|
|
5975ab |
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
5975ab |
From: Vladimir Serbinenko <phcoder@gmail.com>
|
|
|
5975ab |
Date: Tue, 7 Feb 2017 02:10:14 +0100
|
|
|
5975ab |
Subject: [PATCH] verifiers: Add possibility to verify kernel and modules
|
|
|
5975ab |
command lines
|
|
|
5975ab |
|
|
|
5975ab |
Signed-off-by: Vladimir Serbinenko <phcoder@gmail.com>
|
|
|
5975ab |
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
|
|
|
5975ab |
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
|
|
|
5975ab |
(backported from 4d4a8c96e3593d76fe7b025665ccdecc70a53c1f)
|
|
|
5975ab |
Signed-off-by: Daniel Axtens <dja@axtens.net>
|
|
|
5975ab |
---
|
|
|
5975ab |
grub-core/commands/verifiers.c | 14 ++++++++++++++
|
|
|
5975ab |
grub-core/lib/cmdline.c | 7 ++++---
|
|
|
5975ab |
grub-core/loader/arm/linux.c | 8 ++++++--
|
|
|
5975ab |
grub-core/loader/arm64/linux.c | 10 +++++++---
|
|
|
5975ab |
grub-core/loader/i386/bsd.c | 6 ++++++
|
|
|
5975ab |
grub-core/loader/i386/linux.c | 16 +++++++++++-----
|
|
|
5975ab |
grub-core/loader/i386/multiboot_mbi.c | 16 ++++++++++------
|
|
|
5975ab |
grub-core/loader/i386/pc/linux.c | 13 ++++++++-----
|
|
|
5975ab |
grub-core/loader/i386/pc/plan9.c | 11 +++++++++++
|
|
|
5975ab |
grub-core/loader/i386/xen.c | 7 +++++++
|
|
|
5975ab |
grub-core/loader/ia64/efi/linux.c | 7 +++++++
|
|
|
5975ab |
grub-core/loader/mips/linux.c | 8 ++++++++
|
|
|
5975ab |
grub-core/loader/multiboot_mbi2.c | 8 +++-----
|
|
|
5975ab |
grub-core/loader/powerpc/ieee1275/linux.c | 5 +++--
|
|
|
5975ab |
grub-core/loader/sparc64/ieee1275/linux.c | 5 +++--
|
|
|
5975ab |
grub-core/loader/xnu.c | 9 +++++++++
|
|
|
5975ab |
include/grub/lib/cmdline.h | 5 +++--
|
|
|
5975ab |
include/grub/verify.h | 11 +++++++++++
|
|
|
5975ab |
18 files changed, 131 insertions(+), 35 deletions(-)
|
|
|
5975ab |
|
|
|
5975ab |
diff --git a/grub-core/commands/verifiers.c b/grub-core/commands/verifiers.c
|
|
|
f6e916 |
index fde88318d..59ea418a2 100644
|
|
|
5975ab |
--- a/grub-core/commands/verifiers.c
|
|
|
5975ab |
+++ b/grub-core/commands/verifiers.c
|
|
|
5975ab |
@@ -186,6 +186,20 @@ grub_verifiers_open (grub_file_t io, enum grub_file_type type)
|
|
|
5975ab |
return NULL;
|
|
|
5975ab |
}
|
|
|
5975ab |
|
|
|
5975ab |
+grub_err_t
|
|
|
5975ab |
+grub_verify_string (char *str, enum grub_verify_string_type type)
|
|
|
5975ab |
+{
|
|
|
5975ab |
+ struct grub_file_verifier *ver;
|
|
|
5975ab |
+ FOR_LIST_ELEMENTS(ver, grub_file_verifiers)
|
|
|
5975ab |
+ {
|
|
|
5975ab |
+ grub_err_t err;
|
|
|
5975ab |
+ err = ver->verify_string ? ver->verify_string (str, type) : GRUB_ERR_NONE;
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ return err;
|
|
|
5975ab |
+ }
|
|
|
5975ab |
+ return GRUB_ERR_NONE;
|
|
|
5975ab |
+}
|
|
|
5975ab |
+
|
|
|
5975ab |
GRUB_MOD_INIT(verifiers)
|
|
|
5975ab |
{
|
|
|
5975ab |
grub_file_filter_register (GRUB_FILE_FILTER_VERIFY, grub_verifiers_open);
|
|
|
5975ab |
diff --git a/grub-core/lib/cmdline.c b/grub-core/lib/cmdline.c
|
|
|
f6e916 |
index d5c12957c..463c3c65c 100644
|
|
|
5975ab |
--- a/grub-core/lib/cmdline.c
|
|
|
5975ab |
+++ b/grub-core/lib/cmdline.c
|
|
|
5975ab |
@@ -75,8 +75,9 @@ unsigned int grub_loader_cmdline_size (int argc, char *argv[])
|
|
|
5975ab |
return size;
|
|
|
5975ab |
}
|
|
|
5975ab |
|
|
|
5975ab |
-int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
|
|
5975ab |
- grub_size_t size)
|
|
|
5975ab |
+grub_err_t
|
|
|
5975ab |
+grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
|
|
5975ab |
+ grub_size_t size, enum grub_verify_string_type type)
|
|
|
5975ab |
{
|
|
|
5975ab |
int i, space;
|
|
|
5975ab |
unsigned int arg_size;
|
|
|
5975ab |
@@ -130,5 +131,5 @@ int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
|
|
5975ab |
"grub_kernel_cmdline", orig);
|
|
|
5975ab |
grub_print_error();
|
|
|
5975ab |
|
|
|
5975ab |
- return i;
|
|
|
5975ab |
+ return grub_verify_string (orig, type);
|
|
|
5975ab |
}
|
|
|
5975ab |
diff --git a/grub-core/loader/arm/linux.c b/grub-core/loader/arm/linux.c
|
|
|
f6e916 |
index ea29d7a72..beceda520 100644
|
|
|
5975ab |
--- a/grub-core/loader/arm/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/arm/linux.c
|
|
|
5975ab |
@@ -28,6 +28,7 @@
|
|
|
5975ab |
#include <grub/cpu/linux.h>
|
|
|
5975ab |
#include <grub/lib/cmdline.h>
|
|
|
5975ab |
#include <grub/linux.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
|
|
|
5975ab |
GRUB_MOD_LICENSE ("GPLv3+");
|
|
|
5975ab |
|
|
|
5975ab |
@@ -383,8 +384,11 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
|
|
|
5975ab |
/* Create kernel command line. */
|
|
|
5975ab |
grub_memcpy (linux_args, LINUX_IMAGE, sizeof (LINUX_IMAGE));
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
- linux_args + sizeof (LINUX_IMAGE) - 1, size);
|
|
|
5975ab |
+ err = grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
+ linux_args + sizeof (LINUX_IMAGE) - 1, size,
|
|
|
5975ab |
+ GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ goto fail;
|
|
|
5975ab |
|
|
|
5975ab |
return GRUB_ERR_NONE;
|
|
|
5975ab |
|
|
|
5975ab |
diff --git a/grub-core/loader/arm64/linux.c b/grub-core/loader/arm64/linux.c
|
|
|
f6e916 |
index 7a076c131..48ea66596 100644
|
|
|
5975ab |
--- a/grub-core/loader/arm64/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/arm64/linux.c
|
|
|
5975ab |
@@ -33,6 +33,7 @@
|
|
|
5975ab |
#include <grub/efi/pe32.h>
|
|
|
5975ab |
#include <grub/i18n.h>
|
|
|
5975ab |
#include <grub/lib/cmdline.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
|
|
|
5975ab |
GRUB_MOD_LICENSE ("GPLv3+");
|
|
|
5975ab |
|
|
|
5975ab |
@@ -403,9 +404,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
goto fail;
|
|
|
5975ab |
}
|
|
|
5975ab |
grub_memcpy (linux_args, LINUX_IMAGE, sizeof (LINUX_IMAGE));
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
- linux_args + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
- cmdline_size);
|
|
|
5975ab |
+ err = grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
+ linux_args + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
+ cmdline_size,
|
|
|
5975ab |
+ GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ goto fail;
|
|
|
5975ab |
|
|
|
5975ab |
if (grub_errno == GRUB_ERR_NONE)
|
|
|
5975ab |
{
|
|
|
5975ab |
diff --git a/grub-core/loader/i386/bsd.c b/grub-core/loader/i386/bsd.c
|
|
|
f6e916 |
index 8306b415a..45a715099 100644
|
|
|
5975ab |
--- a/grub-core/loader/i386/bsd.c
|
|
|
5975ab |
+++ b/grub-core/loader/i386/bsd.c
|
|
|
5975ab |
@@ -36,6 +36,7 @@
|
|
|
5975ab |
#include <grub/bsdlabel.h>
|
|
|
5975ab |
#include <grub/crypto.h>
|
|
|
5975ab |
#include <grub/safemath.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
#ifdef GRUB_MACHINE_PCBIOS
|
|
|
5975ab |
#include <grub/machine/int.h>
|
|
|
5975ab |
#endif
|
|
|
5975ab |
@@ -418,6 +419,8 @@ grub_freebsd_add_meta_module (const char *filename, const char *type,
|
|
|
5975ab |
grub_addr_t addr, grub_uint32_t size)
|
|
|
5975ab |
{
|
|
|
5975ab |
const char *name;
|
|
|
5975ab |
+ grub_err_t err;
|
|
|
5975ab |
+
|
|
|
5975ab |
name = grub_strrchr (filename, '/');
|
|
|
5975ab |
if (name)
|
|
|
5975ab |
name++;
|
|
|
5975ab |
@@ -471,6 +474,9 @@ grub_freebsd_add_meta_module (const char *filename, const char *type,
|
|
|
5975ab |
*(p++) = ' ';
|
|
|
5975ab |
}
|
|
|
5975ab |
*p = 0;
|
|
|
5975ab |
+ err = grub_verify_string (cmdline, GRUB_VERIFY_MODULE_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ return err;
|
|
|
5975ab |
}
|
|
|
5975ab |
}
|
|
|
5975ab |
|
|
|
5975ab |
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
|
|
|
f6e916 |
index aa2cbc4e7..ef8fcb9e1 100644
|
|
|
5975ab |
--- a/grub-core/loader/i386/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/i386/linux.c
|
|
|
5975ab |
@@ -1039,11 +1039,17 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
if (!linux_cmdline)
|
|
|
5975ab |
goto fail;
|
|
|
5975ab |
grub_memcpy (linux_cmdline, LINUX_IMAGE, sizeof (LINUX_IMAGE));
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
- linux_cmdline
|
|
|
5975ab |
- + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
- maximal_cmdline_size
|
|
|
5975ab |
- - (sizeof (LINUX_IMAGE) - 1));
|
|
|
5975ab |
+ {
|
|
|
5975ab |
+ grub_err_t err;
|
|
|
5975ab |
+ err = grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
+ linux_cmdline
|
|
|
5975ab |
+ + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
+ maximal_cmdline_size
|
|
|
5975ab |
+ - (sizeof (LINUX_IMAGE) - 1),
|
|
|
5975ab |
+ GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ goto fail;
|
|
|
5975ab |
+ }
|
|
|
5975ab |
|
|
|
5975ab |
len = prot_file_size;
|
|
|
5975ab |
grub_memcpy (prot_mode_mem, kernel + kernel_offset, len);
|
|
|
5975ab |
diff --git a/grub-core/loader/i386/multiboot_mbi.c b/grub-core/loader/i386/multiboot_mbi.c
|
|
|
f6e916 |
index 9d3466d6a..525446b56 100644
|
|
|
5975ab |
--- a/grub-core/loader/i386/multiboot_mbi.c
|
|
|
5975ab |
+++ b/grub-core/loader/i386/multiboot_mbi.c
|
|
|
5975ab |
@@ -676,10 +676,8 @@ grub_multiboot_init_mbi (int argc, char *argv[])
|
|
|
5975ab |
return grub_errno;
|
|
|
5975ab |
cmdline_size = len;
|
|
|
5975ab |
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv, cmdline,
|
|
|
5975ab |
- cmdline_size);
|
|
|
5975ab |
-
|
|
|
5975ab |
- return GRUB_ERR_NONE;
|
|
|
5975ab |
+ return grub_create_loader_cmdline (argc, argv, cmdline,
|
|
|
5975ab |
+ cmdline_size, GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
}
|
|
|
5975ab |
|
|
|
5975ab |
grub_err_t
|
|
|
5975ab |
@@ -688,6 +686,7 @@ grub_multiboot_add_module (grub_addr_t start, grub_size_t size,
|
|
|
5975ab |
{
|
|
|
5975ab |
struct module *newmod;
|
|
|
5975ab |
grub_size_t len = 0;
|
|
|
5975ab |
+ grub_err_t err;
|
|
|
5975ab |
|
|
|
5975ab |
newmod = grub_malloc (sizeof (*newmod));
|
|
|
5975ab |
if (!newmod)
|
|
|
5975ab |
@@ -707,8 +706,13 @@ grub_multiboot_add_module (grub_addr_t start, grub_size_t size,
|
|
|
5975ab |
newmod->cmdline_size = len;
|
|
|
5975ab |
total_modcmd += ALIGN_UP (len, 4);
|
|
|
5975ab |
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv, newmod->cmdline,
|
|
|
5975ab |
- newmod->cmdline_size);
|
|
|
5975ab |
+ err = grub_create_loader_cmdline (argc, argv, newmod->cmdline,
|
|
|
5975ab |
+ newmod->cmdline_size, GRUB_VERIFY_MODULE_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ {
|
|
|
5975ab |
+ grub_free (newmod);
|
|
|
5975ab |
+ return grub_errno;
|
|
|
5975ab |
+ }
|
|
|
5975ab |
|
|
|
5975ab |
if (modules_last)
|
|
|
5975ab |
modules_last->next = newmod;
|
|
|
5975ab |
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
|
|
|
f6e916 |
index b5c28c658..f631225f5 100644
|
|
|
5975ab |
--- a/grub-core/loader/i386/pc/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/i386/pc/linux.c
|
|
|
5975ab |
@@ -348,11 +348,14 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
/* Create kernel command line. */
|
|
|
5975ab |
grub_memcpy ((char *)grub_linux_real_chunk + GRUB_LINUX_CL_OFFSET,
|
|
|
5975ab |
LINUX_IMAGE, sizeof (LINUX_IMAGE));
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
- (char *)grub_linux_real_chunk
|
|
|
5975ab |
- + GRUB_LINUX_CL_OFFSET + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
- maximal_cmdline_size
|
|
|
5975ab |
- - (sizeof (LINUX_IMAGE) - 1));
|
|
|
5975ab |
+ err = grub_create_loader_cmdline (argc, argv,
|
|
|
5975ab |
+ (char *)grub_linux_real_chunk
|
|
|
5975ab |
+ + GRUB_LINUX_CL_OFFSET + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
+ maximal_cmdline_size
|
|
|
5975ab |
+ - (sizeof (LINUX_IMAGE) - 1),
|
|
|
5975ab |
+ GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ goto fail;
|
|
|
5975ab |
|
|
|
5975ab |
if (grub_linux_is_bzimage)
|
|
|
5975ab |
grub_linux_prot_target = GRUB_LINUX_BZIMAGE_ADDR;
|
|
|
5975ab |
diff --git a/grub-core/loader/i386/pc/plan9.c b/grub-core/loader/i386/pc/plan9.c
|
|
|
f6e916 |
index 0351090da..37550155d 100644
|
|
|
5975ab |
--- a/grub-core/loader/i386/pc/plan9.c
|
|
|
5975ab |
+++ b/grub-core/loader/i386/pc/plan9.c
|
|
|
5975ab |
@@ -33,6 +33,7 @@
|
|
|
5975ab |
#include <grub/mm.h>
|
|
|
5975ab |
#include <grub/cpu/relocator.h>
|
|
|
5975ab |
#include <grub/extcmd.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
|
|
|
5975ab |
GRUB_MOD_LICENSE ("GPLv3+");
|
|
|
5975ab |
|
|
|
5975ab |
@@ -505,6 +506,7 @@ grub_cmd_plan9 (grub_extcmd_context_t ctxt, int argc, char *argv[])
|
|
|
5975ab |
configptr = grub_stpcpy (configptr, "bootfile=");
|
|
|
5975ab |
configptr = grub_stpcpy (configptr, bootpath);
|
|
|
5975ab |
*configptr++ = '\n';
|
|
|
5975ab |
+ char *cmdline = configptr;
|
|
|
5975ab |
{
|
|
|
5975ab |
int i;
|
|
|
5975ab |
for (i = 1; i < argc; i++)
|
|
|
5975ab |
@@ -513,6 +515,15 @@ grub_cmd_plan9 (grub_extcmd_context_t ctxt, int argc, char *argv[])
|
|
|
5975ab |
*configptr++ = '\n';
|
|
|
5975ab |
}
|
|
|
5975ab |
}
|
|
|
5975ab |
+
|
|
|
5975ab |
+ {
|
|
|
5975ab |
+ grub_err_t err;
|
|
|
5975ab |
+ *configptr = '\0';
|
|
|
5975ab |
+ err = grub_verify_string (cmdline, GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ goto fail;
|
|
|
5975ab |
+ }
|
|
|
5975ab |
+
|
|
|
5975ab |
configptr = grub_stpcpy (configptr, fill_ctx.pmap);
|
|
|
5975ab |
|
|
|
5975ab |
{
|
|
|
5975ab |
diff --git a/grub-core/loader/i386/xen.c b/grub-core/loader/i386/xen.c
|
|
|
f6e916 |
index 82350d3a1..07a4837c5 100644
|
|
|
5975ab |
--- a/grub-core/loader/i386/xen.c
|
|
|
5975ab |
+++ b/grub-core/loader/i386/xen.c
|
|
|
5975ab |
@@ -41,6 +41,7 @@
|
|
|
5975ab |
#include <grub/linux.h>
|
|
|
5975ab |
#include <grub/i386/memory.h>
|
|
|
5975ab |
#include <grub/safemath.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
|
|
|
5975ab |
GRUB_MOD_LICENSE ("GPLv3+");
|
|
|
5975ab |
|
|
|
5975ab |
@@ -649,6 +650,9 @@ grub_cmd_xen (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
grub_create_loader_cmdline (argc - 1, argv + 1,
|
|
|
5975ab |
(char *) xen_state.next_start.cmd_line,
|
|
|
5975ab |
sizeof (xen_state.next_start.cmd_line) - 1);
|
|
|
5975ab |
+ err = grub_verify_string (xen_state.next_start.cmd_line, GRUB_VERIFY_MODULE_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ return err;
|
|
|
5975ab |
|
|
|
5975ab |
file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL);
|
|
|
5975ab |
if (!file)
|
|
|
5975ab |
@@ -916,6 +920,9 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
|
|
|
5975ab |
grub_create_loader_cmdline (argc - 1, argv + 1,
|
|
|
5975ab |
get_virtual_current_address (ch), cmdline_len);
|
|
|
5975ab |
+ err = grub_verify_string (get_virtual_current_address (ch), GRUB_VERIFY_MODULE_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ goto fail;
|
|
|
5975ab |
|
|
|
5975ab |
xen_state.module_info_page[xen_state.n_modules].cmdline =
|
|
|
5975ab |
xen_state.max_addr - xen_state.modules_target_start;
|
|
|
5975ab |
diff --git a/grub-core/loader/ia64/efi/linux.c b/grub-core/loader/ia64/efi/linux.c
|
|
|
f6e916 |
index 750330d45..e325fe0ee 100644
|
|
|
5975ab |
--- a/grub-core/loader/ia64/efi/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/ia64/efi/linux.c
|
|
|
5975ab |
@@ -33,6 +33,7 @@
|
|
|
5975ab |
#include <grub/i18n.h>
|
|
|
5975ab |
#include <grub/env.h>
|
|
|
5975ab |
#include <grub/linux.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
|
|
|
5975ab |
GRUB_MOD_LICENSE ("GPLv3+");
|
|
|
5975ab |
|
|
|
5975ab |
@@ -543,6 +544,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
p = grub_stpcpy (p, argv[i]);
|
|
|
5975ab |
}
|
|
|
5975ab |
cmdline[10] = '=';
|
|
|
5975ab |
+
|
|
|
5975ab |
+ *p = '\0';
|
|
|
5975ab |
+
|
|
|
5975ab |
+ err = grub_verify_string (cmdline, GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ goto fail;
|
|
|
5975ab |
|
|
|
5975ab |
boot_param->command_line = (grub_uint64_t) cmdline;
|
|
|
5975ab |
boot_param->efi_systab = (grub_uint64_t) grub_efi_system_table;
|
|
|
5975ab |
diff --git a/grub-core/loader/mips/linux.c b/grub-core/loader/mips/linux.c
|
|
|
f6e916 |
index 103588544..20135ce25 100644
|
|
|
5975ab |
--- a/grub-core/loader/mips/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/mips/linux.c
|
|
|
5975ab |
@@ -327,6 +327,8 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
linux_argv++;
|
|
|
5975ab |
linux_args += ALIGN_UP (sizeof ("a0"), 4);
|
|
|
5975ab |
|
|
|
5975ab |
+ char *params = linux_args;
|
|
|
5975ab |
+
|
|
|
5975ab |
#ifdef GRUB_MACHINE_MIPS_LOONGSON
|
|
|
5975ab |
{
|
|
|
5975ab |
unsigned mtype = grub_arch_machine;
|
|
|
5975ab |
@@ -352,6 +354,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
linux_args += ALIGN_UP (grub_strlen (argv[i]) + 1, 4);
|
|
|
5975ab |
}
|
|
|
5975ab |
|
|
|
5975ab |
+ *linux_args = '\0';
|
|
|
5975ab |
+
|
|
|
5975ab |
+ err = grub_verify_string (params, GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ return err;
|
|
|
5975ab |
+
|
|
|
5975ab |
/* Reserve space for rd arguments. */
|
|
|
5975ab |
rd_addr_arg_off = (grub_uint8_t *) linux_args - (grub_uint8_t *) playground;
|
|
|
5975ab |
linux_args += ALIGN_UP (sizeof ("rd_start=0xXXXXXXXXXXXXXXXX"), 4);
|
|
|
5975ab |
diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c
|
|
|
f6e916 |
index 3cfb47650..f64a857e3 100644
|
|
|
5975ab |
--- a/grub-core/loader/multiboot_mbi2.c
|
|
|
5975ab |
+++ b/grub-core/loader/multiboot_mbi2.c
|
|
|
5975ab |
@@ -1077,10 +1077,8 @@ grub_multiboot2_init_mbi (int argc, char *argv[])
|
|
|
5975ab |
return grub_errno;
|
|
|
5975ab |
cmdline_size = len;
|
|
|
5975ab |
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv, cmdline,
|
|
|
5975ab |
- cmdline_size);
|
|
|
5975ab |
-
|
|
|
5975ab |
- return GRUB_ERR_NONE;
|
|
|
5975ab |
+ return grub_create_loader_cmdline (argc, argv, cmdline, cmdline_size,
|
|
|
5975ab |
+ GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
}
|
|
|
5975ab |
|
|
|
5975ab |
grub_err_t
|
|
|
5975ab |
@@ -1109,7 +1107,7 @@ grub_multiboot2_add_module (grub_addr_t start, grub_size_t size,
|
|
|
5975ab |
total_modcmd += ALIGN_UP (len, MULTIBOOT_TAG_ALIGN);
|
|
|
5975ab |
|
|
|
5975ab |
err = grub_create_loader_cmdline (argc, argv, newmod->cmdline,
|
|
|
5975ab |
- newmod->cmdline_size);
|
|
|
5975ab |
+ newmod->cmdline_size, GRUB_VERIFY_MODULE_CMDLINE);
|
|
|
5975ab |
if (err)
|
|
|
5975ab |
{
|
|
|
5975ab |
grub_free (newmod->cmdline);
|
|
|
5975ab |
diff --git a/grub-core/loader/powerpc/ieee1275/linux.c b/grub-core/loader/powerpc/ieee1275/linux.c
|
|
|
f6e916 |
index 6e814649f..c114e7df4 100644
|
|
|
5975ab |
--- a/grub-core/loader/powerpc/ieee1275/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/powerpc/ieee1275/linux.c
|
|
|
5975ab |
@@ -302,8 +302,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
|
|
|
5975ab |
/* Create kernel command line. */
|
|
|
5975ab |
grub_memcpy (linux_args, LINUX_IMAGE, sizeof (LINUX_IMAGE));
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv, linux_args + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
- size);
|
|
|
5975ab |
+ if (grub_create_loader_cmdline (argc, argv, linux_args + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
+ size))
|
|
|
5975ab |
+ goto out;
|
|
|
5975ab |
|
|
|
5975ab |
out:
|
|
|
5975ab |
|
|
|
5975ab |
diff --git a/grub-core/loader/sparc64/ieee1275/linux.c b/grub-core/loader/sparc64/ieee1275/linux.c
|
|
|
f6e916 |
index 67ef04883..abe46faa0 100644
|
|
|
5975ab |
--- a/grub-core/loader/sparc64/ieee1275/linux.c
|
|
|
5975ab |
+++ b/grub-core/loader/sparc64/ieee1275/linux.c
|
|
|
5975ab |
@@ -340,8 +340,9 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
|
|
|
5975ab |
/* Create kernel command line. */
|
|
|
5975ab |
grub_memcpy (linux_args, LINUX_IMAGE, sizeof (LINUX_IMAGE));
|
|
|
5975ab |
- grub_create_loader_cmdline (argc, argv, linux_args + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
- size);
|
|
|
5975ab |
+ if (grub_create_loader_cmdline (argc, argv, linux_args + sizeof (LINUX_IMAGE) - 1,
|
|
|
5975ab |
+ size, GRUB_VERIFY_KERNEL_CMDLINE))
|
|
|
5975ab |
+ goto out;
|
|
|
5975ab |
|
|
|
5975ab |
out:
|
|
|
5975ab |
if (elf)
|
|
|
5975ab |
diff --git a/grub-core/loader/xnu.c b/grub-core/loader/xnu.c
|
|
|
f6e916 |
index 9f78abb05..5944dc5ea 100644
|
|
|
5975ab |
--- a/grub-core/loader/xnu.c
|
|
|
5975ab |
+++ b/grub-core/loader/xnu.c
|
|
|
5975ab |
@@ -35,6 +35,7 @@
|
|
|
5975ab |
#include <grub/i18n.h>
|
|
|
5975ab |
#include <grub/efi/sb.h>
|
|
|
5975ab |
#include <grub/safemath.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
|
|
|
5975ab |
GRUB_MOD_LICENSE ("GPLv3+");
|
|
|
5975ab |
|
|
|
5975ab |
@@ -429,6 +430,10 @@ grub_cmd_xnu_kernel (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
if (ptr != grub_xnu_cmdline)
|
|
|
5975ab |
*(ptr - 1) = 0;
|
|
|
5975ab |
|
|
|
5975ab |
+ err = grub_verify_string (grub_xnu_cmdline, GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ return err;
|
|
|
5975ab |
+
|
|
|
5975ab |
#if defined (__i386) && !defined (GRUB_MACHINE_EFI)
|
|
|
5975ab |
err = grub_efiemu_autocore ();
|
|
|
5975ab |
if (err)
|
|
|
5975ab |
@@ -538,6 +543,10 @@ grub_cmd_xnu_kernel64 (grub_command_t cmd __attribute__ ((unused)),
|
|
|
5975ab |
if (ptr != grub_xnu_cmdline)
|
|
|
5975ab |
*(ptr - 1) = 0;
|
|
|
5975ab |
|
|
|
5975ab |
+ err = grub_verify_string (grub_xnu_cmdline, GRUB_VERIFY_KERNEL_CMDLINE);
|
|
|
5975ab |
+ if (err)
|
|
|
5975ab |
+ return err;
|
|
|
5975ab |
+
|
|
|
5975ab |
#if defined (__i386) && !defined (GRUB_MACHINE_EFI)
|
|
|
5975ab |
err = grub_efiemu_autocore ();
|
|
|
5975ab |
if (err)
|
|
|
5975ab |
diff --git a/include/grub/lib/cmdline.h b/include/grub/lib/cmdline.h
|
|
|
f6e916 |
index 1fe8d0179..cdca09b7a 100644
|
|
|
5975ab |
--- a/include/grub/lib/cmdline.h
|
|
|
5975ab |
+++ b/include/grub/lib/cmdline.h
|
|
|
5975ab |
@@ -21,11 +21,12 @@
|
|
|
5975ab |
#define GRUB_CMDLINE_HEADER 1
|
|
|
5975ab |
|
|
|
5975ab |
#include <grub/types.h>
|
|
|
5975ab |
+#include <grub/verify.h>
|
|
|
5975ab |
|
|
|
5975ab |
#define LINUX_IMAGE "BOOT_IMAGE="
|
|
|
5975ab |
|
|
|
5975ab |
unsigned int grub_loader_cmdline_size (int argc, char *argv[]);
|
|
|
5975ab |
-int grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
|
|
5975ab |
- grub_size_t size);
|
|
|
5975ab |
+grub_err_t grub_create_loader_cmdline (int argc, char *argv[], char *buf,
|
|
|
5975ab |
+ grub_size_t size, enum grub_verify_string_type type);
|
|
|
5975ab |
|
|
|
5975ab |
#endif /* ! GRUB_CMDLINE_HEADER */
|
|
|
5975ab |
diff --git a/include/grub/verify.h b/include/grub/verify.h
|
|
|
f6e916 |
index 298120f57..9f892d8fe 100644
|
|
|
5975ab |
--- a/include/grub/verify.h
|
|
|
5975ab |
+++ b/include/grub/verify.h
|
|
|
5975ab |
@@ -25,6 +25,12 @@ enum grub_verify_flags
|
|
|
5975ab |
GRUB_VERIFY_FLAGS_SINGLE_CHUNK = 2
|
|
|
5975ab |
};
|
|
|
5975ab |
|
|
|
5975ab |
+enum grub_verify_string_type
|
|
|
5975ab |
+ {
|
|
|
5975ab |
+ GRUB_VERIFY_KERNEL_CMDLINE,
|
|
|
5975ab |
+ GRUB_VERIFY_MODULE_CMDLINE,
|
|
|
5975ab |
+ };
|
|
|
5975ab |
+
|
|
|
5975ab |
struct grub_file_verifier
|
|
|
5975ab |
{
|
|
|
5975ab |
struct grub_file_verifier *next;
|
|
|
5975ab |
@@ -48,6 +54,8 @@ struct grub_file_verifier
|
|
|
5975ab |
|
|
|
5975ab |
grub_err_t (*fini) (void *context);
|
|
|
5975ab |
void (*close) (void *context);
|
|
|
5975ab |
+
|
|
|
5975ab |
+ grub_err_t (*verify_string) (char *str, enum grub_verify_string_type type);
|
|
|
5975ab |
};
|
|
|
5975ab |
|
|
|
5975ab |
extern struct grub_file_verifier *grub_file_verifiers;
|
|
|
5975ab |
@@ -63,3 +71,6 @@ grub_verifier_unregister (struct grub_file_verifier *ver)
|
|
|
5975ab |
{
|
|
|
5975ab |
grub_list_remove (GRUB_AS_LIST (ver));
|
|
|
5975ab |
}
|
|
|
5975ab |
+
|
|
|
5975ab |
+grub_err_t
|
|
|
5975ab |
+grub_verify_string (char *str, enum grub_verify_string_type type);
|