Add some suggestions to the security section on maximizing the
security hardening of GRUB.
This change reveals sectioning issues introduced by commit 0b59d379f
(docs/grub: Document signing GRUB under UEFI) and commit 0f2dda8cf
(docs/grub: Document signing GRUB with an appended signature). Fix them
on the occasion.
Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Apparently the man page is outdated because the option "-w" is shown
but not on "mkfs.hfsplus --usage". According to Gemini:
The -w option is used to add an HFS wrapper around an HFS Plus file
system, which is sometimes required for compatibility with older
Mac OS 9 systems. However, this is not a standard or commonly used
option and may not be available in all versions of the hfsprogs package,
especially on Linux.
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
In this case it does not hurt to increase bash execution verbosity so
we can get more insight in case of issues.
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
There is no reason to fail a test if the required testing tool is not
present on the system, so skip the test instead of failing it.
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
Reviewed-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
HMAC-SHA1 is the only HMAC variant tested in the existing vectors.
Add vectors to test HMAC-SHA{256,512} as well.
Signed-off-by: Srish Srinivasan <ssrish@linux.ibm.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds a NULL check after grub_malloc() call. Missing a failure
check after calling grub_malloc() can lead to undefined behavior. If the
allocation fails and returns NULL subsequent dereferencing or writing to
the pointer will likely result in a runtime error such as a segmentation
fault.
Signed-off-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds a NULL check after grub_malloc() call. Missing a failure
check after calling grub_malloc() can lead to undefined behavior. If the
allocation fails and returns NULL subsequent dereferencing or writing to
the pointer will likely result in a runtime error such as a segmentation
fault.
Signed-off-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds a NULL check after grub_malloc() call. Missing a failure
check after calling grub_malloc() can lead to undefined behavior. If the
allocation fails and returns NULL subsequent dereferencing or writing to
the pointer will likely result in a runtime error such as a segmentation
fault.
Signed-off-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds a NULL check after grub_malloc() call. Missing a failure
check after calling grub_malloc() can lead to undefined behavior. If the
allocation fails and returns NULL subsequent dereferencing or writing to
the pointer will likely result in a runtime error such as a segmentation
fault.
Signed-off-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The grub_zalloc() allocates memory for port. If the allocation for
port->name fails the function returns NULL without freeing the
previously allocated port memory. This results in a memory leak.
To avoid this we must free port before return.
Signed-off-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
or else configure check doesn't succeed with non-bash shell (e.g. dash):
checking whether to enable AMD64 as(1) feature detection... /var/tmp/portage/sys-boot/grub-2.14_rc1/work/grub-2.14~rc1/configure: 39176: test: xx86_64: unexpected operator
no
and later build fails with
/var/tmp/portage/sys-boot/grub-2.14_rc1/work/grub-2.14~rc1/grub-core/lib/libgcrypt-grub/src/hwf-x86.c: In function ‘detect_x86_gnuc’:
/var/tmp/portage/sys-boot/grub-2.14_rc1/work/grub-2.14~rc1/grub-core/lib/libgcrypt-grub/src/hwf-x86.c:252:17: error: ‘HWF_INTEL_CPU’ undeclared (first use in this function)
252 | result |= HWF_INTEL_CPU;
| ^~~~~~~~~~~~~
and other corresponding HWF_INTEL_* definitions because HAVE_CPU_ARCH_X86 was
erroneously not defined by configure script.
Signed-off-by: Lars Wendler <polynomial-c@gmx.de>
Reviewed-by: Gary Lin <glin@suse.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
According to the System V Application Binary Interface specification [1]
the sections holding a symbol table, SHT_SYMTAB and SHT_DYNSYM, have to
have sh_info set to "One greater than the symbol table index of the last
local symbol (binding STB_LOCAL)". Current code converting PE images to
ELF files does not do that and readelf complains in following way:
...
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .text PROGBITS 00000000 000034 0014d4 00 AX 0 0 4
[ 2] .data PROGBITS 00000000 001508 000040 00 WA 0 0 32
[ 3] .rdata PROGBITS 00000000 001548 0006b8 00 A 0 0 4
[ 4] .module_license PROGBITS 00000000 001c00 000010 00 0 0 4
[ 5] .bss NOBITS 00000000 000000 000008 00 WA 0 0 4
[ 6] .moddeps PROGBITS 00000000 001c10 000010 00 0 0 4
[ 7] .modname PROGBITS 00000000 001c20 000008 00 0 0 4
[ 8] .rel.text REL 00000000 001c28 0008c8 08 11 1 4
[ 9] .rel.data REL 00000000 0024f0 000040 08 11 2 4
[10] .rel.rdata REL 00000000 002530 000070 08 11 3 4
[11] .symtab SYMTAB 00000000 0025a0 0001d0 10 12 0 4
[12] .strtab STRTAB 00000000 002770 000237 00 0 0 1
...
Symbol table '.symtab' contains 29 entries:
Num: Value Size Type Bind Vis Ndx Name
0: 00000000 0 NOTYPE LOCAL DEFAULT UND
readelf: Warning: local symbol 0 found at index >= .symtab's sh_info value of 0
1: 0000144a 0 FUNC LOCAL DEFAULT 1 grub_mod_init
readelf: Warning: local symbol 1 found at index >= .symtab's sh_info value of 0
2: 000014aa 0 FUNC LOCAL DEFAULT 1 grub_mod_fini
readelf: Warning: local symbol 2 found at index >= .symtab's sh_info value of 0
3: 00000000 0 SECTION LOCAL DEFAULT 1 .text
readelf: Warning: local symbol 3 found at index >= .symtab's sh_info value of 0
4: 00000000 0 SECTION LOCAL DEFAULT 2 .data
readelf: Warning: local symbol 4 found at index >= .symtab's sh_info value of 0
5: 00000000 0 SECTION LOCAL DEFAULT 5 .bss
readelf: Warning: local symbol 5 found at index >= .symtab's sh_info value of 0
6: 00000000 0 SECTION LOCAL DEFAULT 3 .rdata
readelf: Warning: local symbol 6 found at index >= .symtab's sh_info value of 0
7: 00000000 0 NOTYPE GLOBAL DEFAULT UND grub_dma_get_phys
8: 00000000 0 NOTYPE GLOBAL DEFAULT UND grub_cs5536_write_msr
9: 00000000 0 NOTYPE GLOBAL DEFAULT UND grub_dma_free
...
Let's fix it...
[1] https://www.sco.com/developers/gabi/2012-12-31/contents.html
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
The commit 98ad84328 (kern/dl: Check for the SHF_INFO_LINK flag in
grub_dl_relocate_symbols()) revealed a bug in the code converting PE
module images to ELF files. The missing SHF_INFO_LINK flag for SHT_REL
and SHT_RELA sections lead to hangs during GRUB load. This only happens
for the GRUB images generated on Windows platforms. The *NIX platforms
are not affected due to lack of PE to ELF conversion step.
This patch fixes the issue...
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Ross Philipson <ross.philipson@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
Clang will produce a warning, which is treated as an error, that
"vendor_defined_data" is uninitialized. This is a "zero length" array
member of this struct. Add conditional compile pragma to allow this to
compile with Clang.
Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add the tpm2key.asn file to the dist archive for reference by end users.
Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Include the two new zstd test support files in the dist archive
so end users can successfully run this test.
Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Include the MAINTAINERS and SECURITY files in the dist archive
for reference in distributed archives by end users.
Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This file was not added to EXTRA_DIST during the appended signatures merge.
Fixes: 3e4ff6ffb (appended signatures: Parse ASN1 node)
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
Currently bootstrap complains in the following way when
patching gnulib files:
patching file regcomp.c
Hunk #2 succeeded at 1029 with fuzz 2.
Hunk #5 succeeded at 1716 with fuzz 2.
patching file regexec.c
patching file base64.c
patching file regexec.c
Hunk #1 succeeded at 807 (offset -21 lines).
Let's fix it by adding missing "\f" and amending line
numbers in the patches.
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Alec Brown <alec.r.brown@oracle.com>
When tpm2_submit_command_real() is called for a retry, the content of
out buffer can already be set with previous tpm2_submit_command_real()
call's reply. Add a call to grub_tpm2_buffer_init() before tpm2_submit_command_real().
This solves the issues occurring during TPM_CC_Load command on the
integrated TPM 2.0 in Intel Elkhart Lake chip.
Signed-off-by: Yann Diorcet <diorcet.yann@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Improved ad-hoc fuzzing coverage revealed a possible access violation
around line 342 of grub-core/fs/ntfs.c when accessing the attr_cur
pointer due to possibility of moving pointer "next" beyond of the end of
the valid buffer inside next_attribute. Prevent this for cases where
full attribute validation is not performed (such as on attribute lists)
by performing a sanity check on the newly calculated next pointer.
Fixes: 06914b614 (fs/ntfs: Correct attribute vs attribute list validation)
Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
On network boots grub_ieee1275_net_config() is used to determine the
boot device but the path continues to be taken from the Open Firmware
/chosen/bootpath property. This assumes the device node follows the
generic IEEE 1275 syntax which is not always the case. Different drivers
may extend or redefine the format and GRUB may then misinterpret the
argument as a filename and set $prefix incorrectly.
The generic Open Firmware device path format is:
device-name[:device-argument]
device-argument := [partition][,[filename]]
For example, a bootpath such as:
/vdevice/l-lan@30000002:speed=auto,duplex=auto,1.2.243.345,,9.8.76.543,1.2.34.5,5,5,255.255.255.0,512
does not follow this form. The section after the colon (the device-argument)
contains driver-specific options and network parameters, not a valid filename.
The GRUB interprets this string as a filename which results in $prefix being
set to "/", effectively losing the intended boot directory.
The firmware is not at fault here since interpretation of device nodes
is driver-specific. Instead, GRUB should use the filename provided in
the cached DHCP packet which is consistent and reliable. This is also
the same mechanism already used on UEFI and legacy BIOS platforms.
This patch updates grub_machine_get_bootlocation() to prefer the result
from grub_ieee1275_net_config() when complete and only fall back to the
firmware bootpath otherwise.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
A NULL pointer dereference can occur in grub_net_udp_close(data->sock)
when handling a malformed TFTP OACK packet.
This issue was discovered via fuzzing. When a malformed OACK packet
contains an invalid file size, "tsize", value tftp_receive() detects
the error and saves it via grub_error_save(&data->save_err). Later,
tftp_open() restores this error and calls grub_net_udp_close(data->sock)
assuming the socket is still valid.
However, the socket may have already been closed and set to NULL after
processing the final data block in tftp_receive() leading to a NULL
pointer dereference when attempting to close it again.
Fix it by checking if the socket is non-NULL before closing.
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
In recv_hook(), *data->addresses is freed without being set to NULL.
Since *data->addresses can be cached in dns_cache[h].addresses, this
can lead to UAF or double free if dns_cache[h].addresses is accessed
or cleared later.
The fix sets *data->addresses to NULL after freeing to avoid dangling
pointer.
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
A UAF occurs in grub_net_network_level_interface_unregister()
when inter->name is accessed after being freed in grub_cmd_bootp().
Fix it by deferring grub_free(ifaces[j].name) until after
grub_net_network_level_interface_unregister() completes.
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add documentation of the new lsmemregions command as well as
documenting the existing memtools module commands.
Signed-off-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Prints memory regions general information including size, number of
blocks, total free and total allocated memory per region. The reason
behind is to have a tool that shows general information about regions
and how fragmented the memory is at some particular time.
Below is an example showing how this tool before and after memory stress.
grub> lsmemregions
Region 0x78f6e000 (size 33554368 blocks 1048574 free 27325472 alloc 6232768)
> stress_big_allocations
...
grub> lsmemregions
Region 0x7af8e000 (size 4032 blocks 126 free 2720 alloc 1312)
Region 0x80c000 (size 81856 blocks 2558 free 81856 alloc 0)
Region 0x7d165000 (size 167872 blocks 5246 free 167872 alloc 0)
Region 0x7d0bf000 (size 655296 blocks 20478 free 655296 alloc 0)
Region 0x7ee00000 (size 1331136 blocks 41598 free 1331136 alloc 0)
Region 0x100000 (size 7385024 blocks 230782 free 7385024 alloc 0)
Region 0x7af95000 (size 25382848 blocks 793214 free 25382848 alloc 0)
Region 0x1780000 (size 2038357952 blocks 63698686 free 2077517536 alloc 5445568)
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
Reviewed-by: Andrew Hamilton <adhamilt@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Test zstd decompression in the same way that other decompressors are tested.
Signed-off-by: Logan Gunthorpe <logang@deltatee.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add a file.zstd similar to the other compression methods and generate
a gpg signature with "gpg --detach-sign".
Signed-off-by: Logan Gunthorpe <logang@deltatee.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The "keys" file is not a valid GPG secret key so it is not possible to
generate new signatures.
Create a new key and use "gpg --export-secret-key" to export the key
and "gpg --export" to export the public key. Then resign all the
signatures with "gpg --detach-sign".
Signed-off-by: Logan Gunthorpe <logang@deltatee.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add zstd based io decompression.
Based largely on the existing xzio, implement the same features using
the zstd library already included in the project.
Signed-off-by: Logan Gunthorpe <logang@deltatee.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The old wiki link is obsolete and no longer updated. Change it to the
current documentation.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Update grub.texi to describe the external environment block in the
reserved area of Btrfs header used for grub-reboot and savedefault, and
add a section documenting the saved_entry, next_entry, and env_block
variables.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch extends the generated grub.cfg so that it can use the
external environment block when the variable env_block is defined.
During boot, if env_block is set, grub.cfg builds a device path for it,
exports the variable, and then loads its contents in addition to the
normal grubenv file.
When GRUB writes variables such as next_entry or saved_entry, the save
commands are changed to write into env_block if it is set, and to fall
back to the grubenv file otherwise. In this way the external environment
block is used automatically, and existing commands like savedefault or
save_env do not need to change.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch reserves space for the GRUB environment block inside the
Btrfs header. The block is placed at an offset of GRUB_ENV_BTRFS_OFFSET,
256 KiB from the start of the device, and occupies one sector. To
protect the space, overflow guard sectors are placed before and after
the reserved block.
The Btrfs header already defines regions for bootloader use. By adding
this entry, GRUB gains a fixed and safe location to store the environment
block without conflicting with other structures in the header.
Add Btrfs and its reserved area information to the fs_envblk_spec table.
With the groundworks done in previous patches, the function is now
complete and working in grub-editenv.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds the probe_fs_envblk() function to identify the root
filesystem and invoke fs_envblk_init() with the probed filesystem type
and device. This checks if the feature is available and initializes the
handle, fs_envblk, to access the external environment block. It avoids
configurations with diskfilter or cryptodisk where filesystem blocks may
be remapped or encrypted.
The probe is only invoked when grub-editenv is working on the default
environment file path. This restriction ensures that probing and
possible raw device access are not triggered for arbitrary user supplied
paths, but only for the standard grubenv file. In that case the code
checks if the filename equals DEFAULT_ENVBLK_PATH and then calls
probe_fs_envblk with fs_envblk_spec. The result is stored in the global
fs_envblk handle. At this stage the external environment block is only
detected and recorded, and the behavior of grub-editenv is unchanged.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch updates list_variables() so that it also prints entries from
the external environment block when one is present. The function first
lists all variables from the file based envblk, then iterates over the
external envblk and prints those as well.
The output format remains the same as before. The change makes it
possible to inspect variables regardless of whether they are stored in
the file envblk or in the reserved block.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch updates unset_variables() so that removals are also applied
to the external environment block when it is present. The code opens the
external block, deletes the same named keys there, and then writes the
external block back using fs_envblk_write(). The file based envblk is
still updated and written as before.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch changes set_variables() so that it can use an external
environment block when one is present. The variable next_entry is
written into the external block, env_block is treated as read only, and
all other variables are written into the normal file based envblk.
A cleanup step is added to handle cases where GRUB at runtime writes
variables into the external block because file based updates are not
safe on a copy on write filesystem such as Btrfs. For example, the
savedefault command can update saved_entry, and on Btrfs GRUB will place
that update in the external block instead of the file envblk. If an
older copy remains in the external block, it would override the newer
value from the file envblk when GRUB first loads the file and then
applies the external block on top of it. To avoid this, whenever
a variable is updated in the file envblk, any same named key in
the external block is deleted.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds the function fs_envblk_write to update the reserved
environment block on disk. The helper takes an in memory envblk buffer
and writes it back to the device at the location defined by the
fs_envblk specification. It performs size checks and uses file sync to
ensure that the updated data is flushed.
The helper is also added into the fs_envblk ops table, together with the
open helper from the previous patch. With this change the basic input
and output path for an external environment block is complete. The
choice of which variables should be written externally will be handled
by later patches.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This patch adds the logic to locate and open an environment block that
is stored in a reserved area on the device. It introduces the function
fs_envblk_open() together with helper routines to read the block pointed
to by the env_block variable, and to create the block on disk when it
does not exist yet. When a block is created, the code records its
location inside the file based envblk by setting env_block in block list
syntax of offset plus size in sectors.
The env_block variable acts as a link from the file envblk to the raw
disk region so that later runs of grub-editenv can follow it and access
the external block. The helper is exposed through a small ops table
attached to fs_envblk so that later patches can call
fs_envblk->ops->open() without touching core code again. At this stage
variables are still stored in the file envblk and no redirection has
been applied.
In relation to this, the fs_envblk_spec table defines the file-system
specific layout of the reserved raw blocks used for environment storage.
It is prepared to facilitate integration in grub-editenv, with Btrfs to
be added in the future once its reserved area is defined.
An fs_envblk_init() helper is added to prepare it for using the ops with
its associated data context if the feature is available. It is not used
yet, but will be used later when a filesystem and its device are probed
to initialize the fs_envblk handle and enable access to the feature.
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add unit tests for %zd, %zu and %zx to verify size_t and ssize_t
formatting matches system snprintf().
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Add support for the "z" length modifier in the printf code. This allows
printing of size_t and ssize_t values using %zu, %zd and related
formats. The parser maps "z" to the correct integer width based on
sizeof(size_t).
Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Neal Gompa <ngompa13@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
The --hw-accel option has been added to cryptomount to speed up
decryption by temporarily enabling hardware-specific instruction
sets (e.g., AVX, SSE) in libgcrypt.
A new feature, "feature_gcry_hw_accel", is also introduced to mark the
availability of the new option.
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Enable hardware acceleration for the gcry_sha512 module when building
for the x86_64 EFI target.
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Enable hardware acceleration for the gcry_sha256 module when building
for the x86_64 EFI target.
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
There is no prototype of _gcry_sha256_transform_intel_shaext() defined
in the header or libgcrypt-grub/cipher/sha256.c, and gcc may complain
the missing-prototypes error when compiling sha256-intel-shaext.c.
Declare the prototype in sha256-intel-shaext.c to avoid the error.
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Implement _gcry_get_hw_features() and enable hardware feature detection
for x86_64.
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
