From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from list by lists.gnu.org with archive (Exim 4.71)
	id 1VHylX-000633-Bm
	for mharc-grub-devel@gnu.org; Fri, 06 Sep 2013 12:20:11 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:51594)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jonmccune@google.com>) id 1VHylT-0005y6-C6
	for grub-devel@gnu.org; Fri, 06 Sep 2013 12:20:08 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jonmccune@google.com>) id 1VHylR-0003Ma-IJ
	for grub-devel@gnu.org; Fri, 06 Sep 2013 12:20:07 -0400
Received: from mail-vb0-x249.google.com ([2607:f8b0:400c:c02::249]:34411)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jonmccune@google.com>) id 1VHylR-0003Kw-61
	for grub-devel@gnu.org; Fri, 06 Sep 2013 12:20:05 -0400
Received: by mail-vb0-f73.google.com with SMTP id e12so389583vbg.4
	for <grub-devel@gnu.org>; Fri, 06 Sep 2013 09:20:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=5cjD9iIstbg7KpurGWrpST4E2kwXQR49uXPDJy3UU7Q=;
	b=iFSYCMvhx+Stl5T/1yttNYLpK3kyxAeEUx/yO6C3fgRwx9TUMuln4wKdypkFn7+HBv
	DP7EeNIkMahqywVdwoxe/UtLBTKkRys+TpJRZ//Ke9KWJODIm2ACrlptvRkjEFHb3pkd
	Q1KCPQFgqlHc1QFPqRbfpZ/NghR+GGWZN+tTSeAuO40MfXm0H+A6hMwyaHHNucvkOKju
	qXaH546cHIoIoMOkztvQjT/3V/Dkc6pitT6UzN8xoOvGQBP2aqGkSMkrB0O3i1Q6FRrc
	ejdivEzSHk0Tds+NwA8N+SpoL0d4GJC7F+B7jUwGco4Mnd/LJ23/AXC+pvP8tsmUdbKy
	zahQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=5cjD9iIstbg7KpurGWrpST4E2kwXQR49uXPDJy3UU7Q=;
	b=EsyP7wDAwbMLo1LPNzFrS0CSzeNxYS3NmVDd/JagAParQdOgbOXnE9yyf6gvkXswtc
	LJ4NxsFCl1tqEcUBoRRoCdb5eXozxg0IEleYh97VeAO6Q85u8hJWM+NpJuOXyY5qFsko
	sbv64ZSwOMHK/id7/cSxM9nOzBf0q43SylTTvGGjE7w6T8tjZ+NurBPywwrAiFvLCOnm
	L+7kiGtDPvM08k+wkXQxwHjeMM4a6DyWHXyYlxwgph/qsMOidK2Q0iWw0bKN1pujnhy2
	lR1XSVqyQYU69MQiiOAJQXsd3DOcnrGw6sGoRWIEY/yj3AuEag3hHDJTN0mwm5Jy0Ybm
	NN+w==
X-Gm-Message-State: ALoCoQknxUsJKFD3iUzFv8ALRO8K3J7mhpHHxIuY1k0seajhD4QyTEKwngSNdCe3YqiL3e2axx9Buo+NhroZDujfz4Iu3Lt/wsAt/Dw2B0hpieyDC1sx1TBKehCuXeHDUM03ccr/2JfgfCvI3UxRz8ZZwkK3DcVpmc9stnpcLmLo9zzVtDNQtYWpWgapyMewHjaCL8p88X/TPnvhKhxNMM6MJNKifhYzJOu2boLt4W+PzyCOYpDc9dU=
X-Received: by 10.236.147.70 with SMTP id s46mr1135809yhj.0.1378484404815;
	Fri, 06 Sep 2013 09:20:04 -0700 (PDT)
Received: from corp2gmr1-1.hot.corp.google.com
	(corp2gmr1-1.hot.corp.google.com [172.24.189.92])
	by gmr-mx.google.com with ESMTPS id
	a42si162557yhj.6.1969.12.31.16.00.00
	(version=TLSv1.1 cipher=AES128-SHA bits=128/128);
	Fri, 06 Sep 2013 09:20:04 -0700 (PDT)
Received: from yinz.mtv.corp.google.com (yinz.mtv.corp.google.com
	[172.17.81.122])
	by corp2gmr1-1.hot.corp.google.com (Postfix) with ESMTP id A578431C1DC; 
	Fri,  6 Sep 2013 09:20:04 -0700 (PDT)
Received: by yinz.mtv.corp.google.com (Postfix, from userid 184367)
	id 68709C076E; Fri,  6 Sep 2013 09:20:04 -0700 (PDT)
From: Jon McCune <jonmccune@google.com>
To: grub-devel@gnu.org
Subject: [PATCH v2 3/5] save_env should work, even if check_signatures=enforce
Date: Fri,  6 Sep 2013 09:18:51 -0700
Message-Id: <1378484333-13577-4-git-send-email-jonmccune@google.com>
X-Mailer: git-send-email 1.8.4
In-Reply-To: <1378484333-13577-1-git-send-email-jonmccune@google.com>
References: <1378484333-13577-1-git-send-email-jonmccune@google.com>
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
	(bad octet value).
X-Received-From: 2607:f8b0:400c:c02::249
Cc: Jon McCune <jonmccune@google.com>
X-BeenThere: grub-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
Reply-To: The development of GNU GRUB <grub-devel@gnu.org>
List-Id: The development of GNU GRUB <grub-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/grub-devel>
List-Post: <mailto:grub-devel@gnu.org>
List-Help: <mailto:grub-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/grub-devel>,
	<mailto:grub-devel-request@gnu.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2013 16:20:08 -0000

This is accomplished by changing the call used to read the environment
block file to avoid being subject to signature checks.  The contents that
are read from the file are discarded, as the only purpose of reading the
file is to construct the blocklist to which the new environment block
will be written.  Thus, the actual contents of the file do not pose a
security risk.

Signed-off-by: Jon McCune <jonmccune@google.com>
---
 grub-core/commands/loadenv.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/grub-core/commands/loadenv.c b/grub-core/commands/loadenv.c
index 49e8004..efecf6f 100644
--- a/grub-core/commands/loadenv.c
+++ b/grub-core/commands/loadenv.c
@@ -406,7 +406,7 @@ grub_cmd_save_env (grub_extcmd_context_t ctxt, int argc, char **args)
   if (!argc)
     return grub_error (GRUB_ERR_BAD_ARGUMENT, "no variable is specified");
 
-  file = open_envblk_file ((state[0].set) ? state[0].arg : 0);
+  file = open_envblk_file_untrusted ((state[0].set) ? state[0].arg : 0);
   if (!file)
     return grub_errno;
 
-- 
1.8.4