freebsd-ports/sysutils/grub2-bhyve
Conrad Meyer 419a5e5ce8 sysutils/grub2-bhyve: Neutralize privileged guest commands
GRUB was designed to run in a trusted environment, where anyone with access
to grub2.cfg could also modify grub itself.  In grub2-bhyve, we have
modified it to run in host context, but interpret the commands of guest
grub2.cfg.  This means we have to worry about malicious guests.

This patch addresses two escalation vectors: font-loading, and the direct
'read', 'write', 'in', and 'out' commands (which read/write arbitrary
addresses).  Both reported by Reno Robert.

Disable font-loading by neutering the command.  It is believed to be non-
essential and there is at least one buffer overflow in the font loading
code.

Disable reading and writing host memory and IO ports.  It is believed to be
non-essential.

admbugs:	948
Reported by:	Reno Robert <renorobert AT gmail.com>
Approved by:	bapt
MFH:		2010Q1 (bapt)
Security:	yes
2020-02-12 15:32:31 +00:00
..
files
distinfo
Makefile
pkg-descr