From: Laszlo Ersek
The tramp/GOT write-protection in grub_dl_set_mem_attrs() requires that
the tramp/GOT areas of the module image *not* share a page with any other
memory allocations. Page-align the tramp/GOT areas, while satisfying their
intrinsic alignment requirements too.
Fixes: 887f1d8fa97
Current state of the patchset:
- Cherry-picked Fedora NX patches to make GRUB itself work under NX.
This required some fixups to build on non-64 bit arches (operation
on 32-bit is currently untested)
- Cherry-picked Julian Andres Klode's loader framework patch (used in
Debian and Ubuntu for t
From: Peter Jones
Currently we load module sections at whatever alignment gcc+ld happened
to dump into the ELF section header, which is often pretty useless. For
example, by default time.mod has these sections on a current x86_64
build:
$ eu-readelf -a grub-core/time.mod |& grep ^Section -A13
S
From: Peter Jones
Currently .module_license is set writable (that is, the section has the
SHF_WRITE flag set) in the module's ELF headers. This probably never
actually matters, but it can't possibly be correct.
This patch sets that data as "const", which causes that flag not to be
set.
Signed-
From: Laszlo Ersek
The grub_dprintf() call for printing the message
updating attributes for GOT and trampolines
passes the argument "mod->name", but the format string doesn't accept that
argument.
Print the module name too.
Example output:
> kern/dl.c:736: updating attributes for GOT and t
From: Julian Andres Klode
These can be used to register a different implementation later,
for example, when shim provides a protocol with those functions.
Signed-off-by: Mate Kukri
---
grub-core/kern/efi/efi.c | 57 ++
grub-core/loader/efi/chainloader.c |
From: Peter Jones
In order to properly validate a loaded kernel's support for being loaded
without a writable stack or executable, we need to be able to properly
parse arbitrary PE headers.
Currently, pe32.h is written in such a way that the MS-DOS header that
tells us where to find the PE heade
Signed-off-by: Mate Kukri
---
grub-core/kern/efi/sb.c | 39 +---
grub-core/loader/efi/linux.c | 16 ---
include/grub/efi/api.h | 5 +
include/grub/efi/efi.h | 19 +++---
include/grub/efi/sb.h| 3 ---
5 files ch
From: Laszlo Ersek
On aarch64 UEFI, we currently have a crasher:
grub_dl_load_core()
grub_dl_load_core_noinit()
/* independent allocation: must remain writable */
mod = grub_zalloc();
/* allocates module image with incorrect tail alignment */
grub_dl_load_segments
From: Peter Jones
For NX, we need to set the page access permission attributes for write
and execute permissions.
This patch adds two new primitives, grub_set_mem_attrs() and
grub_clear_mem_attrs(), and associated constant definitions, to be used
for that purpose.
For most platforms, it adds a
Signed-off-by: Mate Kukri
---
grub-core/kern/efi/mm.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
index 46f2266e1..1064036f4 100644
--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
@@ -741,7 +741,7 @@ gru
From: Peter Jones
For NX, we need the grub binary to announce that it is compatible with
the NX feature. This implies that when loading the executable grub
image, several attributes are true:
- the binary doesn't need an executable stack
- the binary doesn't need sections to be both executable
From: Peter Jones
Currently grub modules built with clang or gcc have several sections
which we don't actually need or support.
We already have a list of section to skip in genmod.sh, and this patch
adds the following sections to that list (as well as a few newlines):
.note.gnu.property
.llvm*
From: Peter Jones
For NX, we need to set write and executable permissions on the sections
of grub modules when we load them.
On sections with SHF_ALLOC set, which is typically everything except
.modname and the symbol and string tables, this patch clears the Read
Only flag on sections that have
From: Peter Jones
Currently when loading grub modules, we allocate space for all sections,
including those without SHF_ALLOC set. We then copy the sections that
/do/ have SHF_ALLOC set into the allocated memory, leaving some of our
allocation untouched forever. Additionally, on platforms with G
Signed-off-by: Mate Kukri
---
grub-core/loader/efi/linux.c | 41 +++-
1 file changed, 36 insertions(+), 5 deletions(-)
diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
index 99365536a..e44692c92 100644
--- a/grub-core/loader/efi/linux.c
+++
---
grub-core/tests/dsa_sexp_test.c | 107
grub-core/tests/rsa_sexp_test.c | 81
2 files changed, 188 insertions(+)
create mode 100644 grub-core/tests/dsa_sexp_test.c
create mode 100644 grub-core/tests/rsa_sexp_test.c
diff --git a/grub-
---
.../lib/libgcrypt-patches/02_keccak_sse.diff | 19 +++
1 file changed, 19 insertions(+)
create mode 100644 grub-core/lib/libgcrypt-patches/02_keccak_sse.diff
diff --git a/grub-core/lib/libgcrypt-patches/02_keccak_sse.diff
b/grub-core/lib/libgcrypt-patches/02_keccak_sse.diff
---
autogen.sh | 5 +
conf/Makefile.common | 4 +-
grub-core/Makefile.core.def| 36 ++-
grub-core/commands/hashsum.c | 2 +-
grub-core/commands/legacycfg.c | 6 +-
grub-core/commands/pgp.c
---
grub-core/lib/b64dec.c | 293 +
1 file changed, 293 insertions(+)
create mode 100644 grub-core/lib/b64dec.c
diff --git a/grub-core/lib/b64dec.c b/grub-core/lib/b64dec.c
new file mode 100644
index 0..8aafa9700
--- /dev/null
+++ b/grub-core/lib/b
Reviewed-By: Vladimir Serbinenko
On Fri, May 24, 2024 at 2:05 PM Mate Kukri wrote:
>
> From: Peter Jones
>
> Currently .module_license is set writable (that is, the section has the
> SHF_WRITE flag set) in the module's ELF headers. This probably never
> actually matters, but it can't possibly b
Reviewed-By: Vladimir Serbinenko
On Fri, May 24, 2024 at 2:06 PM Mate Kukri wrote:
>
> From: Peter Jones
>
> Currently grub modules built with clang or gcc have several sections
> which we don't actually need or support.
>
> We already have a list of section to skip in genmod.sh, and this patch
Reviewed-By: Vladimir Serbinenko
On Fri, May 24, 2024 at 2:06 PM Mate Kukri wrote:
>
> From: Peter Jones
>
> Currently when loading grub modules, we allocate space for all sections,
> including those without SHF_ALLOC set. We then copy the sections that
> /do/ have SHF_ALLOC set into the alloca
> struct grub_msdos_image_header
> {
>/* This is always 'MZ'. (GRUB_PE32_MAGIC) */
Please adjust this
> @@ -171,6 +194,8 @@ struct grub_pe32_optional_header
>struct grub_pe32_data_directory reserved_entry;
> };
>
> +#define GRUB_PE32_NX_COMPAT 0x0100
> +
This was not mentioned in the d
What happens when 2 sections with the same NX and WR attributes follow
each other? Do we need to split them per page? How often do we
needlessly split in the current codebase?
> to dump into the ELF section header, which is often pretty useless.
I think this is not true. It's not useless, just d
> + if (!proto)
> +return GRUB_ERR_NOT_IMPLEMENTED_YET;
> +
Here and in other places you return an error without using grub_error.
Also NOT_IMPLEMENTED_YET means that *GRUB* doesn't implement it yet,
not firmware. Also given that you ignore the return here anyway a
single bool or even void ret
Can you not add needless dprintf's ? This part is size-constrained on
i386-pc and part of the patch just adds dprintf's unrelated to the
topic at hand.
Can we skip all this on non-efi and have it ifdef-ed out for the sake of size?
On Fri, May 24, 2024 at 2:06 PM Mate Kukri wrote:
>
> From: Peter
Reviewed By: Vladimir Serbinenko
On Fri, May 24, 2024 at 2:06 PM Mate Kukri wrote:
>
> From: Peter Jones
>
> For NX, we need the grub binary to announce that it is compatible with
> the NX feature. This implies that when loading the executable grub
> image, several attributes are true:
>
> - th
> - tsize += ALIGN_UP (tramp, GRUB_ARCH_DL_TRAMP_ALIGN);
> - if (talign < GRUB_ARCH_DL_TRAMP_ALIGN)
> -talign = GRUB_ARCH_DL_TRAMP_ALIGN;
> - tsize += ALIGN_UP (got, GRUB_ARCH_DL_GOT_ALIGN);
> - if (talign < GRUB_ARCH_DL_GOT_ALIGN)
> -talign = GRUB_ARCH_DL_GOT_ALIGN;
> + tramp_align =
Do you mean that this crash is introduced and not fixed in this patch
series? Can't we fix it by bumping total allocation size to multiple
of page size?
On Fri, May 24, 2024 at 2:06 PM Mate Kukri wrote:
>
> From: Laszlo Ersek
>
> On aarch64 UEFI, we currently have a crasher:
>
> grub_dl_load_c
> Future work:
> - Completely disable non-NX compatible loaders when heap allocation are
> marked NX.
> This should be independent from the NX-enforcement flag and Secure Boot
> status.
> (Note that this is non-crtitical for security, as non-UEFI/Linux loaders
> are disabled
>by SB lockd
WDYT of moving this logic to chainloader? Yes, it will make linux
depend on chainloader but I think given its current logic it's a
honest dependency
On Fri, May 24, 2024 at 2:06 PM Mate Kukri wrote:
>
> From: Julian Andres Klode
>
> These can be used to register a different implementation later
Hi Vladimir,
Thanks for the reviews, I'll get back to addressing your comments next week.
In the meantime, I am not sure what happened to patch 15/15, but I at
least tried sending it, and it seems to be available in the archive
here: https://lists.gnu.org/archive/html/grub-devel/2024-05/msg00221.ht
Can someone share a snipped code using the Grub HTTP Driver
implementation (not efi) to get IP from DHCP (or using fixed IP/Gateway)
and do a HTTP Connection to read data from server during boot time ?
I'm been trying a while, looking for examples and AI is writing wrong
examples.
Thanks in adv
34 matches
Mail list logo
