This patch series allows user-defined functions to hook commands by creating a function that is the same name as a command. Commands may be executed by prefixing the command name with the "builtin" keyword, as in bash. This allows functions to modify the invocation of commands. For instance, I use this to concatenate an extra initrd file to an existing one created by my OS, by hooking initrd and adding the extra file. As an aside, in the future, I'd like to dynamically generate this extra initrd file within GRUB.
This patch series is not "lockdown" aware. And I'm not entirely sure it needs to be, but I have a strong suspicion it does. Commands that are locked down obviously won't all of a sudden work. However, my concern is that this feature could prevent essential commands from running. Not being entirely familiar with secureboot, I don't feel I'm in the best position to judge the security implications . If it is determined that this feature does need to be lockdown aware, I believe its a fairly simple change, and can modify the patch series. I'll await feedback before I make that change, as it may be deemed unnecessary. Glenn Glenn Washburn (2): script: Allow user-defined functions to override builtins script: Add script language construct "builtin" Makefile.util.def | 12 ++++++++++ grub-core/script/execute.c | 45 ++++++++++++++++++++++------------- tests/grub_cmd_builtin.in | 37 ++++++++++++++++++++++++++++ tests/grub_script_override.in | 33 +++++++++++++++++++++++++ 4 files changed, 110 insertions(+), 17 deletions(-) create mode 100644 tests/grub_cmd_builtin.in create mode 100644 tests/grub_script_override.in -- 2.27.0 _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
