| Age | Commit message (Collapse) | Author |
|---|
|
If measuring a mok variable to the TPM returns failure, this function
returns, but never frees the data intended to be measured.
This frees it.
Resolves: Coverity CID 457503
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Coverity identified a resource leak of namen8 in mirror_mok_db(), and
upon further examination nothing is even using it any more; we're
allocating it and populating it for nothing.
This removes all that.
Resolves: Coverity CID 457510
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Resolves: Coverity CID 457507
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Resolves: Coverity CID 457502
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
If variable_create_esl_with_one_signature() succeeds but
CreateTimeBasedPayload() fails, we leak the allocation for our
certificate.
This patch frees it.
Resolves: Coverity CID 457504
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
In issues #554 and elsewhere, it's been noted that when fallback is
creating multiple entries, it will create them in one order and add them
to BootOrder in the opposite order. This is weird.
This patch changes fallback to keep a list of "new" entries, and then
prepend that entire list to BootOrder when it's done, rather than
prepending one at a time, that avoiding the inversion.
Resolves issue #554.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Depending on ~something~ to do with the firmware that's currently really
unclear (to me anyway), on some firmwares making the mok variable config
table over a certain size - somewhere around 0x70000 or so bytes -
causes kernel to fail to map it correctly:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at mm/early_ioremap.c:139 __early_ioremap+0xef/0x220
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted 6.12.15-200.fc41.x86_64 #1
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20250221-6.copr8698600 02/21/2025
RIP: 0010:__early_ioremap+0xef/0x220
Code: e5 00 f0 ff ff 48 81 e5 00 f0 ff ff 4c 89 6c 24 08 41 81 e4 ff 0f 00 00 4c 29 ed 48 89 e8 48 c1 e8 0c 41 89 c7 83 f8 40 76 04 <0f> 0b eb 82 45 6b ee c0 41 81 c5 ff 05 00 00 45 85 ff 74 36 83 3d
RSP: 0000:ffffffff96803dd8 EFLAGS: 00010002 ORIG_RAX: 0000000000000000
RAX: 0000000000000041 RBX: 0000000000000001 RCX: ffffffff97768250
RDX: 8000000000000163 RSI: 0000000000000001 RDI: 000000007c4c3000
RBP: 0000000000041000 R08: ffffffffff201630 R09: 0000000000000030
R10: 000000007c4c3000 R11: ffffffff96803e20 R12: 0000000000000000
R13: 000000007c4c3000 R14: 0000000000000001 R15: 0000000000000041
FS: 0000000000000000(0000) GS:ffffffff97291000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff9f1d8000040e CR3: 00000000653a4000 CR4: 00000000000000f0
Call Trace:
<TASK>
? __early_ioremap+0xef/0x220
? __warn.cold+0x93/0xfa
? __early_ioremap+0xef/0x220
? report_bug+0xff/0x140
? early_fixup_exception+0x5d/0xb0
? early_idt_handler_common+0x2f/0x3a
? __early_ioremap+0xef/0x220
? efi_mokvar_table_init+0xce/0x1d0
? setup_arch+0x864/0xc10
? start_kernel+0x6b/0xa10
? x86_64_start_reservations+0x24/0x30
? x86_64_start_kernel+0xed/0xf0
? common_startup_64+0x13e/0x141
</TASK>
---[ end trace 0000000000000000 ]---
mokvar: Failed to map EFI MOKvar config table pa=0x7c4c3000, size=265187.
Unfortunately this makes the *entire* mok variable store unmappable, and
we get nothing in /sys/firmware/efi/mok-variables/ at all.
For now, I've disabled saving the logs even though it's really
convenient to have, until we can collaborate on a better approach that
avoids this pitfall.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
In d972515e608e ("Save the debug and error logs in mok-variables") had a
few deficiencies: 1) the size of the result table isn't correctly
computed when either errlog or dbglog is 0 sized (much more likely for
the former), 2) when we save the error log we leak the allocation for
the previous mok variables, and 3) original mok variables were allocated
with AllocatePages(), but the new ones were allocated with
AllocateZeroPool(). The former guarantees page alignment, which we want
here.
This fixes all three of these.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
If multiple headers occur, usually the last header would have authority;
however the section 3.3.3 of RFC 7230 states that:
If a message is received without Transfer-Encoding and with
either multiple Content-Length header fields having differing
field-values or ..., then the message framing is invalid and the
recipient MUST treat it as an unrecoverable error.
For example:
If there are 2 headers, for example, "Content-Length: 42" and "Content-Length: 52",
then current shim httpboot.c will accept the last one which is "Content-Length": 52".
This is not correct.
This patch allows multiple values if they are the same, but rejects message
if any different value is found. In function receive_http_response() of httpboot.c,
each received duplicate Content-Length field must be checked whether its value is
different. If it is, then this message is invalid.
Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>
|
|
README.tpm incorrectly stated that vendor_db is logged as "db"
when in fact it logs as "vendor_db". This caused confusion like
https://github.com/keylime/keylime/issues/1725
Fixing the code risks breaking existing logs, so we're updating
the doc instead. vendor_dbx is in fact logged as "dbx", so that
remains unchanged.
Thanks to Morten Linderud <morten@linderud.pw> for raising this.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
hughsie asked me to also make it observable at runtime whether the shim
binary that was used to boot was set as NX_COMPAT or not.
This adds that into the HSIStatus data as "shim-has-nx-compat-set".
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
When we're parsing the PE header of shim itself from the Loaded Image
object, the signatures aren't present, but the Certificate Table entry
in the Data Directory has not been cleared, so it'll fail verification.
We know when we're doing that, so this patch makes that test optional.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes all the HSI bitfield operations to print a string showing
the change instead of just hex values.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds three more entries to our HSI data:
has-dxe-services-table: technically only tells us if UEFI's
LocateProtocol will give us a DXE services
table, but practically also tells us if the
machine is implementing DXE in any way.
has-get-memory-space-descriptor: tells us if DXE->GetMemorySpaceDescriptor
is populated
has-set-memory-space-descriptor: tells us if DXE->SetMemorySpaceDescriptor
is populated
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds DXE implementations of get_mem_attrs() and update_mem_attrs()
for machines that implement DXE but don't yet have the
EFI_MEMORY_ATTRIBUTE_PROTOCOL.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds definitions to gnu-efi for the main struct for DXE services,
the related GUID definitions, and the types and the getter and setter
definitions for EFI_GCD_MEMORY_SPACE_DESCRIPTOR.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Some machines have EFI Boot Services variables but not Runtime
variables, and thus it can be quite difficult to figure out what's going
on once the system is booted.
This changes mok variable mirroring to also mirror the following
variables to the mok variable config table:
AuditMode
BootOrder
BootCurrent
BootNext
Boot0000
Boot0001
Boot0002
Boot0003
Boot0004
Boot0005
Boot0006
DeployedMode
SecureBoot
SetupMode
SignatureSupport
Timeout
PK
KEK
db
dbx
Kernel_SkuSiStatus
There's no attempt to do anything involving creating runtime or
boot-services only variables, it just mirrors them into the config
table so they'll be exposed there.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Previously the mok mirror state flags were only used in the mok
mirroring code. But there are other consumers of that data, namely our
variable test cases, and it's useful for them to be able to check the
flags.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes test-mock-variables and related code to not print all debug
messages at SHIM_DEBUG=1, and also adds some prints and comments for
context as to what's going on in the tests.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This debug printf in our mock variable test code, which isn't normally
enabled, has a missing comma at the end of the format specifier. This
causes __FILE__ to be part of the format specifier, which then means
we've got a missing parameter and also the types don't match up like
you'd hope.
This causes the most confusing segfaults.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
hughsie asked me if I can make shim tell userland what kinds of accesses
are allowed to the heap, stack, and allocations on the running platform,
so that these could be reported up through fwupd's Host Security ID
program (see https://fwupd.github.io/libfwupdplugin/hsi.html ).
This adds a new config-only (i.e. not a UEFI variable) variable
generated during boot, "/sys/firmware/efi/mok-variables/HSIStatus",
which tells us those properties as well as if the EFI Memory Attribute
Protocol is present.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This moves the EFI Memory Attribute Protocol helper functions to their
own file, since they're not related to PE things.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Currently when you've added a variable and not correctly changed the
test cases to match, you get a message like:
./test-mok-mirror
test-mok-mirror: setting variable sort policy to MOCK_SORT_DESCENDING
test-mok-mirror: setting delete policy to MOCK_VAR_DELETE_ATTR_ALLOW_ZERO
running test_mok_mirror_with_enough_space
test_mok_mirror_with_enough_space: passed
running test_mok_mirror_setvar_out_of_resources
check_config_table:232:mok.name[0] 72 != test.name[0] 0
check_config_table:232:Assertion `mok_entry->name[0] == mock_entry->name[0]' failed.
This adds another two lines:
test-mok-mirror: Failed on entry 4 mok.name:"HSIStatus" mock.name:""
test-mok-mirror: Entry is missing in expected variable list.
Or:
test-mok-mirror: Failed on entry 4 mok.name:"" mock.name:"HSIStatus"
test-mok-mirror: Entry is missing in found variable list.
Which will usually tell you which variable you forgot to add that's
present in test data, or what's missing in the test data and present
in the expected data.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds a member to the mok_state_variable struct to provide a
callback function for formatting external data. It basically has
snprintf()-like semantics for filling the buffer, but without the actual
printf-like formatting bits.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds a mok variable flag "MOK_VARIABLE_CONFIG_ONLY" to specify that
the data should be added to our UEFI config table, but shim should not
create a legacy UEFI variable.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes get_mem_attrs() to return EFI_UNSUPPORTED if
LibLocateProtocol() does not return an error but does give us a NULL
pointer.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Previously when there were no load options, this would go in the debug
log:
load-options.c:313:parse_load_options() full load options:
include/hexdump.h:92:vhexdumpf() hexdump of a NULL pointer!
This changes it to say:
load-options.c:315:parse_load_options() LoadOptions is empty
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes our debug and error logging to save the entire logs into
mok-variables as "shim-dbg.txt" and "shim-log.txt".
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This moves decls for errlog.c into errlog.h
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This fixes some minor errors with the testing of how ALIGN() and similar
are defined, and makes an explicit "ALIGN_UP()" macro to complement the
existing ALIGN_DOWN() macro.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
The CopyMem() introduced in "ad8692e avoid EFIv2 runtime services on
Apple x86 machines" copies 100 CHAR16s no matter what. NX enabled
firmware catches this and the boot breaks on those systems when the
value is smaller than that and it's up against a page boundary with a
page that's not mapped as readable.
https://uefi.org/specs/UEFI/2.10/04_EFI_System_Table.html says
that FirmwareVendor is a pointer to a NUL terminated string that
identifies the vendor that produces the system firmware for the platform.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
This changes post-process-pe to give warnings, and optionally errors, if
a shim binary is built with Section Alignment or characteristics are not
compatible with NX, or if the EFI_IMAGE_DLLCHARACTERISTICS_NX_COMPAT
flag is not set and require_nx_compat is true.
Co-authored-by: Peter Jones <pjones@redhat.com>
Co-authored-by: Kamil Aronowski <kamil.aronowski@yahoo.com>
Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>
|
|
Revocation metadata has been consolidated into SbatLevel_Variable.txt and
can be delivered both built into shim as well as via revocations_sbat.efi
binaries. This adds a short text file describing how revocation levels
can be built into these components and delivered.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Since we can't read the directory, we can try to load
shim_certificate_[0..9].efi explicitly and give up after
the first one that fails to load.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
While a revocations.efi binary can contain either SBAT revocations,
SkuSi revocations, or both, it is desirable to package them separately
so that higher level tools such as fwupd can decide which ones to put
in place at a given moment. This changes revocations.efi to
revocations_sbat.efi and revocations_sku.efi
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Bugfix: In the netboot case revocations.efi files were read, but
processed as shim_certificate.efi files which is simply wrong.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Reading files during a netboot comes with the caveat that
fetching files from a network does not support anything
like listing a directory. In the past this has meant that
we do not try to open optional files during a netboot.
However at least the revocation.efi file is now tested
during a netboot, which will print an error when it is not
found. Since that error is spurious we should allow for
those errors to be suppressed.
This is also desirable since we will likely go looking for
additional files in the near future.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
load_image() takes an optional parameter, DevicePath, in addition to the
SourceBuffer. Currently in shim_load_image() we don't check to see if
it's provided in the case where there's no SourceBuffer, even though it
can't work without it.
This adds that test and errors in that case, as well as avoiding
duplicating it when it's not present.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
This isn't desirable when GRUB has control of the screen, and would mess
its content up.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
When verifying an image, if we're "in" a shim protocol call, we require
the binary have an SBAT section. If it's not present we raise an
EFI_SECURITY_VIOLATION error code. Currently loader protocol's
load_image() is not marked as in protocol, so it instead will return
EFI_SUCCESS when verifying the SBAT section.
This patch changes that to be in protocol, so that SBAT will be required
on any images loaded with shim's loader protocol. This will bring SBAT
enforcement in-line with the shim_lock protocol.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
Currently the EFI_SIMPLE_FILE_SYSTEM_PROTOCOL and EFI_LOAD_FILE2_PROTOCOL
are supported.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds an implementation of Exit() and UnloadImage(), removes the
whole "loader_is_participating" mechanism and its supporting code, and
removes DISABLE_EBS_PROTECTION.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
