diff options
| author | Julian Andres Klode <julian.klode@canonical.com> | 2021-08-04 10:46:45 +0200 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2021-10-12 10:50:44 -0400 |
| commit | b43758465a553d289b9f92aa5892244f19c1a76d (patch) | |
| tree | f3cf565582d9bacccd96987ec77d4b7817c4d002 | |
| parent | 7cbf1184b612b71e06a3750fe827a94caf726cc7 (diff) | |
| download | efi-boot-shim-b43758465a553d289b9f92aa5892244f19c1a76d.tar.gz efi-boot-shim-b43758465a553d289b9f92aa5892244f19c1a76d.zip | |
shim: Don't parse load options if invoked from removable media path
We see various reports of boot failures because the generated
boot entries contain garbage/tagging that we do not expect, and
that we then parse as a second stage boot loader.
| -rw-r--r-- | BUILDING | 6 | ||||
| -rw-r--r-- | Make.defaults | 4 | ||||
| -rw-r--r-- | shim.c | 11 |
3 files changed, 21 insertions, 0 deletions
@@ -45,6 +45,12 @@ Variables you could set to customize the build: shim has already verified the kernel when shim loaded the kernel as the second stage loader. In such a case, and only in this case, you should use DISABLE_EBS_PROTECTION=y to build. +- DISABLE_REMOVABLE_LOAD_OPTIONS + Do not parse load options when invoked as boot*.efi. This prevents boot + failures because of unexpected data in boot entries automatically generated + by firmware. It breaks loading non-default second-stage loaders when invoked + via that path, and requires using a binary named shim*.efi (or really anything + else). - REQUIRE_TPM if tpm logging or extends return an error code, treat that as a fatal error. - ARCH diff --git a/Make.defaults b/Make.defaults index d041f0d5..18677daa 100644 --- a/Make.defaults +++ b/Make.defaults @@ -153,6 +153,10 @@ ifneq ($(origin DISABLE_EBS_PROTECTION), undefined) DEFINES += -DDISABLE_EBS_PROTECTION endif +ifneq ($(origin DISABLE_REMOVABLE_LOAD_OPTIONS), undefined) + DEFINES += -DDISABLE_REMOVABLE_LOAD_OPTIONS +endif + LIB_GCC = $(shell $(CC) $(ARCH_CFLAGS) -print-libgcc-file-name) EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC) FORMAT ?= --target efi-app-$(ARCH) @@ -1170,6 +1170,17 @@ EFI_STATUS set_second_stage (EFI_HANDLE image_handle) return efi_status; } +#if defined(DISABLE_REMOVABLE_LOAD_OPTIONS) + /* + * boot services build very strange load options, and we might misparse them, + * causing boot failures on removable media. + */ + if (is_removable_media_path(li)) { + dprint("Invoked from removable media path, ignoring boot options"); + return EFI_SUCCESS; + } +#endif + efi_status = parse_load_options(li); if (EFI_ERROR(efi_status)) { perror (L"Failed to get load options: %r\n", efi_status); |