efi-boot-shim.git/lib, branch 15.4

Make building outside of the top directory work.

2021-03-25T18:36:53+00:00

This also makes the cross-build targets (and not the others) /use/ this functionality, so we'll catch it if we break it again. This fixes issue #340. Signed-off-by: Peter Jones

Fix boot failures due to variable size constraints

2021-03-22T20:44:03+00:00

There are multiple issues in the MOK variable mirroring code due to volatile variable size constraints, which all result in boot failures: - If a signature is encountered which doesn't fit in to a single variable, the code enters an infinite loop because the cursor isn't advanced in mirror_mok_db() after the call to mirror_one_esl(). - If an ESL is encountered which doesn't fit in to a single variable, it looks like the intention is for the ESL to be split across multiple variables. However, mirror_one_esl() will write the maximum variable size on each call, regardless of how much data is remaining for the current ESL. If the size of a ESL isn't a multiple of the maximum variable size, the final call to mirror_one_esl() will append data from the start of the next ESL and the cursor in mirror_mok_db() will be advanced to an arbitrary location in the next ESL. This either results in garbage being mirrored (if you're lucky), or in my case - another infinite loop as it appears to encounter a signature that doesn't fit in to a single variable. - If no signatures can be mirrored when mirror_mok_db() is called with only_first=TRUE, it tries to create a variable with a single SHA256 signature in it. But mirror_mok_db() returns an error (EFI_INVALID_PARAMETER) regardless of whether this succeeds.

Make 'make test' work on gcc 4.8.5

2021-03-22T20:43:44+00:00

Ensure that MOK variable mirroring creates well formed ESLs

2021-03-19T02:47:43+00:00

The MOK variable mirroring makes use of variable_create_esl, which can only create a well-formed EFI_SIGNATURE_LIST containing a single signature. Fix fill_esl and variable_create_esl to support creating a EFI_SIGNATURE_LIST with one or more supplied EFI_SIGNATURE_DATA structures. Introduce variable_create_esl_with_one_signature and fill_esl_with_one_signature for code that does want to create a EFI_SIGNATURE_LIST containing a single signature constructed from a supplied signature data buffer and owner GUID.

Sort input file names in lib/Makefile

2021-03-17T15:54:21+00:00

The order in which the foreach() returns files differes from Debian on WSL1 and Debian running natively. When shim is build on these two platforms the resulting binaries differ. This patch manually sorts the input file list to create identical binaries. Signed-off-by: Thomas Frauendorfer | Miray Software

More va_* work

2021-03-12T09:15:01+00:00

Be much more explicit about exactly which va_* stuff comes from which ABI in both shim and gnu-efi. This fixes the problem where we see: | (null):0:(null)() v->name:"(null)" v->rtname:"(null)" | (null):0:(null)() v->data_size:0 v->data:0x0 and similar messages where everything is NULL. Signed-off-by: Peter Jones

get_variable_attr(): fix a nit scan-build found.

2021-03-12T09:15:01+00:00

scan-build believes we can hit a situation where get_variable_attr() is called with NULL data, in which case we're not correctly returning an error. This adds the error return. Signed-off-by: Peter Jones

Add more string test cases.

2021-03-10T20:54:20+00:00

This adds test cases for the rest of our ASCII string functions. While doing so, it fixes two minor bugs: - strcasecmp() now handles utf8 correctly - strncpy() no longer does the stpncpy() behavior of clearing leftover buffer Signed-off-by: Peter Jones

Add some test cases, and make "make test" actually work.

2021-03-10T20:54:20+00:00

Note the one test case I'm not 100% sure about. Someone let me know. Signed-off-by: Peter Jones

Fix stdarg to work the same everywhere.

2021-03-10T20:54:20+00:00

This gets us the same working definition for VA_* va_* etc everywhere, and it's the same definition edk2 is using. Signed-off-by: Peter Jones