89 lines
3.1 KiB
Diff
89 lines
3.1 KiB
Diff
Call the command bls_bumpcounter when an entry is executed. Adding the
|
|
bls_bumpcounter command in the list of commands generated by blscfg breaks FDE,
|
|
as each command is logged in the PCR. Do not unset `enable_blscfg` grub env var,
|
|
otherwise bls_bumpcounter would not be called.
|
|
|
|
Index: grub-2.12/grub-core/commands/blscfg.c
|
|
===================================================================
|
|
--- grub-2.12.orig/grub-core/commands/blscfg.c
|
|
+++ grub-2.12/grub-core/commands/blscfg.c
|
|
@@ -1049,19 +1049,6 @@ static void create_entry (struct bls_ent
|
|
grub_free(prefix);
|
|
}
|
|
|
|
- /* "bls_bumpcounter " + id + "\n" */
|
|
- int bumpcounter_size = sizeof("bls_bumpcounter ") + grub_strlen(id) + 1;
|
|
- bumpcounter = grub_malloc(bumpcounter_size);
|
|
- if (!bumpcounter)
|
|
- {
|
|
- grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
|
|
- goto finish;
|
|
- }
|
|
- char *tmp = bumpcounter;
|
|
- tmp = grub_stpcpy(tmp, "bls_bumpcounter ");
|
|
- tmp = grub_stpcpy(tmp, id);
|
|
- tmp = grub_stpcpy(tmp, "\n");
|
|
-
|
|
grub_dprintf ("blscfg2", "devicetree %s for id:\"%s\"\n", dt, id);
|
|
|
|
const char *sdval = grub_env_get("save_default");
|
|
@@ -1074,7 +1061,7 @@ static void create_entry (struct bls_ent
|
|
"insmod gzio\n"
|
|
"linux %s%s%s%s\n"
|
|
#endif
|
|
- "%s%s%s",
|
|
+ "%s%s",
|
|
savedefault ? "savedefault\n" : "",
|
|
#ifdef GRUB_MACHINE_EMU
|
|
separate_boot ? GRUB_BOOT_DEVICE : "",
|
|
@@ -1082,8 +1069,7 @@ static void create_entry (struct bls_ent
|
|
bootdev,
|
|
#endif
|
|
clinux, options ? " " : "", options ? options : "",
|
|
- bumpcounter ? bumpcounter : "", initrd ? initrd : "",
|
|
- dt ? dt : "");
|
|
+ initrd ? initrd : "", dt ? dt : "");
|
|
|
|
grub_normal_add_menu_entry (argc, argv, classes, id, users, hotkey, NULL, src, 0, 0, &index, entry);
|
|
grub_dprintf ("blscfg", "Added entry %d id:\"%s\"\n", index, id);
|
|
Index: grub-2.12/grub-core/normal/menu.c
|
|
===================================================================
|
|
--- grub-2.12.orig/grub-core/normal/menu.c
|
|
+++ grub-2.12/grub-core/normal/menu.c
|
|
@@ -331,6 +331,23 @@ grub_menu_execute_entry(grub_menu_entry_
|
|
grub_env_set ("default", ptr + 1);
|
|
else
|
|
grub_env_unset ("default");
|
|
+
|
|
+#ifdef GRUB_MACHINE_EFI
|
|
+ const char* val = grub_env_get ("enable_blscfg");
|
|
+ if (val && (val[0] == '1' || val[0] == 'y') && entry->bls != NULL)
|
|
+ {
|
|
+ char* id = grub_strdup (entry->bls->filename);
|
|
+ if (id == NULL)
|
|
+ {
|
|
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
|
|
+ } else {
|
|
+ char* args[] = { id };
|
|
+ grub_command_execute ("bls_bumpcounter", 1, args);
|
|
+ }
|
|
+ }
|
|
+ grub_env_unset ("enable_blscfg");
|
|
+#endif
|
|
+
|
|
#ifdef GRUB_MACHINE_IEEE1275
|
|
char *cas_entry_id = NULL;
|
|
char *cas_entry_source;
|
|
Index: grub-2.12/grub-core/normal/main.c
|
|
===================================================================
|
|
--- grub-2.12.orig/grub-core/normal/main.c
|
|
+++ grub-2.12/grub-core/normal/main.c
|
|
@@ -356,7 +356,6 @@ grub_normal_execute (const char *config,
|
|
/* Ignore any error. */
|
|
grub_errno = GRUB_ERR_NONE;
|
|
/* unset to let configfile and source commands continue to work */
|
|
- grub_env_unset ("enable_blscfg");
|
|
goto check_batch;
|
|
}
|
|
#endif
|