git.ipfire.org Git - thirdparty/grub.git/commit

author	Maxim Suhanov <dfirblog@gmail.com>
	Sat, 1 Mar 2025 11:16:48 +0000 (14:16 +0300)
committer	Daniel Kiper <daniel.kiper@oracle.com>
	Tue, 6 May 2025 15:14:02 +0000 (17:14 +0200)
commit	ed691c0e0e20d9d0e8d8305a120e8c61d6be3d38
tree	fe6da57303c3c44b5de0fda701d55bb993fcd231	tree \| snapshot
parent	c448f511e74cb7c776b314fcb7943f98d3f22b6d	commit \| diff

commands/search: Introduce the --cryptodisk-only argument

This allows users to restrict the "search" command's scope to
encrypted disks only.

Typically, this command is used to "rebase" $root and $prefix
before loading additional configuration files via "source" or
"configfile". Unfortunately, this leads to security problems,
like CVE-2023-4001, when an unexpected, attacker-controlled
device is chosen by the "search" command.

The --cryptodisk-only argument allows users to ensure that the
file system picked is encrypted.

This feature supports the CLI authentication, blocking bypass
attempts.

Signed-off-by: Maxim Suhanov <dfirblog@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

grub-core/commands/search.c		diff \| blob \| blame \| history
grub-core/commands/search_wrap.c		diff \| blob \| blame \| history
grub-core/normal/main.c		diff \| blob \| blame \| history
include/grub/search.h		diff \| blob \| blame \| history