freebsd-ports/sysutils/grub2-bhyve
Baptiste Daroussin ea60da8202 MFH: r525916
sysutils/grub2-bhyve: Neutralize privileged guest commands

GRUB was designed to run in a trusted environment, where anyone with access
to grub2.cfg could also modify grub itself.  In grub2-bhyve, we have
modified it to run in host context, but interpret the commands of guest
grub2.cfg.  This means we have to worry about malicious guests.

This patch addresses two escalation vectors: font-loading, and the direct
'read', 'write', 'in', and 'out' commands (which read/write arbitrary
addresses).  Both reported by Reno Robert.

Disable font-loading by neutering the command.  It is believed to be non-
essential and there is at least one buffer overflow in the font loading
code.

Disable reading and writing host memory and IO ports.  It is believed to be
non-essential.

admbugs:	948
Reported by:	Reno Robert <renorobert AT gmail.com>
Approved by:	bapt
Security:	yes

Approved by:	portmgr (bapt)
2020-02-14 15:41:49 +00:00
..
files
distinfo
Makefile
pkg-descr