rpms / grub2

Clone
Source Code
GIT

Blame SOURCES/0355-verifiers-provide-unsafe-module-list.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-i686 c8 c8-beta c8s c9 c9-beta
  1.   030dc35c0a4ca8e752cad5c13493ee6e6814c8b9
  2.   SOURCES
  3.   0355-verifiers-provide-unsafe-module-list.patch
Blob History Raw
5975ab 
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
5975ab 
From: Daniel Axtens <dja@axtens.net>
5975ab 
Date: Wed, 29 Jul 2020 17:46:16 +1000
5975ab 
Subject: [PATCH] verifiers: provide unsafe module list
5975ab
5975ab 
Other verifiers that implement secure boot may want to be able to
5975ab 
use this list and behaviour.
5975ab
5975ab 
Upstream, this factors the list out of the shim_lock verifier.
5975ab 
However, that hasn't hit the RHEL8.4 tree yet, so instead
5975ab 
of factoring it out of that we just create it.
5975ab
5975ab 
Signed-off-by: Daniel Axtens <dja@axtens.net>
5975ab 
---
5975ab 
 grub-core/commands/verifiers.c | 46 ++++++++++++++++++++++++++++++++++++++++++
5975ab 
 include/grub/verify.h          | 13 ++++++++++++
5975ab 
 2 files changed, 59 insertions(+)
5975ab
5975ab 
diff --git a/grub-core/commands/verifiers.c b/grub-core/commands/verifiers.c
030dc3 
index 599d79b757e..f64343ac90b 100644
5975ab 
--- a/grub-core/commands/verifiers.c
5975ab 
+++ b/grub-core/commands/verifiers.c
5975ab 
@@ -218,6 +218,52 @@ grub_verify_string (char *str, enum grub_verify_string_type type)
5975ab 
   return GRUB_ERR_NONE;
5975ab 
 }
5975ab
5975ab 
+/* List of modules which may allow for verifcation to be bypassed. */
5975ab 
+static const char *const disabled_mods[] = { "iorw", "memrw", "wrmsr", NULL };
5975ab 
+
5975ab 
+/*
5975ab 
+ * Does the module in file `io' allow for the a verifier to be bypassed?
5975ab 
+ *
5975ab 
+ * Returns 1 if so, otherwise 0.
5975ab 
+ */
5975ab 
+char
5975ab 
+grub_is_dangerous_module (grub_file_t io)
5975ab 
+{
5975ab 
+  char *b, *e;
5975ab 
+  int i;
5975ab 
+
5975ab 
+  /* Establish GRUB module name. */
5975ab 
+  b = grub_strrchr (io->name, '/');
5975ab 
+  e = grub_strrchr (io->name, '.');
5975ab 
+
5975ab 
+  b = b ? (b + 1) : io->name;
5975ab 
+  e = e ? e : io->name + grub_strlen (io->name);
5975ab 
+  e = (e > b) ? e : io->name + grub_strlen (io->name);
5975ab 
+
5975ab 
+  for (i = 0; disabled_mods[i]; i++)
5975ab 
+    if (!grub_strncmp (b, disabled_mods[i],
5975ab 
+		       grub_strlen (b) - grub_strlen (e)))
5975ab 
+      return 1;
5975ab 
+  return 0;
5975ab 
+}
5975ab 
+
5975ab 
+/*
5975ab 
+ * Is there already an unsafe module in memory?
5975ab 
+ * Returns the name if one is loaded, otherwise NULL.
5975ab 
+ */
5975ab 
+const char *
5975ab 
+grub_dangerous_module_loaded (void)
5975ab 
+{
5975ab 
+  int i;
5975ab 
+
5975ab 
+  for (i = 0; disabled_mods[i]; i++)
5975ab 
+    if (grub_dl_get (disabled_mods[i]))
5975ab 
+      {
5975ab 
+	return disabled_mods[i];
5975ab 
+      }
5975ab 
+  return NULL;
5975ab 
+}
5975ab 
+
5975ab 
 GRUB_MOD_INIT(verifiers)
5975ab 
 {
5975ab 
   grub_file_filter_register (GRUB_FILE_FILTER_VERIFY, grub_verifiers_open);
5975ab 
diff --git a/include/grub/verify.h b/include/grub/verify.h
030dc3 
index 79022b42258..60c13e7ea8e 100644
5975ab 
--- a/include/grub/verify.h
5975ab 
+++ b/include/grub/verify.h
5975ab 
@@ -76,3 +76,16 @@ grub_verifier_unregister (struct grub_file_verifier *ver)
5975ab
5975ab 
 grub_err_t
5975ab 
 grub_verify_string (char *str, enum grub_verify_string_type type);
5975ab 
+
5975ab 
+/*
5975ab 
+ * Does the module in file `io' allow for the a verifier to be bypassed?
5975ab 
+ *
5975ab 
+ * Returns 1 if so, otherwise 0.
5975ab 
+ */
5975ab 
+char grub_is_dangerous_module (grub_file_t io);
5975ab 
+
5975ab 
+/*
5975ab 
+ * Is there already an unsafe module in memory?
5975ab 
+ * Returns the name if one is loaded, otherwise NULL.
5975ab 
+ */
5975ab 
+const char *grub_dangerous_module_loaded (void);

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation