| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-10-01 | Include shim's vendor_cert in MokListRT | Peter Jones | |
| There needs to be some way to communicate to the kernel that it's a trusted key, and since this mechanism already exists, it's by far the easiest. | |||
| 2013-10-01 | Harden shim against non-participating bootloaders. | Peter Jones | |
| It works like this: during startup of shim, we hook into the system's ExitBootServices() and StartImage(). If the system's StartImage() is called, we automatically unhook, because we're chainloading to something the system can verify. When shim's verify is called, we record what kind of certificate the image was verified against. If the call /succeeds/, we remove our hooks. If ExitBootServices() is called, we check how the bootloader verified whatever it is loading. If it was verified by its hash, we unhook everything and call the system's EBS(). If it was verified by certificate, we check if it has called shim_verify(). If it has, we unhook everything and call the system's EBS() If the bootloader has not verified anything, and is itself verified by a certificate, we display a security violation warning and halt the machine. | |||
| 2013-10-01 | Harden shim against non-participating bootloaders. | Peter Jones | |
| It works like this: during startup of shim, we hook into the system's ExitBootServices() and StartImage(). If the system's StartImage() is called, we automatically unhook, because we're chainloading to something the system can verify. When shim's verify is called, we record what kind of certificate the image was verified against. If the call /succeeds/, we remove our hooks. If ExitBootServices() is called, we check how the bootloader verified whatever it is loading. If it was verified by its hash, we unhook everything and call the system's EBS(). If it was verified by certificate, we check if it has called shim_verify(). If it has, we unhook everything and call the system's EBS() If the bootloader has not verified anything, and is itself verified by a certificate, we display a security violation warning and halt the machine. | |||
| 2013-10-01 | Make vendor_cert/vendor_dbx actually replaceable by an external tool. | Peter Jones | |
| This moves them both to be computed at runtime from a pointer+offset rather than just a pointer, so that their real address can be entirely derived from the section they're in. This means you can replace the whole .vendor_cert section with a new one with certs that don't have the same size. | |||
| 2013-10-01 | Make vendor_cert/vendor_dbx actually replaceable by an external tool. | Peter Jones | |
| This moves them both to be computed at runtime from a pointer+offset rather than just a pointer, so that their real address can be entirely derived from the section they're in. This means you can replace the whole .vendor_cert section with a new one with certs that don't have the same size. | |||
| 2013-10-01 | Remove TODO items fixed by merging lf_merge and lcp/lf-security-override. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-10-01 | Remove TODO items fixed by merging lf_merge and lcp/lf-security-override. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | Install fallback.efi.signed as well, to lay the groundwork for fallback | Steve Langasek | |
| handling (wanted when we have to move a drive between machines, or when the firmware loses its marbles^W nvram). | |||
| 2013-09-26 | Don't use LibGetVariable(), since it doesn't give us real error codes. | Peter Jones | |
| 2013-09-26 | Don't use LibGetVariable(), since it doesn't give us real error codes. | Peter Jones | |
| 2013-09-26 | integrate security override | Gary Ching-Pang Lin | |
| 2013-09-26 | integrate security override | Gary Ching-Pang Lin | |
| 2013-09-26 | Clean up tarballs in "make clean" | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | Clean up tarballs in "make clean" | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | Merge variable retrieving functions | Gary Ching-Pang Lin | |
| 2013-09-26 | Merge variable retrieving functions | Gary Ching-Pang Lin | |
| 2013-09-26 | Merge signature.h into efiauthenticated.h and guid.h | Gary Ching-Pang Lin | |
| Conflicts: shim.c | |||
| 2013-09-26 | Merge signature.h into efiauthenticated.h and guid.h | Gary Ching-Pang Lin | |
| Conflicts: shim.c | |||
| 2013-09-26 | Merge two PeImage.h into one | Peter Jones | |
| Conflicts: Makefile | |||
| 2013-09-26 | Merge two PeImage.h into one | Peter Jones | |
| Conflicts: Makefile | |||
| 2013-09-26 | Free unused memory space | Gary Ching-Pang Lin | |
| 2013-09-26 | Free unused memory space | Gary Ching-Pang Lin | |
| 2013-09-26 | Adjust the result of gmtime() to fit the definition | Gary Ching-Pang Lin | |
| 2013-09-26 | Adjust the result of gmtime() to fit the definition | Gary Ching-Pang Lin | |
| 2013-09-26 | Rand: check the status of the pseudorandom number generator | Gary Ching-Pang Lin | |
| 2013-09-26 | Rand: check the status of the pseudorandom number generator | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: check the suffix of the key file | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: check the suffix of the key file | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: fetch more info from X509 name | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: fetch more info from X509 name | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: reboot the system after clearing MOK password | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: reboot the system after clearing MOK password | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: enhance the password prompt for SB state | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: enhance the password prompt for SB state | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: rearrange the output of MOK info | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: rearrange the output of MOK info | Gary Ching-Pang Lin | |
| 2013-09-26 | Disable floating points in b_print | Gary Ching-Pang Lin | |
| The long double declaration will enable SSE and cause a compilation error. Disabling everything related to floating points avoids the error. | |||
| 2013-09-26 | Disable floating points in b_print | Gary Ching-Pang Lin | |
| The long double declaration will enable SSE and cause a compilation error. Disabling everything related to floating points avoids the error. | |||
| 2013-09-26 | Enable openssl bio_printf() | Gary Ching-Pang Lin | |
| bio_printf() was replaced with a dummy function and this made several openssl functions useless. This commit adds the print functions back, so that we don't have to implement our own ASN1 time print function. | |||
| 2013-09-26 | Enable openssl bio_printf() | Gary Ching-Pang Lin | |
| bio_printf() was replaced with a dummy function and this made several openssl functions useless. This commit adds the print functions back, so that we don't have to implement our own ASN1 time print function. | |||
| 2013-09-26 | MokManager: enhance the password prompt | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: enhance the password prompt | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: remove the duplicate get_keystroke() | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: remove the duplicate get_keystroke() | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: draw the countdown screen | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: draw the countdown screen | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: Remove the unnecessary string duplication | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: Remove the unnecessary string duplication | Gary Ching-Pang Lin | |
| 2013-09-26 | Correct the certificate count of the signature list | Gary Ching-Pang Lin | |
| 2013-09-26 | Correct the certificate count of the signature list | Gary Ching-Pang Lin | |
 |
index : efi-boot-shim.git | |
| (mirror of https://github.com/vyos/efi-boot-shim.git) |
| summaryrefslogtreecommitdiff |