Loader measurements for multiboot and module commands
Unfortunately the multiboot measurement uses the deprecated measure_file method which does not protect against malicious storage devices ( GH #9 ). I've tried to implement the measure_buffer method but it's a lot more work and maybe even requires grub2 api changes.
In any case i think it's really hard to exploit. But pull requests are welcome. I'll create an issue for that.
Loader measurements for
multiboot
andmodule
commandsUnfortunately the
multiboot
measurement uses the deprecatedmeasure_file
method which does not protect against malicious storage devices ( GH #9 ). I've tried to implement themeasure_buffer
method but it's a lot more work and maybe even requires grub2 api changes.In any case i think it's really hard to exploit. But pull requests are welcome. I'll create an issue for that.
Closes #35