rpms / grub2

Clone
Source Code
GIT

Blame SOURCES/0355-verifiers-provide-unsafe-module-list.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-i686 c8 c8-beta c8s c9 c9-beta
  1.   c8-beta
  2.   SOURCES
  3.   0355-verifiers-provide-unsafe-module-list.patch
Blob History Raw
80913e 
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
80913e 
From: Daniel Axtens <dja@axtens.net>
80913e 
Date: Wed, 29 Jul 2020 17:46:16 +1000
80913e 
Subject: [PATCH] verifiers: provide unsafe module list
80913e
80913e 
Other verifiers that implement secure boot may want to be able to
80913e 
use this list and behaviour.
80913e
80913e 
Upstream, this factors the list out of the shim_lock verifier.
80913e 
However, that hasn't hit the RHEL8.4 tree yet, so instead
80913e 
of factoring it out of that we just create it.
80913e
80913e 
Signed-off-by: Daniel Axtens <dja@axtens.net>
80913e 
---
80913e 
 grub-core/commands/verifiers.c | 46 ++++++++++++++++++++++++++++++++++++++++++
80913e 
 include/grub/verify.h          | 13 ++++++++++++
80913e 
 2 files changed, 59 insertions(+)
80913e
80913e 
diff --git a/grub-core/commands/verifiers.c b/grub-core/commands/verifiers.c
b32e65 
index 599d79b75..f64343ac9 100644
80913e 
--- a/grub-core/commands/verifiers.c
80913e 
+++ b/grub-core/commands/verifiers.c
80913e 
@@ -218,6 +218,52 @@ grub_verify_string (char *str, enum grub_verify_string_type type)
80913e 
   return GRUB_ERR_NONE;
80913e 
 }
80913e
80913e 
+/* List of modules which may allow for verifcation to be bypassed. */
80913e 
+static const char *const disabled_mods[] = { "iorw", "memrw", "wrmsr", NULL };
80913e 
+
80913e 
+/*
80913e 
+ * Does the module in file `io' allow for the a verifier to be bypassed?
80913e 
+ *
80913e 
+ * Returns 1 if so, otherwise 0.
80913e 
+ */
80913e 
+char
80913e 
+grub_is_dangerous_module (grub_file_t io)
80913e 
+{
80913e 
+  char *b, *e;
80913e 
+  int i;
80913e 
+
80913e 
+  /* Establish GRUB module name. */
80913e 
+  b = grub_strrchr (io->name, '/');
80913e 
+  e = grub_strrchr (io->name, '.');
80913e 
+
80913e 
+  b = b ? (b + 1) : io->name;
80913e 
+  e = e ? e : io->name + grub_strlen (io->name);
80913e 
+  e = (e > b) ? e : io->name + grub_strlen (io->name);
80913e 
+
80913e 
+  for (i = 0; disabled_mods[i]; i++)
80913e 
+    if (!grub_strncmp (b, disabled_mods[i],
80913e 
+		       grub_strlen (b) - grub_strlen (e)))
80913e 
+      return 1;
80913e 
+  return 0;
80913e 
+}
80913e 
+
80913e 
+/*
80913e 
+ * Is there already an unsafe module in memory?
80913e 
+ * Returns the name if one is loaded, otherwise NULL.
80913e 
+ */
80913e 
+const char *
80913e 
+grub_dangerous_module_loaded (void)
80913e 
+{
80913e 
+  int i;
80913e 
+
80913e 
+  for (i = 0; disabled_mods[i]; i++)
80913e 
+    if (grub_dl_get (disabled_mods[i]))
80913e 
+      {
80913e 
+	return disabled_mods[i];
80913e 
+      }
80913e 
+  return NULL;
80913e 
+}
80913e 
+
80913e 
 GRUB_MOD_INIT(verifiers)
80913e 
 {
80913e 
   grub_file_filter_register (GRUB_FILE_FILTER_VERIFY, grub_verifiers_open);
80913e 
diff --git a/include/grub/verify.h b/include/grub/verify.h
b32e65 
index 79022b422..60c13e7ea 100644
80913e 
--- a/include/grub/verify.h
80913e 
+++ b/include/grub/verify.h
80913e 
@@ -76,3 +76,16 @@ grub_verifier_unregister (struct grub_file_verifier *ver)
80913e
80913e 
 grub_err_t
80913e 
 grub_verify_string (char *str, enum grub_verify_string_type type);
80913e 
+
80913e 
+/*
80913e 
+ * Does the module in file `io' allow for the a verifier to be bypassed?
80913e 
+ *
80913e 
+ * Returns 1 if so, otherwise 0.
80913e 
+ */
80913e 
+char grub_is_dangerous_module (grub_file_t io);
80913e 
+
80913e 
+/*
80913e 
+ * Is there already an unsafe module in memory?
80913e 
+ * Returns the name if one is loaded, otherwise NULL.
80913e 
+ */
80913e 
+const char *grub_dangerous_module_loaded (void);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation