On Wed, 28 May 2025 18:19:20 +0300 "Vladimir 'phcoder' Serbinenko" <phco...@gmail.com> wrote:
> I'm unsure about exporting all random parameters to env namespace. > PHP went down this road and result was bunch of bad vulnerabilities. > Maybe instead of blindly exporting it have some kind of export or > query command? Or at least add some prefix to exported vars to > identify them as such? There is a prefix, `xen_grub_env_`. I documented it in the first paragraph of the patch cover letter and in a code comment. I'll document it in the commit message as well though. > Regards > Vladimir 'phcoder' Serbinenko > > Le jeu. 24 avr. 2025, 05:47, Aaron Rainbolt <arraybo...@gmail.com> a > écrit : > > > The purpose of this patch is to allow the Xen hypervisor to pass > > extra data to GRUB in the form of a kernel command line, allowing > > the host to customize the boot process of the guest. The command > > line from Xen is parsed, and any variables within that start with > > the string `xen_grub_env_` are exposed as environment variables. > > The grub.cfg script can then use those environment variables as it > > sees fit. > > > > The main reason for doing this is to allow implementing boot modes > > in Qubes OS while also using in-VM kernels. For more context on > > Qubes boot modes, see [1]. In order for this to work with in-VM > > kernels, it is necessary for dom0 to pass kernel parameters to the > > guest without modifying the guest's grub.cfg manually. This patch > > allows this to be done, by allowing dom0 to pass kernel parameters > > to GRUB, which then provides them to grub.cfg as an environment > > variable. The grub.cfg script within the VM can then append those > > variables to the kernel command line. > > > > This is a significantly more robust version of the Xen command line > > parsing draft sent previously [2]. The patch has been tested with > > both PV and PVH virtual machines, using an otherwise unpatched GRUB > > source tree, building the patch on top of the tip of git master at > > the time of this writing (commit 4abac0a). My testing environment > > is a fully updated Arch Linux system with Xen built from the > > stable-4.20 branch. > > > > Some changes from the initial draft sent previously: > > > > * Only parameters starting with `xen_grub_env_` are exposed as > > environment variables. This solves two of the previous patch's > > issues > > - dom0 can no longer clobber arbitrary variables within grub.cfg > > (as it cannot define variables with names that don't start with > > `xen_grub_env`), and API breakage won't occur if in the future > > more features are added to GRUB that use the Xen-provided kernel > > command line. > > * Testing has been done as described above. > > > > [1] https://github.com/QubesOS/qubes-linux-pvgrub2/pull/16 > > [2] > > https://lists.gnu.org/archive/html/grub-devel/2025-04/msg00050.html > > > > Aaron Rainbolt (1): > > Add Xen command line parsing > > > > grub-core/Makefile.core.def | 2 + > > grub-core/kern/i386/xen/pvh.c | 16 ++ > > grub-core/kern/main.c | 12 ++ > > grub-core/kern/xen/cmdline.c | 270 > > ++++++++++++++++++++++++++++++++++ include/grub/xen.h | > > 2 + 5 files changed, 302 insertions(+) > > create mode 100644 grub-core/kern/xen/cmdline.c > > > > -- > > 2.49.0 > > > > _______________________________________________ > > Grub-devel mailing list > > Grub-devel@gnu.org > > https://lists.gnu.org/mailman/listinfo/grub-devel > >
pgpHKiQkFLZ9Y.pgp
Description: OpenPGP digital signature
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
