Z572/grub
1
0
Fork 0
mirror of http://cgit.git.savannah.gnu.org/git/grub.git synced 2026-04-28 14:33:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Z572:phcoder/efi_compression
Branches Tags
Z572:master Z572:multiboot2 Z572:phcoder/verifiers Z572:arm_coreboot Z572:phcoder/termux Z572:next Z572:phcoder/rotate Z572:phcoder/xenfixes Z572:phcoder/gnuroot Z572:andrey/ext4_inline_data Z572:phcoder/arm Z572:phcoder/c3 Z572:master-bad-anon-commit Z572:pfsmorigo/no-libgcc Z572:pfsmorigo/vlantag Z572:phcoder/scratch Z572:phcoder/greffs Z572:phcoder/arrows Z572:leiflindholm/arm64 Z572:phcoder/file_types Z572:phcoder/efi_compression Z572:phcoder/ports/alpha Z572:phcoder/brltty Z572:phcoder/filesize Z572:phcoder/newports/s390 Z572:peter/devmapper Z572:multiboot Z572:grub-legacy
Z572:grub-2.14 Z572:grub-2.14-rc1 Z572:grub-2.12 Z572:grub-2.12-rc1 Z572:grub-2.06 Z572:grub-2.06-rc1a Z572:grub-2.06-rc1 Z572:grub-2.04 Z572:grub-2.04-rc1 Z572:grub-2.02 Z572:2.02 Z572:grub-2.02-rc2 Z572:2.02-rc2 Z572:grub-2.02-rc1 Z572:2.02-rc1 Z572:grub-2.02-beta3 Z572:2.02-beta3 Z572:grub-2.02-beta2 Z572:grub-2.02-beta1 Z572:2.00 Z572:1.99 Z572:1.98 Z572:0.6.96
...
compare: Z572:phcoder/file_types
Branches Tags
Z572:master Z572:multiboot2 Z572:phcoder/verifiers Z572:arm_coreboot Z572:phcoder/termux Z572:next Z572:phcoder/rotate Z572:phcoder/xenfixes Z572:phcoder/gnuroot Z572:andrey/ext4_inline_data Z572:phcoder/arm Z572:phcoder/c3 Z572:master-bad-anon-commit Z572:pfsmorigo/no-libgcc Z572:pfsmorigo/vlantag Z572:phcoder/scratch Z572:phcoder/greffs Z572:phcoder/arrows Z572:leiflindholm/arm64 Z572:phcoder/file_types Z572:phcoder/efi_compression Z572:phcoder/ports/alpha Z572:phcoder/brltty Z572:phcoder/filesize Z572:phcoder/newports/s390 Z572:peter/devmapper Z572:multiboot Z572:grub-legacy
Z572:grub-2.14 Z572:grub-2.14-rc1 Z572:grub-2.12 Z572:grub-2.12-rc1 Z572:grub-2.06 Z572:grub-2.06-rc1a Z572:grub-2.06-rc1 Z572:grub-2.04 Z572:grub-2.04-rc1 Z572:grub-2.02 Z572:2.02 Z572:grub-2.02-rc2 Z572:2.02-rc2 Z572:grub-2.02-rc1 Z572:2.02-rc1 Z572:grub-2.02-beta3 Z572:2.02-beta3 Z572:grub-2.02-beta2 Z572:grub-2.02-beta1 Z572:2.00 Z572:1.99 Z572:1.98 Z572:0.6.96

3 Commits
phcoder/ef ... phcoder/fi

Author SHA1 Message Date
Vladimir Serbinenko
371bc1c048 PE signatures. Doesn't work yet 2013-11-20 09:34:36 +01:00
Vladimir Serbinenko
8128bd056e File type for fine-grained signature-verification controlling 2013-11-20 02:28:29 +01:00
Vladimir Serbinenko
48eb35cd78 * coreboot.cfg: Add missing file. 2013-11-20 00:52:23 +01:00
63 changed files with 725 additions and 214 deletions
Expand all files Collapse all files

4
ChangeLog
View File

@@ -1,3 +1,7 @@
2013-11-20 Vladimir Serbinenko <phcoder@gmail.com>
* coreboot.cfg: Add missing file.
2013-11-19 Vladimir Serbinenko <phcoder@gmail.com>
* Makefile.am: Allow STRIP to be empty when creating windowszip.

1
conf/Makefile.extra-dist
View File

@@ -110,3 +110,4 @@ EXTRA_DIST += grub-core/osdep/windows/sleep.c
EXTRA_DIST += tests/dfly-mbr-mbexample.mbr.img.gz
EXTRA_DIST += tests/dfly-mbr-mbexample.dfly.img.gz
EXTRA_DIST += coreboot.cfg

3
coreboot.cfg Normal file
View File

@@ -0,0 +1,3 @@
if test -f (cbfsdisk)/etc/grub.cfg; then
source (cbfsdisk)/etc/grub.cfg
fi

2
grub-core/commands/acpi.c
View File

@@ -639,7 +639,7 @@ grub_cmd_acpi (struct grub_extcmd_context *ctxt, int argc, char **args)
grub_size_t size;
char *buf;
file = grub_file_open (args[i]);
file = grub_file_open (args[i], GRUB_FILE_TYPE_ACPI_TABLE);
if (! file)
{
free_tables ();

4
grub-core/commands/blocklist.c
View File

@@ -121,8 +121,8 @@ grub_cmd_blocklist (grub_command_t cmd __attribute__ ((unused)),
if (argc < 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
grub_file_filter_disable_compression ();
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_PRINT_BLOCKLIST
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (! file)
return grub_errno;

2
grub-core/commands/cat.c
View File

@@ -56,7 +56,7 @@ grub_cmd_cat (grub_extcmd_context_t ctxt, int argc, char **args)
if (argc != 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_CAT);
if (! file)
return grub_errno;

4
grub-core/commands/cmp.c
View File

@@ -45,8 +45,8 @@ grub_cmd_cmp (grub_command_t cmd __attribute__ ((unused)),
grub_printf_ (N_("Compare file `%s' with `%s':\n"), args[0],
args[1]);
file1 = grub_file_open (args[0]);
file2 = grub_file_open (args[1]);
file1 = grub_file_open (args[0], GRUB_FILE_TYPE_CMP);
file2 = grub_file_open (args[1], GRUB_FILE_TYPE_CMP);
if (! file1 || ! file2)
goto cleanup;

4
grub-core/commands/efi/loadbios.c
View File

@@ -169,7 +169,7 @@ grub_cmd_loadbios (grub_command_t cmd __attribute__ ((unused)),
if (argc > 1)
{
file = grub_file_open (argv[1]);
file = grub_file_open (argv[1], GRUB_FILE_TYPE_VBE_DUMP);
if (! file)
return grub_errno;
@@ -183,7 +183,7 @@ grub_cmd_loadbios (grub_command_t cmd __attribute__ ((unused)),
return grub_errno;
}
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_VBE_DUMP);
if (! file)
return grub_errno;

22
grub-core/commands/hashsum.c
View File

@@ -113,7 +113,7 @@ check_list (const gcry_md_spec_t *hash, const char *hashfilename,
if (hash->mdlen > GRUB_CRYPTO_MAX_MDLEN)
return grub_error (GRUB_ERR_BUG, "mdlen is too long");
hashlist = grub_file_open (hashfilename);
hashlist = grub_file_open (hashfilename, GRUB_FILE_TYPE_HASHLIST);
if (!hashlist)
return grub_errno;
@@ -141,17 +141,15 @@ check_list (const gcry_md_spec_t *hash, const char *hashfilename,
filename = grub_xasprintf ("%s/%s", prefix, p);
if (!filename)
return grub_errno;
if (!uncompress)
grub_file_filter_disable_compression ();
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_TO_HASH
| (!uncompress ? GRUB_FILE_TYPE_NO_DECOMPRESS
: 0));
grub_free (filename);
}
else
{
if (!uncompress)
grub_file_filter_disable_compression ();
file = grub_file_open (p);
}
file = grub_file_open (p, GRUB_FILE_TYPE_TO_HASH
| (!uncompress ? GRUB_FILE_TYPE_NO_DECOMPRESS
: 0));
if (!file)
{
grub_file_close (hashlist);
@@ -242,9 +240,9 @@ grub_cmd_hashsum (struct grub_extcmd_context *ctxt,
grub_file_t file;
grub_err_t err;
unsigned j;
if (!uncompress)
grub_file_filter_disable_compression ();
file = grub_file_open (args[i]);
file = grub_file_open (args[i], GRUB_FILE_TYPE_TO_HASH
| (!uncompress ? GRUB_FILE_TYPE_NO_DECOMPRESS
: 0));
if (!file)
{
if (!keep)

2
grub-core/commands/hexdump.c
View File

@@ -90,7 +90,7 @@ grub_cmd_hexdump (grub_extcmd_context_t ctxt, int argc, char **args)
{
grub_file_t file;
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_HEXCAT);
if (! file)
return 0;

2
grub-core/commands/i386/nthibr.c
View File

@@ -39,7 +39,7 @@ grub_cmd_nthibr (grub_command_t cmd __attribute__ ((unused)),
if (argc != 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected"));
hibr_file = grub_file_open (args[0]);
hibr_file = grub_file_open (args[0], GRUB_FILE_TYPE_FILE_ID);
if (!hibr_file)
return grub_errno;

2
grub-core/commands/i386/pc/play.c
View File

@@ -93,7 +93,7 @@ grub_cmd_play (grub_command_t cmd __attribute__ ((unused)),
grub_uint32_t tempo;
grub_file_t file;
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_AUDIO);
if (! file)
return grub_errno;

2
grub-core/commands/keylayouts.c
View File

@@ -218,7 +218,7 @@ grub_cmd_keymap (struct grub_command *cmd __attribute__ ((unused)),
else
filename = argv[0];
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_KEYBOARD_LAYOUT);
if (! file)
goto fail;

2
grub-core/commands/legacycfg.c
View File

@@ -55,7 +55,7 @@ legacy_file (const char *filename)
if (!suffix)
return grub_errno;
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_CONFIG);
if (! file)
return grub_errno;

24
grub-core/commands/loadenv.c
View File

@@ -44,7 +44,8 @@ static const struct grub_arg_option options[] =
PUBKEY filter (that insists upon properly signed files) as well. PUBKEY
filter is restored before the function returns. */
static grub_file_t
open_envblk_file (char *filename, int untrusted)
open_envblk_file (char *filename,
enum grub_file_type type)
{
grub_file_t file;
char *buf = 0;
@@ -72,13 +73,7 @@ open_envblk_file (char *filename, int untrusted)
grub_strcpy (filename + len + 1, GRUB_ENVBLK_DEFCFG);
}
/* The filters that are disabled will be re-enabled by the call to
grub_file_open() after this particular file is opened. */
grub_file_filter_disable_compression ();
if (untrusted)
grub_file_filter_disable_pubkey ();
file = grub_file_open (filename);
file = grub_file_open (filename, type);
grub_free (buf);
return file;
@@ -171,7 +166,10 @@ grub_cmd_load_env (grub_extcmd_context_t ctxt, int argc, char **args)
whitelist.list = args;
/* state[0] is the -f flag; state[1] is the --skip-sig flag */
file = open_envblk_file ((state[0].set) ? state[0].arg : 0, state[1].set);
file = open_envblk_file ((state[0].set) ? state[0].arg : 0,
GRUB_FILE_TYPE_LOADENV
| (state[1].set
? GRUB_FILE_TYPE_SKIP_SIGNATURE : 0));
if (! file)
return grub_errno;
@@ -206,7 +204,10 @@ grub_cmd_list_env (grub_extcmd_context_t ctxt,
grub_file_t file;
grub_envblk_t envblk;
file = open_envblk_file ((state[0].set) ? state[0].arg : 0, 0);
file = open_envblk_file ((state[0].set) ? state[0].arg : 0,
GRUB_FILE_TYPE_LOADENV
| (state[1].set
? GRUB_FILE_TYPE_SKIP_SIGNATURE : 0));
if (! file)
return grub_errno;
@@ -399,7 +400,8 @@ grub_cmd_save_env (grub_extcmd_context_t ctxt, int argc, char **args)
return grub_error (GRUB_ERR_BAD_ARGUMENT, "no variable is specified");
file = open_envblk_file ((state[0].set) ? state[0].arg : 0,
1 /* allow untrusted */);
GRUB_FILE_TYPE_SAVEENV
| GRUB_FILE_TYPE_SKIP_SIGNATURE);
if (! file)
return grub_errno;

8
grub-core/commands/ls.c
View File

@@ -129,8 +129,8 @@ print_files_long (const char *filename, const struct grub_dirhook_info *info,
/* XXX: For ext2fs symlinks are detected as files while they
should be reported as directories. */
grub_file_filter_disable_compression ();
file = grub_file_open (pathname);
file = grub_file_open (pathname, GRUB_FILE_TYPE_GET_SIZE
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (! file)
{
grub_errno = 0;
@@ -225,8 +225,8 @@ grub_ls_list_files (char *dirname, int longlist, int all, int human)
struct grub_dirhook_info info;
grub_errno = 0;
grub_file_filter_disable_compression ();
file = grub_file_open (dirname);
file = grub_file_open (dirname, GRUB_FILE_TYPE_GET_SIZE
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (! file)
goto fail;

2
grub-core/commands/minicmd.c
View File

@@ -43,7 +43,7 @@ grub_mini_cmd_cat (struct grub_command *cmd __attribute__ ((unused)),
if (argc < 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_CAT);
if (! file)
return grub_errno;

3
grub-core/commands/nativedisk.c
View File

@@ -234,7 +234,8 @@ grub_cmd_nativedisk (grub_command_t cmd __attribute__ ((unused)),
if (! filename)
goto fail;
file = grub_file_open (filename);
file = grub_file_open (filename,
GRUB_FILE_TYPE_GRUB_MODULE);
grub_free (filename);
if (! file)
goto fail;

2
grub-core/commands/parttool.c
View File

@@ -193,7 +193,7 @@ grub_cmd_parttool (grub_command_t cmd __attribute__ ((unused)),
{
grub_file_t file;
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE_LIST);
if (file)
{
char *buf = 0;

4
grub-core/commands/search.c
View File

@@ -81,8 +81,8 @@ iterate_device (const char *name, void *data)
if (! buf)
return 1;
grub_file_filter_disable_compression ();
file = grub_file_open (buf);
file = grub_file_open (buf, GRUB_FILE_TYPE_FS_SEARCH
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (file)
{
found = 1;

4
grub-core/commands/test.c
View File

@@ -355,8 +355,8 @@ test_parse (char **args, int *argn, int argc)
if (grub_strcmp (args[*argn], "-s") == 0)
{
grub_file_t file;
grub_file_filter_disable_compression ();
file = grub_file_open (args[*argn + 1]);
file = grub_file_open (args[*argn + 1], GRUB_FILE_TYPE_GET_SIZE
| GRUB_FILE_TYPE_NO_DECOMPRESS);
update_val (file && (grub_file_size (file) != 0), &ctx);
if (file)
grub_file_close (file);

2
grub-core/commands/testload.c
View File

@@ -57,7 +57,7 @@ grub_cmd_testload (struct grub_command *cmd __attribute__ ((unused)),
if (argc < 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_TESTLOAD);
if (! file)
return grub_errno;

2
grub-core/commands/testspeed.c
View File

@@ -61,7 +61,7 @@ grub_cmd_testspeed (grub_extcmd_context_t ctxt, int argc, char **args)
if (buffer == NULL)
return grub_errno;
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_TESTLOAD);
if (file == NULL)
goto quit;

482
grub-core/commands/verify.c
View File

@@ -30,6 +30,7 @@
#include <grub/env.h>
#include <grub/kernel.h>
#include <grub/extcmd.h>
#include <grub/efi/pe32.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -432,6 +433,356 @@ rsa_pad (gcry_mpi_t *hmpi, grub_uint8_t *hval,
return ret;
}
static grub_err_t
get (char *buf, grub_size_t size,
grub_file_t f, void *out,
grub_off_t off, grub_size_t sz)
{
if (buf)
{
if (off > ~(grub_uint32_t) sz
|| off + sz > size)
return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));
grub_memcpy (out, buf + off, sz);
return GRUB_ERR_NONE;
}
if (grub_file_seek (f, off) == (grub_size_t) -1)
return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));
if (grub_file_read (f, out, sz) != (grub_ssize_t) sz)
return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));
return GRUB_ERR_NONE;
}
static grub_err_t
read_len (char *buf, grub_size_t size,
grub_file_t f, grub_off_t *curoff, grub_uint32_t *endoff)
{
grub_uint8_t cb;
unsigned ss, rl;
grub_uint32_t v = 0;
grub_err_t err;
err = get (buf, size, f, &cb, (*curoff)++, 1);
if (err)
return err;
if (!(cb & 0x80))
{
*endoff = *curoff + (cb & 0x7f);
return GRUB_ERR_NONE;
}
ss = cb & 0x7f;
if (ss > 4)
rl = 4;
else
rl = ss;
*curoff += (ss - rl);
err = get (buf, size, f, (char *) &v + (4 - rl), *curoff,
rl);
if (err)
return err;
*curoff += rl;
*endoff = *curoff + (grub_be_to_cpu32 (v) & 0x7fffff);
return GRUB_ERR_NONE;
}
#define MAX_FULLASN 128
static grub_err_t
grub_verify_pe_signature_real (char *buf, grub_size_t size,
grub_file_t f,
struct grub_public_key *pkey)
{
grub_uint8_t mz[2];
const gcry_md_spec_t *hash;
grub_uint32_t coff_offset, opt_offset;
union
{
struct grub_pe32_optional_header o32;
struct grub_pe64_optional_header o64;
} opt_head;
struct grub_pe32_data_directory *certtab;
grub_err_t err;
void *context = NULL;
void *read_buf = NULL;
grub_uint8_t *hval;
grub_off_t curoff;
grub_uint8_t cb;
grub_uint8_t full_asn[MAX_FULLASN];
/*
hash as:
offs[0] - offs[1]
skip: checksum
offs[2] - offs[3]
skip: cert entry
offs[4] - offs[5]
skip: cert
offs[6] - offs[7]
*/
grub_uint32_t offs[8];
grub_uint32_t endoff[5];
grub_uint32_t full_asn_offset, full_asn_offset_end;
grub_size_t i;
err = get (buf, size, f, mz, 0, 2);
if (err)
return err;
if (mz[0] != 'M' || mz[1] != 'Z')
goto fail;
err = get (buf, size, f, &coff_offset, 0x3c, 4);
if (err)
return err;
opt_offset = grub_cpu_to_le32 (coff_offset) + sizeof (struct grub_pe32_coff_header) + 4;
err = get (buf, size, f, &opt_head, opt_offset, sizeof (opt_head));
if (err)
return err;
grub_dprintf ("crypt", "opt_offset = %x\n", (int) opt_offset);
if (opt_head.o32.magic == grub_cpu_to_le16_compile_time (GRUB_PE32_PE32_MAGIC))
{
offs[1] = (char *) &opt_head.o32.checksum - (char *) &opt_head + opt_offset;
certtab = &opt_head.o32.certificate_table;
}
else if (opt_head.o64.magic == grub_cpu_to_le16_compile_time (GRUB_PE32_PE64_MAGIC))
{
offs[1] = (char *) &opt_head.o64.checksum - (char *) &opt_head + opt_offset;
certtab = &opt_head.o64.certificate_table;
}
else
return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));
if (certtab->size == 0)
goto fail;
offs[0] = 0;
offs[2] = offs[1] + 4;
offs[3] = (char *) certtab - (char *) &opt_head + opt_offset;
offs[4] = offs[3] + sizeof (*certtab);
offs[5] = grub_le_to_cpu32 (certtab->rva);
offs[6] = offs[5] + grub_le_to_cpu32 (certtab->size);
offs[7] = buf ? size : grub_file_size (f);
/* Verify that offset sequence is valid. */
for (i = 0; i < 7; i++)
if (offs[i + 1] < offs[i])
goto fail;
grub_dprintf ("crypt", "sig @%x+%x\n", (int)certtab->rva,
(int)certtab->size);
curoff = grub_le_to_cpu32 (certtab->rva) + 8;
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x30)
goto fail;
/* into. */
err = read_len (buf, size, f, &curoff, &endoff[0]);
if (err)
return err;
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x06)
goto fail;
/* skip. */
err = read_len (buf, size, f, &curoff, &endoff[1]);
if (err)
return err;
curoff = endoff[1];
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0xa0)
goto fail;
/* into. */
err = read_len (buf, size, f, &curoff, &endoff[1]);
if (err)
return err;
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x30)
goto fail;
/* into. */
err = read_len (buf, size, f, &curoff, &endoff[2]);
if (err)
return err;
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x02)
goto fail;
/* skip */
err = read_len (buf, size, f, &curoff, &endoff[2]);
if (err)
return err;
curoff = endoff[2];
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x31)
goto fail;
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x0f)
goto fail;
err = read_len (buf, size, f, &curoff, &endoff[3]);
if (err)
return err;
curoff = endoff[3];
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x03)
goto fail;
err = read_len (buf, size, f, &curoff, &endoff[3]);
if (err)
return err;
curoff = endoff[3];
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0xa0)
goto fail;
err = read_len (buf, size, f, &curoff, &endoff[3]);
if (err)
return err;
curoff = endoff[3];
grub_dprintf ("crypt", "off: %x\n",
(int)curoff - grub_le_to_cpu32 (certtab->rva));
/* At this point we have the full ASN at current offset */
full_asn_offset = curoff;
err = get (buf, size, f, &cb, curoff++, 1);
if (err)
return err;
if (cb != 0x30)
goto fail;
err = read_len (buf, size, f, &curoff, &endoff[3]);
if (err)
return err;
curoff = endoff[3];
full_asn_offset_end = curoff;
grub_dprintf ("crypt", "off: %x\n",
(int)full_asn_offset_end - grub_le_to_cpu32 (certtab->rva));
if (full_asn_offset_end - full_asn_offset > MAX_FULLASN)
goto fail;
err = get (buf, size, f, full_asn, full_asn_offset,
full_asn_offset_end - full_asn_offset);
if (err)
return err;
hash = grub_crypto_lookup_md_by_asn (full_asn,
full_asn_offset_end - full_asn_offset);
if (!hash)
return grub_error (GRUB_ERR_BAD_SIGNATURE, "hash not loaded");
if (hash->asnlen + hash->mdlen != full_asn_offset_end - full_asn_offset)
goto fail;
context = grub_zalloc (hash->contextsize);
if (!context)
goto fail;
hash->init (context);
if (buf)
{
for (i = 0; i <= 3; i++)
hash->write (context, buf + offs[2 * i],
offs[2 * i + 1] - offs[2 * i]);
}
else
{
read_buf = grub_malloc (READBUF_SIZE);
for (i = 0; i <= 3; i++)
{
grub_size_t rem;
grub_ssize_t r;
if (grub_file_seek (f, offs[2 * i]) == (grub_size_t) -1)
goto fail;
rem = offs[2 * i + 1] - offs[2 * i];
COMPILE_TIME_ASSERT (sizeof (rem) >= sizeof (offs[0]));
while (rem)
{
r = grub_file_read (f, read_buf,
rem < READBUF_SIZE ? rem : READBUF_SIZE);
if (r < 0)
goto fail;
if (r == 0)
break;
hash->write (context, read_buf, r);
rem -= r;
}
if (rem)
goto fail;
}
}
hash->final (context);
hval = hash->read (context);
if (grub_memcmp (full_asn + hash->asnlen,
hval, hash->mdlen) != 0)
goto fail;
for (i = 0; i < hash->mdlen; i++)
grub_printf ("%02x ", hval[i]);
grub_printf ("\n");
(void) pkey;
return GRUB_ERR_NONE;
fail:
grub_free (context);
grub_free (read_buf);
return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad signature"));
}
static grub_err_t
grub_verify_signature_real (char *buf, grub_size_t size,
grub_file_t f, grub_file_t sig,
@@ -530,6 +881,8 @@ grub_verify_signature_real (char *buf, grub_size_t size,
hash->write (context, readbuf, r);
rem -= r;
}
if (rem)
goto fail;
hash->write (context, &v, sizeof (v));
s = 0xff;
hash->write (context, &s, sizeof (s));
@@ -667,10 +1020,12 @@ grub_cmd_trust (grub_extcmd_context_t ctxt,
if (argc < 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected"));
grub_file_filter_disable_compression ();
if (ctxt->state[OPTION_SKIP_SIG].set)
grub_file_filter_disable_pubkey ();
pkf = grub_file_open (args[0]);
pkf = grub_file_open (args[0],
GRUB_FILE_TYPE_PUBLIC_KEY_TRUST
| GRUB_FILE_TYPE_NO_DECOMPRESS
| (ctxt->state[OPTION_SKIP_SIG].set
? GRUB_FILE_TYPE_SKIP_SIGNATURE
: 0));
if (!pkf)
return grub_errno;
pk = grub_load_public_key (pkf);
@@ -758,10 +1113,12 @@ grub_cmd_verify_signature (grub_extcmd_context_t ctxt,
if (argc > 2)
{
grub_file_t pkf;
grub_file_filter_disable_compression ();
if (ctxt->state[OPTION_SKIP_SIG].set)
grub_file_filter_disable_pubkey ();
pkf = grub_file_open (args[2]);
pkf = grub_file_open (args[2],
GRUB_FILE_TYPE_PUBLIC_KEY
| GRUB_FILE_TYPE_NO_DECOMPRESS
| (ctxt->state[OPTION_SKIP_SIG].set
? GRUB_FILE_TYPE_SKIP_SIGNATURE
: 0));
if (!pkf)
return grub_errno;
pk = grub_load_public_key (pkf);
@@ -773,16 +1130,16 @@ grub_cmd_verify_signature (grub_extcmd_context_t ctxt,
grub_file_close (pkf);
}
grub_file_filter_disable_all ();
f = grub_file_open (args[0]);
f = grub_file_open (args[0], GRUB_FILE_TYPE_VERIFY_SIGNATURE);
if (!f)
{
err = grub_errno;
goto fail;
}
grub_file_filter_disable_all ();
sig = grub_file_open (args[1]);
sig = grub_file_open (args[1],
GRUB_FILE_TYPE_SIGNATURE
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (!sig)
{
err = grub_errno;
@@ -800,6 +1157,57 @@ grub_cmd_verify_signature (grub_extcmd_context_t ctxt,
return err;
}
static grub_err_t
grub_cmd_verify_pe_signature (grub_extcmd_context_t ctxt,
int argc, char **args)
{
grub_file_t f = NULL;
grub_err_t err = GRUB_ERR_NONE;
struct grub_public_key *pk = NULL;
grub_dprintf ("crypt", "alive\n");
if (argc < 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("one argument expected"));
grub_dprintf ("crypt", "alive\n");
if (argc > 1)
{
grub_file_t pkf;
pkf = grub_file_open (args[1],
GRUB_FILE_TYPE_PUBLIC_KEY
| GRUB_FILE_TYPE_NO_DECOMPRESS
| (ctxt->state[OPTION_SKIP_SIG].set
? GRUB_FILE_TYPE_SKIP_SIGNATURE
: 0));
if (!pkf)
return grub_errno;
pk = grub_load_public_key (pkf);
if (!pk)
{
grub_file_close (pkf);
return grub_errno;
}
grub_file_close (pkf);
}
f = grub_file_open (args[0], GRUB_FILE_TYPE_VERIFY_SIGNATURE);
if (!f)
{
err = grub_errno;
goto fail;
}
err = grub_verify_pe_signature_real (0, 0, f, pk);
fail:
if (f)
grub_file_close (f);
if (pk)
free_pk (pk);
return err;
}
static int sec = 0;
static grub_ssize_t
@@ -825,33 +1233,25 @@ struct grub_fs verified_fs =
};
static grub_file_t
grub_pubkey_open (grub_file_t io, const char *filename)
grub_pubkey_open (grub_file_t io, enum grub_file_type type)
{
grub_file_t sig;
char *fsuf, *ptr;
grub_err_t err;
grub_file_filter_t curfilt[GRUB_FILE_FILTER_MAX];
grub_file_t ret;
if ((type & GRUB_FILE_TYPE_MASK) == GRUB_FILE_TYPE_SIGNATURE
|| (type & GRUB_FILE_TYPE_MASK) == GRUB_FILE_TYPE_VERIFY_SIGNATURE
|| (type & GRUB_FILE_TYPE_SKIP_SIGNATURE))
return io;
if (!sec)
return io;
if (io->device->disk && io->device->disk->id == GRUB_DISK_DEVICE_MEMDISK_ID)
return io;
fsuf = grub_malloc (grub_strlen (filename) + sizeof (".sig"));
fsuf = grub_malloc (grub_strlen (io->name) + sizeof (".sig"));
if (!fsuf)
return NULL;
ptr = grub_stpcpy (fsuf, filename);
grub_memcpy (ptr, ".sig", sizeof (".sig"));
grub_memcpy (curfilt, grub_file_filters_enabled,
sizeof (curfilt));
grub_file_filter_disable_all ();
sig = grub_file_open (fsuf);
grub_memcpy (grub_file_filters_enabled, curfilt,
sizeof (curfilt));
grub_free (fsuf);
if (!sig)
return NULL;
ret = grub_malloc (sizeof (*ret));
if (!ret)
@@ -876,12 +1276,30 @@ grub_pubkey_open (grub_file_t io, const char *filename)
{
if (!grub_errno)
grub_error (GRUB_ERR_FILE_READ_ERROR, N_("premature end of file %s"),
filename);
io->name);
return NULL;
}
err = grub_verify_signature_real (ret->data, ret->size, 0, sig, NULL);
grub_file_close (sig);
ptr = grub_stpcpy (fsuf, io->name);
grub_memcpy (ptr, ".sig", sizeof (".sig"));
sig = grub_file_open (fsuf, GRUB_FILE_TYPE_SIGNATURE);
grub_free (fsuf);
if (!sig)
grub_errno = GRUB_ERR_NONE;
if (sig)
{
err = grub_verify_signature_real (ret->data, ret->size, 0, sig, NULL);
grub_file_close (sig);
if (err == GRUB_ERR_BAD_SIGNATURE)
{
grub_errno = GRUB_ERR_NONE;
err = grub_verify_pe_signature_real (ret->data, ret->size, 0, 0);
}
}
else
err = grub_verify_pe_signature_real (ret->data, ret->size, 0, 0);
if (err)
return NULL;
io->device = 0;
@@ -963,6 +1381,10 @@ GRUB_MOD_INIT(verify)
N_("[-s|--skip-sig] FILE SIGNATURE_FILE [PUBKEY_FILE]"),
N_("Verify detached signature."),
options);
cmd = grub_register_extcmd ("verify_pe", grub_cmd_verify_pe_signature, 0,
N_("[-s|--skip-sig] FILE [PUBKEY_FILE]"),
N_("Verify PE signature."),
options);
cmd_trust = grub_register_extcmd ("trust", grub_cmd_trust, 0,
N_("[-s|--skip-sig] PUBKEY_FILE"),
N_("Add PKFILE to trusted keys."),

3
grub-core/disk/loopback.c
View File

@@ -90,7 +90,8 @@ grub_cmd_loopback (grub_extcmd_context_t ctxt, int argc, char **args)
if (argc < 2)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
file = grub_file_open (args[1]);
file = grub_file_open (args[1], GRUB_FILE_TYPE_LOOPBACK
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (! file)
return grub_errno;

4
grub-core/font/font.c
View File

@@ -418,7 +418,7 @@ grub_font_load (const char *filename)
#endif
if (filename[0] == '(' || filename[0] == '/' || filename[0] == '+')
file = grub_buffile_open (filename, 1024);
file = grub_buffile_open (filename, GRUB_FILE_TYPE_FONT, 1024);
else
{
const char *prefix = grub_env_get ("prefix");
@@ -438,7 +438,7 @@ grub_font_load (const char *filename)
ptr = grub_stpcpy (ptr, filename);
ptr = grub_stpcpy (ptr, ".pf2");
*ptr = 0;
file = grub_buffile_open (fullname, 1024);
file = grub_buffile_open (fullname, GRUB_FILE_TYPE_FONT, 1024);
grub_free (fullname);
}
if (!file)

2
grub-core/fs/zfs/zfscrypt.c
View File

@@ -418,7 +418,7 @@ grub_cmd_zfs_key (grub_extcmd_context_t ctxt, int argc, char **args)
if (argc > 0)
{
grub_file_t file;
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY);
if (!file)
return grub_errno;
real_size = grub_file_read (file, buf, 1024);

2
grub-core/gettext/gettext.c
View File

@@ -291,7 +291,7 @@ grub_mofile_open (struct grub_gettext_context *ctx,
/* Using fd_mo and not another variable because
it's needed for grub_gettext_get_info. */
fd = grub_file_open (filename);
fd = grub_file_open (filename, GRUB_FILE_TYPE_GETTEXT_CATALOG);
if (!fd)
return grub_errno;

2
grub-core/gfxmenu/theme_loader.c
View File

@@ -743,7 +743,7 @@ grub_gfxmenu_view_load_theme (grub_gfxmenu_view_t view, const char *theme_path)
p.view = view;
p.theme_dir = grub_get_dirname (theme_path);
file = grub_file_open (theme_path);
file = grub_file_open (theme_path, GRUB_FILE_TYPE_THEME);
if (! file)
{
grub_free (p.theme_dir);

10
grub-core/io/bufio.c
View File

@@ -43,7 +43,8 @@ typedef struct grub_bufio *grub_bufio_t;
static struct grub_fs grub_bufio_fs;
grub_file_t
grub_bufio_open (grub_file_t io, int size)
grub_bufio_open (grub_file_t io,
grub_size_t size)
{
grub_file_t file;
grub_bufio_t bufio = 0;
@@ -57,7 +58,7 @@ grub_bufio_open (grub_file_t io, int size)
else if (size > GRUB_BUFIO_MAX_SIZE)
size = GRUB_BUFIO_MAX_SIZE;
if ((size < 0) || ((unsigned) size > io->size))
if (size > io->size)
size = ((io->size > GRUB_BUFIO_MAX_SIZE) ? GRUB_BUFIO_MAX_SIZE :
io->size);
@@ -81,11 +82,12 @@ grub_bufio_open (grub_file_t io, int size)
}
grub_file_t
grub_buffile_open (const char *name, int size)
grub_buffile_open (const char *name, enum grub_file_type type,
grub_size_t size)
{
grub_file_t io, file;
io = grub_file_open (name);
io = grub_file_open (name, type);
if (! io)
return 0;

5
grub-core/io/gzio.c
View File

@@ -1125,11 +1125,14 @@ initialize_tables (grub_gzio_t gzio)
even if IO does not contain data compressed by gzip, return a valid file
object. Note that this function won't close IO, even if an error occurs. */
static grub_file_t
grub_gzio_open (grub_file_t io, const char *name __attribute__ ((unused)))
grub_gzio_open (grub_file_t io, enum grub_file_type type)
{
grub_file_t file;
grub_gzio_t gzio = 0;
if (type & GRUB_FILE_TYPE_NO_DECOMPRESS)
return io;
file = (grub_file_t) grub_zalloc (sizeof (*file));
if (! file)
return 0;

6
grub-core/io/lzopio.c
View File

@@ -409,12 +409,14 @@ CORRUPTED:
}
static grub_file_t
grub_lzopio_open (grub_file_t io,
const char *name __attribute__ ((unused)))
grub_lzopio_open (grub_file_t io, enum grub_file_type type)
{
grub_file_t file;
grub_lzopio_t lzopio;
if (type & GRUB_FILE_TYPE_NO_DECOMPRESS)
return io;
file = (grub_file_t) grub_zalloc (sizeof (*file));
if (!file)
return 0;

7
grub-core/io/offset.c
View File

@@ -69,7 +69,8 @@ grub_file_offset_close (grub_file_t file)
}
grub_file_t
grub_file_offset_open (grub_file_t parent, grub_off_t start, grub_off_t size)
grub_file_offset_open (grub_file_t parent, enum grub_file_type type,
grub_off_t start, grub_off_t size)
{
struct grub_offset_file *off_data;
grub_file_t off_file, last_off_file;
@@ -95,10 +96,10 @@ grub_file_offset_open (grub_file_t parent, grub_off_t start, grub_off_t size)
last_off_file = NULL;
for (filter = GRUB_FILE_FILTER_COMPRESSION_FIRST;
off_file && filter <= GRUB_FILE_FILTER_COMPRESSION_LAST; filter++)
if (grub_file_filters_enabled[filter])
if (grub_file_filters[filter])
{
last_off_file = off_file;
off_file = grub_file_filters_enabled[filter] (off_file, parent->name);
off_file = grub_file_filters[filter] (off_file, type);
}
if (!off_file)

6
grub-core/io/xzio.c
View File

@@ -169,12 +169,14 @@ ERROR:
}
static grub_file_t
grub_xzio_open (grub_file_t io,
const char *name __attribute__ ((unused)))
grub_xzio_open (grub_file_t io, enum grub_file_type type)
{
grub_file_t file;
grub_xzio_t xzio;
if (type & GRUB_FILE_TYPE_NO_DECOMPRESS)
return io;
file = (grub_file_t) grub_zalloc (sizeof (*file));
if (!file)
return 0;

2
grub-core/kern/dl.c
View File

@@ -653,7 +653,7 @@ grub_dl_load_file (const char *filename)
void *core = 0;
grub_dl_t mod = 0;
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE);
if (! file)
return 0;

4
grub-core/kern/elf.c
View File

@@ -100,12 +100,12 @@ fail:
}
grub_elf_t
grub_elf_open (const char *name)
grub_elf_open (const char *name, enum grub_file_type type)
{
grub_file_t file;
grub_elf_t elf;
file = grub_file_open (name);
file = grub_file_open (name, type);
if (! file)
return 0;

22
grub-core/kern/file.c
View File

@@ -28,8 +28,7 @@
void (*EXPORT_VAR (grub_grubnet_fini)) (void);
grub_file_filter_t grub_file_filters_all[GRUB_FILE_FILTER_MAX];
grub_file_filter_t grub_file_filters_enabled[GRUB_FILE_FILTER_MAX];
grub_file_filter_t grub_file_filters[GRUB_FILE_FILTER_MAX];
/* Get the device part of the filename NAME. It is enclosed by parentheses. */
char *
@@ -59,7 +58,7 @@ grub_file_get_device_name (const char *name)
}
grub_file_t
grub_file_open (const char *name)
grub_file_open (const char *name, enum grub_file_type type)
{
grub_device_t device = 0;
grub_file_t file = 0, last_file = 0;
@@ -105,18 +104,20 @@ grub_file_open (const char *name)
file->name = grub_strdup (name);
grub_errno = GRUB_ERR_NONE;
for (filter = 0; file && filter < ARRAY_SIZE (grub_file_filters_enabled);
for (filter = 0; file && filter < ARRAY_SIZE (grub_file_filters);
filter++)
if (grub_file_filters_enabled[filter])
if (grub_file_filters[filter])
{
last_file = file;
file = grub_file_filters_enabled[filter] (file, name);
file = grub_file_filters[filter] (file, type);
if (file && file != last_file)
{
file->name = grub_strdup (name);
grub_errno = GRUB_ERR_NONE;
}
}
if (!file)
grub_file_close (last_file);
grub_memcpy (grub_file_filters_enabled, grub_file_filters_all,
sizeof (grub_file_filters_enabled));
return file;
@@ -128,9 +129,6 @@ grub_file_open (const char *name)
grub_free (file);
grub_memcpy (grub_file_filters_enabled, grub_file_filters_all,
sizeof (grub_file_filters_enabled));
return 0;
}

21
grub-core/lib/crypto.c
View File

@@ -150,6 +150,27 @@ grub_crypto_lookup_md_by_name (const char *name)
}
}
const gcry_md_spec_t *
grub_crypto_lookup_md_by_asn (const void *asn, grub_size_t asnlen)
{
const gcry_md_spec_t *md;
int first = 1;
while (1)
{
for (md = grub_digests; md; md = md->next)
if (md->asnlen
&& (grub_size_t) md->asnlen <= asnlen
&& grub_memcmp (asn, md->asnoid, md->asnlen) == 0)
return md;
if (grub_crypto_autoload_hook && first)
/* FIXME */
grub_crypto_autoload_hook ("sha256");
else
return NULL;
first = 0;
}
}
const gcry_cipher_spec_t *
grub_crypto_lookup_cipher_by_name (const char *name)
{

2
grub-core/loader/efi/chainloader.c
View File

@@ -218,7 +218,7 @@ grub_cmd_chainloader (grub_command_t cmd __attribute__ ((unused)),
b = grub_efi_system_table->boot_services;
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE);
if (! file)
goto fail;

16
grub-core/loader/i386/bsd.c
View File

@@ -1448,7 +1448,7 @@ grub_bsd_load (int argc, char *argv[])
goto fail;
}
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_BSD_KERNEL);
if (!file)
goto fail;
@@ -1525,7 +1525,7 @@ grub_cmd_freebsd (grub_extcmd_context_t ctxt, int argc, char *argv[])
if (err)
return err;
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_BSD_KERNEL);
if (! file)
return grub_errno;
@@ -1682,7 +1682,7 @@ grub_cmd_netbsd (grub_extcmd_context_t ctxt, int argc, char *argv[])
{
grub_file_t file;
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_BSD_KERNEL);
if (! file)
return grub_errno;
@@ -1791,7 +1791,7 @@ grub_cmd_freebsd_loadenv (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_FREEBSD_ENV);
if ((!file) || (!file->size))
goto fail;
@@ -1892,7 +1892,7 @@ grub_cmd_freebsd_module (grub_command_t cmd __attribute__ ((unused)),
return 0;
}
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_FREEBSD_MODULE);
if ((!file) || (!file->size))
goto fail;
@@ -1943,7 +1943,7 @@ grub_netbsd_module_load (char *filename, grub_uint32_t type)
void *src;
grub_err_t err;
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_NETBSD_MODULE);
if ((!file) || (!file->size))
goto fail;
@@ -2029,7 +2029,7 @@ grub_cmd_freebsd_module_elf (grub_command_t cmd __attribute__ ((unused)),
return 0;
}
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_FREEBSD_MODULE_ELF);
if (!file)
return grub_errno;
if (!file->size)
@@ -2065,7 +2065,7 @@ grub_cmd_openbsd_ramdisk (grub_command_t cmd __attribute__ ((unused)),
if (!openbsd_ramdisk.max_size)
return grub_error (GRUB_ERR_BAD_OS, "your kOpenBSD doesn't support ramdisk");
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_OPENBSD_RAMDISK);
if (! file)
return grub_errno;

2
grub-core/loader/i386/linux.c
View File

@@ -694,7 +694,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL);
if (! file)
goto fail;

2
grub-core/loader/i386/pc/linux.c
View File

@@ -139,7 +139,7 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
goto fail;
}
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_LINUX_KERNEL);
if (! file)
goto fail;

2
grub-core/loader/i386/xnu.c
View File

@@ -484,7 +484,7 @@ grub_cmd_devprop_load (grub_command_t cmd __attribute__ ((unused)),
if (argc != 1)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_XNU_DEVPROP);
if (! file)
return grub_errno;
size = grub_file_size (file);

6
grub-core/loader/linux.c
View File

@@ -170,7 +170,6 @@ grub_initrd_init (int argc, char *argv[],
eptr = grub_strchr (ptr, ':');
if (eptr)
{
grub_file_filter_disable_compression ();
initrd_ctx->components[i].newc_name = grub_strndup (ptr, eptr - ptr);
if (!initrd_ctx->components[i].newc_name)
{
@@ -195,8 +194,9 @@ grub_initrd_init (int argc, char *argv[],
root = 0;
newc = 0;
}
grub_file_filter_disable_compression ();
initrd_ctx->components[i].file = grub_file_open (fname);
initrd_ctx->components[i].file = grub_file_open (fname,
GRUB_FILE_TYPE_LINUX_INITRD
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (!initrd_ctx->components[i].file)
{
grub_initrd_close (initrd_ctx);

4
grub-core/loader/macho.c
View File

@@ -184,12 +184,12 @@ fail:
}
grub_macho_t
grub_macho_open (const char *name, int is_64bit)
grub_macho_open (const char *name, enum grub_file_type type, int is_64bit)
{
grub_file_t file;
grub_macho_t macho;
file = grub_file_open (name);
file = grub_file_open (name, type);
if (! file)
return 0;

8
grub-core/loader/multiboot.c
View File

@@ -259,7 +259,7 @@ grub_cmd_multiboot (grub_command_t cmd __attribute__ ((unused)),
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_MULTIBOOT_KERNEL);
if (! file)
return grub_errno;
@@ -325,10 +325,8 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),
return grub_error (GRUB_ERR_BAD_ARGUMENT,
N_("you need to load the kernel first"));
if (nounzip)
grub_file_filter_disable_compression ();
file = grub_file_open (argv[0]);
file = grub_file_open (argv[0], GRUB_FILE_TYPE_MULTIBOOT_MODULE
| (nounzip ? GRUB_FILE_TYPE_NO_DECOMPRESS : 0));
if (! file)
return grub_errno;

16
grub-core/loader/xnu.c
View File

@@ -351,7 +351,7 @@ grub_cmd_xnu_kernel (grub_command_t cmd __attribute__ ((unused)),
grub_xnu_unload ();
macho = grub_macho_open (args[0], 0);
macho = grub_macho_open (args[0], GRUB_FILE_TYPE_XNU_KERNEL, 0);
if (! macho)
return grub_errno;
@@ -456,7 +456,7 @@ grub_cmd_xnu_kernel64 (grub_command_t cmd __attribute__ ((unused)),
grub_xnu_unload ();
macho = grub_macho_open (args[0], 1);
macho = grub_macho_open (args[0], GRUB_FILE_TYPE_XNU_KERNEL, 1);
if (! macho)
return grub_errno;
@@ -674,7 +674,7 @@ grub_xnu_load_driver (char *infoplistname, grub_file_t binaryfile,
macho = 0;
if (infoplistname)
infoplist = grub_file_open (infoplistname);
infoplist = grub_file_open (infoplistname, GRUB_FILE_TYPE_XNU_INFO_PLIST);
else
infoplist = 0;
grub_errno = GRUB_ERR_NONE;
@@ -770,7 +770,7 @@ grub_cmd_xnu_mkext (grub_command_t cmd __attribute__ ((unused)),
if (! grub_xnu_heap_size)
return grub_error (GRUB_ERR_BAD_OS, N_("you need to load the kernel first"));
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_XNU_MKEXT);
if (! file)
return grub_errno;
@@ -884,7 +884,7 @@ grub_cmd_xnu_ramdisk (grub_command_t cmd __attribute__ ((unused)),
if (! grub_xnu_heap_size)
return grub_error (GRUB_ERR_BAD_OS, N_("you need to load the kernel first"));
file = grub_file_open (args[0]);
file = grub_file_open (args[0], GRUB_FILE_TYPE_XNU_RAMDISK);
if (! file)
return grub_errno;
@@ -924,7 +924,7 @@ grub_xnu_check_os_bundle_required (char *plistname,
if (binname)
*binname = 0;
file = grub_file_open (plistname);
file = grub_file_open (plistname, GRUB_FILE_TYPE_XNU_INFO_PLIST);
if (! file)
return 0;
@@ -1209,7 +1209,7 @@ grub_xnu_load_kext_from_dir (char *dirname, const char *osbundlerequired,
grub_strcpy (binname + grub_strlen (binname), "/");
grub_strcpy (binname + grub_strlen (binname), binsuffix);
grub_dprintf ("xnu", "%s:%s\n", ctx.plistname, binname);
binfile = grub_file_open (binname);
binfile = grub_file_open (binname, GRUB_FILE_TYPE_XNU_KEXT);
if (! binfile)
grub_errno = GRUB_ERR_NONE;
@@ -1252,7 +1252,7 @@ grub_cmd_xnu_kext (grub_command_t cmd __attribute__ ((unused)),
/* User explicitly specified plist and binary. */
if (grub_strcmp (args[1], "-") != 0)
{
binfile = grub_file_open (args[1]);
binfile = grub_file_open (args[1], GRUB_FILE_TYPE_XNU_KEXT);
if (! binfile)
return grub_errno;
}

4
grub-core/loader/xnu_resume.c
View File

@@ -53,8 +53,8 @@ grub_xnu_resume (char *imagename)
grub_addr_t target_image;
grub_err_t err;
grub_file_filter_disable_compression ();
file = grub_file_open (imagename);
file = grub_file_open (imagename, GRUB_FILE_TYPE_XNU_HIBERNATE_IMAGE
| GRUB_FILE_TYPE_NO_DECOMPRESS);
if (! file)
return 0;

11
grub-core/normal/autofs.c
View File

@@ -33,12 +33,6 @@ autoload_fs_module (void)
{
grub_named_list_t p;
int ret = 0;
grub_file_filter_t grub_file_filters_was[GRUB_FILE_FILTER_MAX];
grub_memcpy (grub_file_filters_was, grub_file_filters_enabled,
sizeof (grub_file_filters_enabled));
grub_memcpy (grub_file_filters_enabled, grub_file_filters_all,
sizeof (grub_file_filters_enabled));
while ((p = fs_module_list) != NULL)
{
@@ -56,9 +50,6 @@ autoload_fs_module (void)
grub_free (p);
}
grub_memcpy (grub_file_filters_enabled, grub_file_filters_was,
sizeof (grub_file_filters_enabled));
return ret;
}
@@ -82,7 +73,7 @@ read_fs_list (const char *prefix)
tmp_autoload_hook = grub_fs_autoload_hook;
grub_fs_autoload_hook = NULL;
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE_LIST);
if (file)
{
/* Override previous fs.lst. */

2
grub-core/normal/crypto.c
View File

@@ -94,7 +94,7 @@ read_crypto_list (const char *prefix)
return;
}
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE_LIST);
grub_free (filename);
if (!file)
{

2
grub-core/normal/dyncmd.c
View File

@@ -106,7 +106,7 @@ read_command_list (const char *prefix)
{
grub_file_t file;
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE_LIST);
if (file)
{
char *buf = NULL;

2
grub-core/normal/main.c
View File

@@ -180,7 +180,7 @@ read_config_file (const char *config)
}
/* Try to open the config file. */
file = grub_file_open (config);
file = grub_file_open (config, GRUB_FILE_TYPE_CONFIG);
if (! file)
return 0;

2
grub-core/normal/term.c
View File

@@ -331,7 +331,7 @@ read_terminal_list (const char *prefix)
return;
}
file = grub_file_open (filename);
file = grub_file_open (filename, GRUB_FILE_TYPE_GRUB_MODULE_LIST);
grub_free (filename);
if (!file)
{

2
grub-core/video/readers/jpeg.c
View File

@@ -768,7 +768,7 @@ grub_video_reader_jpeg (struct grub_video_bitmap **bitmap,
grub_file_t file;
struct grub_jpeg_data *data;
file = grub_buffile_open (filename, 0);
file = grub_buffile_open (filename, GRUB_FILE_TYPE_PIXMAP, 0);
if (!file)
return grub_errno;

2
grub-core/video/readers/png.c
View File

@@ -1075,7 +1075,7 @@ grub_video_reader_png (struct grub_video_bitmap **bitmap,
grub_file_t file;
struct grub_png_data *data;
file = grub_buffile_open (filename, 0);
file = grub_buffile_open (filename, GRUB_FILE_TYPE_PIXMAP, 0);
if (!file)
return grub_errno;

2
grub-core/video/readers/tga.c
View File

@@ -297,7 +297,7 @@ grub_video_reader_tga (struct grub_video_bitmap **bitmap,
grub_memset (&data, 0, sizeof (data));
data.file = grub_buffile_open (filename, 0);
data.file = grub_buffile_open (filename, GRUB_FILE_TYPE_PIXMAP, 0);
if (! data.file)
return grub_errno;

6
include/grub/bufio.h
View File

@@ -22,7 +22,9 @@
#include <grub/file.h>
grub_file_t EXPORT_FUNC (grub_bufio_open) (grub_file_t io, int size);
grub_file_t EXPORT_FUNC (grub_buffile_open) (const char *name, int size);
grub_file_t EXPORT_FUNC (grub_bufio_open) (grub_file_t io, grub_size_t size);
grub_file_t EXPORT_FUNC (grub_buffile_open) (const char *name,
enum grub_file_type type,
grub_size_t size);
#endif /* ! GRUB_BUFIO_H */

2
include/grub/crypto.h
View File

@@ -260,6 +260,8 @@ struct grub_crypto_hmac_handle;
const gcry_cipher_spec_t *
grub_crypto_lookup_cipher_by_name (const char *name);
const gcry_md_spec_t *
grub_crypto_lookup_md_by_asn (const void *asn, grub_size_t asnlen);
grub_crypto_cipher_handle_t
grub_crypto_cipher_open (const struct gcry_cipher_spec *cipher);

2
include/grub/elfload.h
View File

@@ -42,7 +42,7 @@ typedef int (*grub_elf32_phdr_iterate_hook_t)
typedef int (*grub_elf64_phdr_iterate_hook_t)
(grub_elf_t elf, Elf64_Phdr *phdr, void *arg);
grub_elf_t grub_elf_open (const char *);
grub_elf_t grub_elf_open (const char *, enum grub_file_type type);
grub_elf_t grub_elf_file (grub_file_t file, const char *filename);
grub_err_t grub_elf_close (grub_elf_t);

142
include/grub/file.h
View File

@@ -25,6 +25,98 @@
#include <grub/fs.h>
#include <grub/disk.h>
enum grub_file_type
{
/* GRUB module to be loaded. */
GRUB_FILE_TYPE_GRUB_MODULE,
/* Loopback file to be represented as disk. */
GRUB_FILE_TYPE_LOOPBACK,
/* Linux kernel to be loaded. */
GRUB_FILE_TYPE_LINUX_KERNEL,
/* Linux initrd. */
GRUB_FILE_TYPE_LINUX_INITRD,
/* Multiboot kernel. */
GRUB_FILE_TYPE_MULTIBOOT_KERNEL,
/* Multiboot module. */
GRUB_FILE_TYPE_MULTIBOOT_MODULE,
GRUB_FILE_TYPE_BSD_KERNEL,
GRUB_FILE_TYPE_FREEBSD_ENV,
GRUB_FILE_TYPE_FREEBSD_MODULE,
GRUB_FILE_TYPE_FREEBSD_MODULE_ELF,
GRUB_FILE_TYPE_NETBSD_MODULE,
GRUB_FILE_TYPE_OPENBSD_RAMDISK,
GRUB_FILE_TYPE_XNU_INFO_PLIST,
GRUB_FILE_TYPE_XNU_MKEXT,
GRUB_FILE_TYPE_XNU_KEXT,
GRUB_FILE_TYPE_XNU_KERNEL,
GRUB_FILE_TYPE_XNU_RAMDISK,
GRUB_FILE_TYPE_XNU_HIBERNATE_IMAGE,
GRUB_FILE_XNU_DEVPROP,
GRUB_FILE_TYPE_EFI_CHAINLOADED_IMAGE,
/* File holding signature. */
GRUB_FILE_TYPE_SIGNATURE,
/* File holding public key to verify signature once. */
GRUB_FILE_TYPE_PUBLIC_KEY,
/* File holding public key to add to trused keys. */
GRUB_FILE_TYPE_PUBLIC_KEY_TRUST,
/* File of which we intend to print a blocklist to the user. */
GRUB_FILE_TYPE_PRINT_BLOCKLIST,
/* File we intend to use for test loading or testing speed. */
GRUB_FILE_TYPE_TESTLOAD,
/* File we open only to get its size. E.g. in ls output. */
GRUB_FILE_TYPE_GET_SIZE,
/* Font file. */
GRUB_FILE_TYPE_FONT,
/* File holding encryption key for encrypted ZFS. */
GRUB_FILE_TYPE_ZFS_ENCRYPTION_KEY,
/* File we open n grub-fstest. */
GRUB_FILE_TYPE_FSTEST,
/* File we open n grub-mount. */
GRUB_FILE_TYPE_MOUNT,
/* File which we attempt to identify the type of. */
GRUB_FILE_TYPE_FILE_ID,
/* File holding ACPI table. */
GRUB_FILE_TYPE_ACPI_TABLE,
/* File we intend show to user. */
GRUB_FILE_TYPE_CAT,
GRUB_FILE_TYPE_HEXCAT,
/* One of pair of files we intend to compare. */
GRUB_FILE_TYPE_CMP,
/* List of hashes for hashsum. */
GRUB_FILE_TYPE_HASHLIST,
/* File hashed by hashsum. */
GRUB_FILE_TYPE_TO_HASH,
/* Keyboard layout. */
GRUB_FILE_TYPE_KEYBOARD_LAYOUT,
/* Picture file. */
GRUB_FILE_TYPE_PIXMAP,
/* *.lst shipped by GRUB. */
GRUB_FILE_TYPE_GRUB_MODULE_LIST,
/* config file. */
GRUB_FILE_TYPE_CONFIG,
GRUB_FILE_TYPE_THEME,
GRUB_FILE_TYPE_GETTEXT_CATALOG,
GRUB_FILE_TYPE_FS_SEARCH,
GRUB_FILE_TYPE_AUDIO,
GRUB_FILE_TYPE_VBE_DUMP,
GRUB_FILE_TYPE_LOADENV,
GRUB_FILE_TYPE_SAVEENV,
GRUB_FILE_TYPE_VERIFY_SIGNATURE,
GRUB_FILE_TYPE_MASK = 0xff,
/* --skip-sig is specified. */
GRUB_FILE_TYPE_SKIP_SIGNATURE = 0x100,
GRUB_FILE_TYPE_NO_DECOMPRESS = 0x200,
};
/* File description. */
struct grub_file
{
@@ -77,61 +169,25 @@ typedef enum grub_file_filter_id
GRUB_FILE_FILTER_COMPRESSION_LAST = GRUB_FILE_FILTER_LZOPIO,
} grub_file_filter_id_t;
typedef grub_file_t (*grub_file_filter_t) (grub_file_t in, const char *filename);
typedef grub_file_t (*grub_file_filter_t) (grub_file_t in, enum grub_file_type type);
extern grub_file_filter_t EXPORT_VAR(grub_file_filters_all)[GRUB_FILE_FILTER_MAX];
extern grub_file_filter_t EXPORT_VAR(grub_file_filters_enabled)[GRUB_FILE_FILTER_MAX];
extern grub_file_filter_t EXPORT_VAR(grub_file_filters)[GRUB_FILE_FILTER_MAX];
static inline void
grub_file_filter_register (grub_file_filter_id_t id, grub_file_filter_t filter)
{
grub_file_filters_all[id] = filter;
grub_file_filters_enabled[id] = filter;
}
grub_file_filters[id] = filter;}
static inline void
grub_file_filter_unregister (grub_file_filter_id_t id)
{
grub_file_filters_all[id] = 0;
grub_file_filters_enabled[id] = 0;
}
static inline void
grub_file_filter_disable (grub_file_filter_id_t id)
{
grub_file_filters_enabled[id] = 0;
}
static inline void
grub_file_filter_disable_compression (void)
{
grub_file_filter_id_t id;
for (id = GRUB_FILE_FILTER_COMPRESSION_FIRST;
id <= GRUB_FILE_FILTER_COMPRESSION_LAST; id++)
grub_file_filters_enabled[id] = 0;
}
static inline void
grub_file_filter_disable_all (void)
{
grub_file_filter_id_t id;
for (id = 0;
id < GRUB_FILE_FILTER_MAX; id++)
grub_file_filters_enabled[id] = 0;
}
static inline void
grub_file_filter_disable_pubkey (void)
{
grub_file_filters_enabled[GRUB_FILE_FILTER_PUBKEY] = 0;
grub_file_filters[id] = 0;
}
/* Get a device name from NAME. */
char *EXPORT_FUNC(grub_file_get_device_name) (const char *name);
grub_file_t EXPORT_FUNC(grub_file_open) (const char *name);
grub_file_t EXPORT_FUNC(grub_file_open) (const char *name, enum grub_file_type type);
grub_ssize_t EXPORT_FUNC(grub_file_read) (grub_file_t file, void *buf,
grub_size_t len);
grub_off_t EXPORT_FUNC(grub_file_seek) (grub_file_t file, grub_off_t offset);
@@ -159,8 +215,8 @@ grub_file_seekable (const grub_file_t file)
}
grub_file_t
grub_file_offset_open (grub_file_t parent, grub_off_t start,
grub_off_t size);
grub_file_offset_open (grub_file_t parent, enum grub_file_type type,
grub_off_t start, grub_off_t size);
void
grub_file_offset_close (grub_file_t file);

3
include/grub/machoload.h
View File

@@ -49,7 +49,8 @@ struct grub_macho_file
};
typedef struct grub_macho_file *grub_macho_t;
grub_macho_t grub_macho_open (const char *, int is_64bit);
grub_macho_t grub_macho_open (const char *, enum grub_file_type type,
int is_64bit);
grub_macho_t grub_macho_file (grub_file_t file, const char *filename,
int is_64bit);
grub_err_t grub_macho_close (grub_macho_t);

6
util/grub-fstest.c
View File

@@ -113,9 +113,9 @@ read_file (char *pathname, int (*hook) (grub_off_t ofs, char *buf, int len, void
return;
}
if (uncompress == 0)
grub_file_filter_disable_compression ();
file = grub_file_open (pathname);
file = grub_file_open (pathname, ((uncompress == 0)
? GRUB_FILE_TYPE_NO_DECOMPRESS : 0)
| GRUB_FILE_TYPE_FSTEST);
if (!file)
{
grub_util_error (_("cannot open `%s': %s"), pathname,

6
util/grub-mount.c
View File

@@ -209,7 +209,7 @@ fuse_getattr (const char *path, struct stat *st)
if (!ctx.file_info.dir)
{
grub_file_t file;
file = grub_file_open (path);
file = grub_file_open (path, GRUB_FILE_TYPE_GET_SIZE);
if (! file && grub_errno == GRUB_ERR_BAD_FILE_TYPE)
{
grub_errno = GRUB_ERR_NONE;
@@ -245,7 +245,7 @@ static int
fuse_open (const char *path, struct fuse_file_info *fi __attribute__ ((unused)))
{
grub_file_t file;
file = grub_file_open (path);
file = grub_file_open (path, GRUB_FILE_TYPE_MOUNT);
if (! file)
return translate_error ();
files[first_fd++] = file;
@@ -309,7 +309,7 @@ fuse_readdir_call_fill (const char *filename,
grub_file_t file;
char *tmp;
tmp = xasprintf ("%s/%s", ctx->path, filename);
file = grub_file_open (tmp);
file = grub_file_open (tmp, GRUB_FILE_TYPE_GET_SIZE);
free (tmp);
/* Symlink to directory. */
if (! file && grub_errno == GRUB_ERR_BAD_FILE_TYPE)