diff options
| author | Mate Kukri <mate.kukri@canonical.com> | 2024-05-24 10:54:12 +0100 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2025-02-11 10:43:37 -0500 |
| commit | 5d172787d5fa7faafcaf5fe62ad36819bb51ba54 (patch) | |
| tree | 8d91538aad9ce26cc40129b77a39e5e2ad31317a /loader-proto.c | |
| parent | 2bff46034aeefe4b266b6d6dd7d6cd771c1bf4de (diff) | |
| download | efi-boot-shim-5d172787d5fa7faafcaf5fe62ad36819bb51ba54.tar.gz efi-boot-shim-5d172787d5fa7faafcaf5fe62ad36819bb51ba54.zip | |
loader-proto: Mark load_image()'s handle_image() call as "in_protocol"
When verifying an image, if we're "in" a shim protocol call, we require
the binary have an SBAT section. If it's not present we raise an
EFI_SECURITY_VIOLATION error code. Currently loader protocol's
load_image() is not marked as in protocol, so it instead will return
EFI_SUCCESS when verifying the SBAT section.
This patch changes that to be in protocol, so that SBAT will be required
on any images loaded with shim's loader protocol. This will bring SBAT
enforcement in-line with the shim_lock protocol.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
Diffstat (limited to 'loader-proto.c')
| -rw-r--r-- | loader-proto.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/loader-proto.c b/loader-proto.c index dcfa1a68..f899e594 100644 --- a/loader-proto.c +++ b/loader-proto.c @@ -224,9 +224,11 @@ shim_load_image(BOOLEAN BootPolicy, EFI_HANDLE ParentImageHandle, goto free_image; } + in_protocol = 1; efi_status = handle_image(SourceBuffer, SourceSize, &image->li, &image->entry_point, &image->alloc_address, &image->alloc_pages); + in_protocol = 0; if (EFI_ERROR(efi_status)) goto free_image; |