/[ports]
ViewVC logotype

Revision 525916


Jump to revision: Previous Next
Author: cem
Date: Wed Feb 12 15:32:31 2020 UTC (3 years, 3 months ago)
Changed paths: 4
Log Message:
sysutils/grub2-bhyve: Neutralize privileged guest commands

GRUB was designed to run in a trusted environment, where anyone with access
to grub2.cfg could also modify grub itself.  In grub2-bhyve, we have
modified it to run in host context, but interpret the commands of guest
grub2.cfg.  This means we have to worry about malicious guests.

This patch addresses two escalation vectors: font-loading, and the direct
'read', 'write', 'in', and 'out' commands (which read/write arbitrary
addresses).  Both reported by Reno Robert.

Disable font-loading by neutering the command.  It is believed to be non-
essential and there is at least one buffer overflow in the font loading
code.

Disable reading and writing host memory and IO ports.  It is believed to be
non-essential.

admbugs:	948
Reported by:	Reno Robert <renorobert AT gmail.com>
Approved by:	bapt
MFH:		2010Q1 (bapt)
Security:	yes


Changed paths

Path Details
Directoryhead/sysutils/grub2-bhyve/Makefile modified , text changed
Directoryhead/sysutils/grub2-bhyve/files/patch-grub-core_commands_iorw.c added
Directoryhead/sysutils/grub2-bhyve/files/patch-grub-core_commands_memrw.c added
Directoryhead/sysutils/grub2-bhyve/files/patch-grub-core_font_font__cmd.c added

  ViewVC Help
Powered by ViewVC 1.1.27