have safer const qualifiers 2020-02-28 12:41:29 +01:00
rescue_parser.c rescue_parser: restructure code to avoid Coverity false positive 2016-01-09 18:15:27 +03:00
rescue_reader.c Remove nested functions from script reading and parsing. 2013-01-15 12:03:25 +00:00
term.c kern/term: Accept ESC, F4 and holding SHIFT as user interrupt keys 2020-04-21 22:13:44 +02:00
time.c automake commit without merge history 2010-05-06 11:34:04 +05:30
verifiers.c verifiers: Move verifiers API to kernel image 2021-03-02 15:54:15 +01:00
vga_init.c * grub-core/kern/vga_init.c: Fix compilation on qemu-mips. 2013-08-14 09:50:57 +02:00