efi-boot-shim.git/include, branch 15.5-rc2

Minor coverity fixes

2021-12-10T22:08:21+00:00

- one missing free - one minor deadcode issue - two unchecked allocations - one debug hexdump of a variable we just freed Signed-off-by: Peter Jones

stdarg: use sysv varargs when we build with coverity

2021-12-10T22:08:21+00:00

cov-analysis-linux64-2020.09 is a lot more successful than the older versions at building, but it still has some... issues. Among them, it is of the belief that this: void foo(char *fmt, ...) { __builtin_va_list ap; __builtin_ms_va_start(ap, fmt); /* <- here */ ... } is an uninitialized use of "ap". This patch adds defined(__COVERITY__) to the list of criteria for using sysv va lists, which it has no such confusion about. Signed-off-by: Peter Jones

console: add a clear_screen() primitive

2021-10-12T14:40:13+00:00

Several places in e.g. MokManager and our console library use ST->ConOut->ClearScreen directly, without checking for the existence of a console output device. This patch adds function to our console library to do that correctly, instead of using the bug-prone ad hoc implementation everywhere. Signed-off-by: Peter Jones

pe: simplify generate_hash()

2021-09-10T20:09:26+00:00

Copying the value of datasize_in to two further variables and then using all three randomly in the code makes it hard to read. datasize_in is never changed in generate_hash() so we can do with this parameter alone. Rename it to datasize. Signed-off-by: Heinrich Schuchardt

tests: add "include-fixed" GCC directory to include directories

2021-09-10T20:06:22+00:00

On Arch Linux, the GCC version of "limits.h" is in the "include-fixed" instead of the "include" directory. It needs to be included in the include directories list, otherwise attempting to compile the test suite fails with the following error: In file included from /usr/include/efivar/efivar-dp.h:22, from /usr/include/efivar/efivar.h:238, from include/test.h:51, from shim.h:68, from csv.c:6: /usr/include/limits.h:124:16: fatal error: limits.h: No such file or directory 124 | # include_next | ^~~~~~~~~~ compilation terminated.

mok: Fix memory leak in mok mirroring

2021-09-07T21:05:04+00:00

Currently valgrind shows a minor issue which is not introduced in this patch series: ==2595397== ==2595397== HEAP SUMMARY: ==2595397== in use at exit: 16,368 bytes in 48 blocks ==2595397== total heap usage: 6,953 allocs, 6,905 frees, 9,146,749 bytes allocated ==2595397== ==2595397== 16,368 bytes in 48 blocks are definitely lost in loss record 1 of 1 ==2595397== at 0x4845464: calloc (vg_replace_malloc.c:1117) ==2595397== by 0x4087F2: mock_efi_allocate_pool (test.c:72) ==2595397== by 0x4098DE: UnknownInlinedFun (misc.c:33) ==2595397== by 0x4098DE: AllocateZeroPool (misc.c:48) ==2595397== by 0x403D40: get_variable_attr (variables.c:301) ==2595397== by 0x4071C4: import_one_mok_state (mok.c:831) ==2595397== by 0x4072F4: import_mok_state (mok.c:908) ==2595397== by 0x407FA6: test_mok_mirror_0 (test-mok-mirror.c:205) ==2595397== by 0x4035B2: main (test-mok-mirror.c:378) ==2595397== ==2595397== LEAK SUMMARY: ==2595397== definitely lost: 16,368 bytes in 48 blocks ==2595397== indirectly lost: 0 bytes in 0 blocks ==2595397== possibly lost: 0 bytes in 0 blocks ==2595397== still reachable: 0 bytes in 0 blocks ==2595397== suppressed: 0 bytes in 0 blocks ==2595397== This is because we're doing get_variable_attr() on the same variable more than once and saving the value to our variables table. Each additional time we do so leaks the previous one. This patch solves the issue by not getting the variable again if it's already set in the table, and adds a test case to check if we're doing get_variable() of any variety on the same variable more than once. Signed-off-by: Peter Jones

tests: Add a unit test for mok mirroring

2021-09-07T21:05:04+00:00

Test that our mok mirroring doesn't ever try to delete any variable that it has previously created, and that it properly mirrors at least MokList, MokListX, and SbatLevel, at least when variables actually work. These tests will fail (rather a lot) without 7f64fd6da9458b73c4. Currently valgrind shows a memory leak in this code which is not introduced in this patch series. Since all of our memory is freed on Exit() or when kernel does ExitBootServices(), this doesn't have any significant repercussions. Signed-off-by: Peter Jones

tests: Add config table support

2021-09-07T21:05:04+00:00

This adds a simple implementation of ST->ConfigurationTable, ST->NumberOfTableEntries, and BS->InstallConfigurationTable to our test harness. Currently it is limited at 1024 entries, but that should be well more than enough for any tests we've currently considered. Signed-off-by: Peter Jones

tests: model different behaviors for deleting variables

2021-09-07T21:05:04+00:00

Signed-off-by: Peter Jones

tests: add a mock implementation of {Get,Set}Variable and tests for it

2021-09-07T21:05:04+00:00

Some tests will need variables, and so we need a mock implementation of the various calls relating to them. This patch adds implementations for the EFI Runtime Services calls GetVariable(), SetVariable(), GetNextVariableName(), and QueryVariableInfo(). Additionally, it enforces tunable limits on storage for variables, and (with only a little work) the limits can be different for SetVariable() vs what is returned by QueryVariableInfo(). That is, it can lie to you like real systems do. Signed-off-by: Peter Jones