grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SECURITY PATCH 074/117] fs/hfs: Disable under lockdown

From: Daniel Kiper
Subject: [SECURITY PATCH 074/117] fs/hfs: Disable under lockdown
Date: Tue, 2 Mar 2021 19:01:21 +0100 
From: Daniel Axtens <dja@axtens.net>

HFS has issues such as infinite mutual recursion that are simply too
complex to fix for such a legacy format. So simply do not permit
it to be loaded under lockdown.

Signed-off-by: Daniel Axtens <dja@axtens.net>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 grub-core/fs/hfs.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/grub-core/fs/hfs.c b/grub-core/fs/hfs.c
index 3fe842b4d..9a5b7bbe9 100644
--- a/grub-core/fs/hfs.c
+++ b/grub-core/fs/hfs.c
@@ -30,6 +30,7 @@
 #include <grub/hfs.h>
 #include <grub/i18n.h>
 #include <grub/fshelp.h>
+#include <grub/lockdown.h>
 
 GRUB_MOD_LICENSE ("GPLv3+");
 
@@ -1433,11 +1434,13 @@ static struct grub_fs grub_hfs_fs =
 
 GRUB_MOD_INIT(hfs)
 {
-  grub_fs_register (&grub_hfs_fs);
+  if (!grub_is_lockdown ())
+    grub_fs_register (&grub_hfs_fs);
   my_mod = mod;
 }
 
 GRUB_MOD_FINI(hfs)
 {
-  grub_fs_unregister (&grub_hfs_fs);
+  if (!grub_is_lockdown())
+    grub_fs_unregister (&grub_hfs_fs);
 }
-- 
2.11.0
reply via email to
[Prev in Thread] Current Thread [Next in Thread]