grub/commands at 0b59d379fc2f5833134195ba767297d8efd1e31f - grub - Gitea: Git with a cup of tea.... and pages of fanfiction!

History

Sudhakar Kuppusamy 7f68c71952 appended signatures: GRUB commands to manage the hashes

Introducing the following GRUB commands to manage certificate/binary
hashes.

  1. append_list_dbx:
      Show the list of distrusted certificates and binary/certificate
      hashes from the dbx list.
  2. append_add_db_hash:
      Add the trusted binary hash to the db list.
  3. append_add_dbx_hash:
      Add the distrusted certificate/binary hash to the dbx list.

Note that if signature verification (check_appended_signatures) is set to yes,
the append_add_db_hash and append_add_dbx_hash commands only accept the file
‘hash_file’ that is signed with an appended signature.

Signed-off-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Tested-by: Sridhar Markonda <sridharm@linux.ibm.com>
Reviewed-by: Avnish Chouhan <avnish@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

2025-10-11 15:36:53 +02:00

appendedsig

appended signatures: GRUB commands to manage the hashes

2025-10-11 15:36:53 +02:00

arc

Remove nested functions from device iterators.

2013-01-20 15:52:15 +00:00

efi

commands/bli: Set LoaderTpm2ActivePcrBanks runtime variable

2025-08-14 21:20:01 +02:00

i386

i386/msr: Extract and improve MSR support detection code

2024-10-10 13:09:06 +02:00

ieee1275

ieee1275/tcg2: Refactor grub_ieee1275_tpm_init()

2024-11-28 22:37:50 +01:00

mips/loongson

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

tpm2_key_protector

tpm2_key_protector: Dump the PCR bank for key unsealing

2025-06-17 14:12:50 +02:00

xen

Correct some translatable strings.

2013-12-21 03:03:31 +01:00

acpi.c

commands/acpi: Use options enum to index command options

2025-03-05 21:24:47 +01:00

acpihalt.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

bli.c

commands/bli: Set LoaderTpm2ActivePcrBanks runtime variable

2025-08-14 21:20:01 +02:00

blocklist.c

disk: Allow read hook callback to take read buffer to potentially modify it

2022-07-04 14:43:25 +02:00

blsuki.c

blsuki: Add uki command to load Unified Kernel Image entries

2025-09-04 14:37:20 +02:00

boot.c

commands/boot: Add API to pass context to loader

2022-06-07 16:39:31 +02:00

boottime.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

cacheinfo.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

cat.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

cmp.c

commands/cmp: Only return success when both files have the same contents

2023-01-10 16:32:42 +01:00

configfile.c

* grub-core/commands/configfile.c (GRUB_MOD_INIT): Correct

2012-10-12 15:34:33 +01:00

date.c

misc: Make grub_strtol() "end" pointers have safer const qualifiers

2020-02-28 12:41:29 +01:00

echo.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

eval.c

* grub-core/script/execute.c (grub_script_execute_sourcecode): Split

2013-06-07 18:40:37 +02:00

extcmd.c

commands/extcmd: Missing check for failed allocation

2025-02-13 15:45:55 +01:00

file32.c

Implement grub_file tool and use it to implement generating of config

2013-12-17 14:39:48 +01:00

file64.c

Implement grub_file tool and use it to implement generating of config

2013-12-17 14:39:48 +01:00

file.c

commands/file: Fix NULL dereference in the knetbsd tests

2025-02-26 19:34:57 +01:00

fileXX.c

commands/fileXX: Fix remaining memory leak.

2015-01-25 16:36:30 +03:00

gptsync.c

gptsync: Add missing device_close.

2015-01-24 20:52:02 +01:00

halt.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

hashsum.c

libgcrypt: Adjust import script, definitions and API users for libgcrypt 1.11

2025-07-11 23:12:50 +02:00

hdparm.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

help.c

normal/help: Add paging instructions to normal and help prompts

2022-11-14 17:37:51 +01:00

hexdump.c

commands/hexdump: Disable memory reading in lockdown mode

2025-02-13 15:45:56 +01:00

iorw.c

efi: Use grub_is_lockdown() instead of hardcoding a disabled modules list

2021-03-02 15:54:15 +01:00

keylayouts.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

keystatus.c

kern/term: Make grub_getkeystatus() helper function available everywhere

2020-04-21 22:08:52 +02:00

legacycfg.c

blsuki: Add blscfg command to parse Boot Loader Specification snippets

2025-09-04 14:37:20 +02:00

loadenv.c

disk: Allow read hook callback to take read buffer to potentially modify it

2022-07-04 14:43:25 +02:00

ls.c

commands/ls: Add directory header for dir args

2025-03-05 21:24:48 +01:00

lsacpi.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

lsmmap.c

Translate UEFI persistent memory type

2015-12-15 10:25:34 +03:00

lspci.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

macbless.c

commands/macbless: Remove whitespace between N_ macro and open parenthesis

2022-06-07 12:51:50 +02:00

memrw.c

commands/memrw: Disable memory reading in lockdown mode

2025-02-13 15:45:56 +01:00

memtools.c

commands/memtools: Add memtool module with memory allocation stress-test

2023-03-07 15:26:36 +01:00

menuentry.c

blsuki: Add blscfg command to parse Boot Loader Specification snippets

2025-09-04 14:37:20 +02:00

minicmd.c

disk/cryptodisk: Add the "erase secrets" function

2025-05-06 17:14:03 +02:00

nativedisk.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

parttool.c

types: Make bool generally available

2022-11-14 17:17:21 +01:00

password_pbkdf2.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

password.c

Improve gettext support. Stylistic fixes and error handling fixes while

2012-02-08 19:26:01 +01:00

pcidump.c

misc: Make grub_strtol() "end" pointers have safer const qualifiers

2020-02-28 12:41:29 +01:00

pgp.c

pgp: Rename OBJ_TYPE_PUBKEY to OBJ_TYPE_GPG_PUBKEY

2025-10-11 15:36:34 +02:00

probe.c

guid: Make use of GUID printf format specifier

2023-06-01 11:45:00 +02:00

read.c

commands/read: Fix an integer overflow when supplying more than 2^31 characters

2025-02-13 15:45:56 +01:00

reboot.c

Add noreturn attributes and remove unreachable code.

2011-12-13 15:13:51 +01:00

regexp.c

commands/regexp: Fix typo

2023-07-03 14:10:01 +02:00

search_file.c

* grub-core/commands/search_file.c (SEARCH_TARGET): Remove obsolete

2012-02-03 11:46:18 +01:00

search_label.c

* grub-core/commands/search_file.c (SEARCH_TARGET): Remove obsolete

2012-02-03 11:46:18 +01:00

search_uuid.c

* grub-core/commands/search_file.c (SEARCH_TARGET): Remove obsolete

2012-02-03 11:46:18 +01:00

search_wrap.c

commands/search: Introduce the --cryptodisk-only argument

2025-05-06 17:14:02 +02:00

search.c

cryptocheck: Add --quiet option

2025-05-06 17:14:04 +02:00

setpci.c

commands/setpci: Honor write mask argument

2021-09-06 15:08:23 +02:00

sleep.c

kern/term: Accept ESC, F4 and holding SHIFT as user interrupt keys

2020-04-21 22:13:44 +02:00

smbios.c

smbios: Add a --linux argument to apply linux modalias-like filtering

2020-03-10 21:35:02 +01:00

syslinuxcfg.c

commands/syslinux: Add missing free.

2015-01-24 21:23:25 +01:00

terminal.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

test.c

commands/test: Stack overflow due to unlimited recursion depth

2025-02-13 15:45:56 +01:00

testload.c

disk: Allow read hook callback to take read buffer to potentially modify it

2022-07-04 14:43:25 +02:00

testspeed.c

verifiers: File type for fine-grained signature-verification controlling

2018-11-09 13:25:31 +01:00

time.c

Improve string. Gettextize.

2012-02-12 15:25:25 +01:00

tpm.c

commands/tpm: Skip loopback image measurement

2024-10-10 13:04:37 +02:00

tr.c

commands/tr: Simplify and fix missing parameter test.

2015-01-24 21:25:42 +01:00

true.c

* grub-core/commands/acpihalt.c: Add TRANSLATORS comments.

2012-03-03 12:59:28 +01:00

usbtest.c

usbtest: Disable gcc9 -Waddress-of-packed-member

2019-04-23 11:37:08 +02:00

videoinfo.c

commands/videoinfo: Prevent crash when run while video driver already active

2023-08-14 18:04:04 +02:00

videotest.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

wildcard.c

commands: Remove trailing whitespaces

2022-03-14 15:44:26 +01:00

xnu_uuid.c

libgcrypt: Adjust import script, definitions and API users for libgcrypt 1.11

2025-07-11 23:12:50 +02:00