| Age | Commit message (Collapse) | Author |
|---|
|
While a revocations.efi binary can contain either SBAT revocations,
SkuSi revocations, or both, it is desirable to package them separately
so that higher level tools such as fwupd can decide which ones to put
in place at a given moment. This changes revocations.efi to
revocations_sbat.efi and revocations_sku.efi
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Bugfix: In the netboot case revocations.efi files were read, but
processed as shim_certificate.efi files which is simply wrong.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Reading files during a netboot comes with the caveat that
fetching files from a network does not support anything
like listing a directory. In the past this has meant that
we do not try to open optional files during a netboot.
However at least the revocation.efi file is now tested
during a netboot, which will print an error when it is not
found. Since that error is spurious we should allow for
those errors to be suppressed.
This is also desirable since we will likely go looking for
additional files in the near future.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
load_image() takes an optional parameter, DevicePath, in addition to the
SourceBuffer. Currently in shim_load_image() we don't check to see if
it's provided in the case where there's no SourceBuffer, even though it
can't work without it.
This adds that test and errors in that case, as well as avoiding
duplicating it when it's not present.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
This isn't desirable when GRUB has control of the screen, and would mess
its content up.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
When verifying an image, if we're "in" a shim protocol call, we require
the binary have an SBAT section. If it's not present we raise an
EFI_SECURITY_VIOLATION error code. Currently loader protocol's
load_image() is not marked as in protocol, so it instead will return
EFI_SUCCESS when verifying the SBAT section.
This patch changes that to be in protocol, so that SBAT will be required
on any images loaded with shim's loader protocol. This will bring SBAT
enforcement in-line with the shim_lock protocol.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
Currently the EFI_SIMPLE_FILE_SYSTEM_PROTOCOL and EFI_LOAD_FILE2_PROTOCOL
are supported.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds an implementation of Exit() and UnloadImage(), removes the
whole "loader_is_participating" mechanism and its supporting code, and
removes DISABLE_EBS_PROTECTION.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This moves some things around to help with loader protocol changes:
- Move replacements.c to loader-proto.c
- likewise with replacements.h
- move the SHIM_IMAGE_LOADER decl to loader-proto.h
- move the LoadImage / StartImage interface setup to an init function
- move shim_load_image() / shim_start_image() to loader-proto.c
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Define a new protocol for loading and starting images, encapsulating
shim's PE loading facilities and verification/authentication against the
same set of certificates that shim_lock::verify() authenticates against.
This removes the need for loaders like GRUB to implement their own PE
loader in order to be able to invoke loaded images as PE applications,
rather than implementing a bespoke OS dependent handover protocol (e.g.,
invoke Linux via its EFI stub)
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
|
|
Add the ability for shim to load an optional configuration file. This
new file is called "options.csv". The configuration file is completely
optional. If used, it is located in the same directory as the booted
shim. The "options.csv" file currently allows a single entry. Other
options could be added to it in the future. The first and only entry in
the file is the name of the secondary boot loader shim will load. The
"options.csv" file is in Unicode LE format.
This allows a signed shim to directly load a UKI without the need to
rename it to grub. Shim's transitive trust is maintained. If the
alternative 2nd stage can not be verified, it will not boot.
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
|
|
Move some functions currently used within fallback that will later also
be used in shim.
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
|
|
This adds documentation for the ENABLE_CODESIGN_EKU build option.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This commit also supersedes PR#232 which was closed on Jul 1, 2021.
So that original codesign EKU codes cannot be bothered.
To enable the codesign check, ENABLE_CODESIGN_EKU can be set to 1.
To disable the codesign check, ENABLE_CODESIGN_EKU can be set to 0
or just omit this flag.
For example:
make xxxx ENABLE_CODESIGN_EKU=1 xxxx shim.efi
Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>
|
|
Also modify the ModSign EKU check to use VerifyEKUsInPkcs7Signature() to
check the signer certificate instead of the certificate directly from the
key database.
This commit supersedes the PR#232 and PR#661 (Apply the EKU checks) so
that author's original codes can be quite independent of other modification.
To answer the question in PR#232, author also changed the conditional
statement to EFI_Status != EFI_SUCCESS right after VerifyEKUsInPkcs7Signature()
in Cryptlib/Pk/CryptPkcs7Verify.c
Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>
Signed-off-by: Gary Lin <glin@suse.com>
|
|
Comments to clarify that revocations should only be recorded
in SbatLevel_Variable.txt and not in any other header files.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Build changes to generate include/generated_sbat_var_defs.h from
SbatLevel_Variable.txt and use that header file. From here on
forward SbatLevel_Variable.txt should be the only place a new
revocation needs to be recorded.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
This adds the utility program generate_sbat_var_defs, which can be used
to generate the sbar_var_defs.h header file from the human readable
SbatLevel_Variable.txt file.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Add revocations for
- January 2024 shim CVEs
- October 2023 grub CVEs
- Debian/Ubuntu (peimage) CVE-2024-2312
to SbatLevel_Variable.txt. This was missed when they were commited
to include/sbat_var_defs.h
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
For multiple reasons, it may be useful for different keys to be used to
sign different parts of the boot chain (e.g. a different key for GRUB
and the Linux kernel). Allow this by loading concatenated
EFI_SIGNATURE_LISTs from shim_certificate.efi rather than only the
first.
At the same time, be a bit more robust by checking for allocation
failures and overflows due to invalid data in the binary.
Use the smaller of VirtualSize and SizeOfRawData since the latter is
rounded up to the section alignment and therefore may contain
non-certificate data.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
|
|
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
|
|
When memory attributes cannot be updated due to misalignment with 4K or
when the size is 0, the debug printout lacks sufficient clarity to
indicate the issue. To enhance troubleshooting, it is crucial to
generate an error log that explicitly states the failure to execute the
expected action. This error log will be visible even when the debug
level log is not enabled, thereby significantly reducing debugging time.
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
|
|
Sometimes using a temp file to make test-random.h breaks builds because
clean and test get made in parallel.
Since debugging parallel make is anything but easy, it's better to just
not use the intermediate file. This patch makes it use a pipe instead.
Because we live in the worst possible world, we have to support RHEL 9,
in which xxd does not support "-n prefix", and so we have to build the
header variable definition lines in shell.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Only certain errors trigger fall back to the default loader name. This
change allows fall back when encountering `EFI_TFTP_ERROR` and
`EFI_HTTP_ERROR`.
This fixes the issue reported in
https://github.com/rhboot/shim/issues/649 that prevents boot on some
models of PC.
Signed-off-by: Nathan O'Meara <Nathan.OMeara@tanium.com>
|
|
This just turns off the clang-tidy warning about our SBAT_VAR_NAME
string compositing in the error message list in efi_main(), as it's the
only warning in the whole file and it's bugging me.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
If HandleProtocol or OpenVolume fails, the entries array will become
non-contiguous, i.e. will have NULL pointers between valid volume
names in the array. Because of that count_lines may return a lower
number of entries than expected. As a result one may not browse all
valid filesystems in the file explorer.
Add a second index variable that will increment only on successfully
created filesystem entries. As a result, count_lines should return
proper length and there won't be any lost partitions or accesses to
invalid entries.
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
|
|
In case GetInfo of volume root fails, it is still possible
to form a volume name from the DevicePath. Do not skip given
SimpleFS volume handle and try to form a name from DevicePath.
That way we do not lose some filesystems from file browser.
This change already fixes the problem of a hanging platform
when trying to enroll a key from disk. However, there is still
a chance of having a non-contiguous array of entries, which
will be fixed in next commit.
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
|
|
The loop retrieving the SimpleFS volume labels and names may
skip some volumes if either HandleProtocol or OpenVolume or
GetInfo fails. Those skipped volumes would have uninitialized
pointers to their names in the respective entries indices. This
would lead to accessing random memory in console_select, because
count_lines would not catch the holes with non-existing entries.
On affected platforms the result is a hang of the MokManager while
trying to enroll a key from disk. The issue has been triggered on
a TianoCore EDK2 UEFIPayload based firmware for x86 platforms with
additional filesystem drivers: ExFAT, NTFS, EXT2 and EXT4.
Use AllocateZeroPool to ensure entries array will be initialized
with NULL pointers. Handling the non-existing entries will be
added in subsequent commits.
Signed-off-by: Michał Żygowski <michal.zygowski@3mdeb.com>
|
|
In 70366a286552760863bacb521fb00c654586b494, I introduced a test case
for test-mok-mirror to test the behavior when SetVariable() gives
EFI_OUT_OF_RESOURCES. Unfortunately this includes a memory error in its
cleanup functions:
==1972634== Invalid read of size 8
==1972634== at 0x4032F3: mock_sv_adjust_usage_data (mock-variables.c:468)
==1972634== by 0x40387B: mock_delete_variable (mock-variables.c:541)
==1972634== by 0x4014E8: mock_reset_variables (mock-variables.c:1353)
==1972634== by 0x401348: mock_finalize_vars_and_configs (mock-variables.c:1405)
==1972634== by 0x401731: main (test-mok-mirror.c:688)
==1972634== Address 0x1ffeffc4f8 is on thread 1's stack
==1972634== 6784 bytes below stack pointer
This is caused because the test data uses a linked-list data structure
in an array in the test data, and we try to iterate the list to free the
data, but of course the list pointers aren't initialized because it's an
array.
Whoops.
This patch makes it so we don't try to clean up that list, because we
don't need to.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds another test case for mirroring mok variables - in this case
there is arbitrarily not enough space in the SetVariable() storage
backend for some or all of the variables, and so some variables are
mirrored to both variables and the config space storage, and some only
to the config space storage.
Currently the test only ensures that the out-of-resources condition on
the variable storage is handled correctly; we don't (yet) test the
config space. That's an avenue for future work.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This makes a generic test_mok_mirror() which can validate the result of
(hopefully) any run of any result of import_mok_state(), and changes
test_mok_mirror_0() to use it, and also documents what's being tested
and the results it expects to see.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This splits up the API for setting default usage limits, adding a test
API function to set alternate usage limits.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
When SetVariable() is called, currently the test for being out of space
is correct, but the accounting is backwards - success adds more space
available.
This fixes the accounting and (with SHIM_DEBUG) logs the variable size.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
CertList->SignatureSize is of type UINT32 which is always positive.
If CertList->SignatureListSize == 0, then
CertList->SignatureListSize <= CertList->SignatureSize
is also true.
Remove the redundant CertList->SignatureListSize == 0 checks.
A message "Corrupted signature list" is better suited then
"Invalid MOK detected! Ignoring MOK List." in this case.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
|
|
The extend operation still occurs even if `*_log_extend_event`
returns EFI_VOLUME_FULL.
Let's print a warning when we first see this error code, but otherwise
continue booting.
Bailing on this condition has caused machines with limited event log
space to become unbootable with TPM 2.0 enabled. (fixes #654)
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
If MokManager has to be entered but system is booting on disk on
EFI/BOOT/BOOTx.EFI entry, MokManager cannot be found because it's not in
that directory.
This indicates an issue with the BootOrder or the UEFI firmware is just
not taking BootOrder into account (seen on Lenovo ThinkPad P1 Gen 6 and
VMWare), or that the boot media has incorrectly been created without
MokManager.
This patch prints a related message and reboots after 10 seconds.
Reproducer:
1. Import a certificate using mokutil
2. Tell UEFI to boot on BOOTX64.EFI entry on next boot
Result without the patch with verbosity:
-----------------------------------------------------------------------
mok.c:1045:import_mok_state() checking mok request
shim.c:866:load_image() attempting to load \EFI\BOOT\mmx64.efi
Failed to open \EFI\BOOT\mmx64.efi - Not Found
Failed to load image \EFI\BOOT\mmx64.efi: Not Found
shim.c:888 load_image() Failed to open \EFI\BOOT\mmx64.efi - Not Found
shim.c:1115 read_image() Failed to load image \EFI\BOOT\mmx64.efi: Not Found
Failed to start MokManager: Not Found
mok.c:1047:import_mok_state() mok returned Not Found
Something has gone seriously wrong: import_mok_state() failed: Not Found
-----------------------------------------------------------------------
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
|
|
We need to use is_removable_media_path(), and potentially other helpers,
from Mok as well as shim.
This moves it to a file just for Device Path utility functions to make
that simpler.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Without the patch:
-----------------------------------------------------------------------
Failed to open \EFI\BOOT\mmx64.efi - Not Found
Failed to load image 貘給: Not Found
-----------------------------------------------------------------------
With the patch:
-----------------------------------------------------------------------
Failed to open \EFI\BOOT\mmx64.efi - Not Found
Failed to load image \EFI\BOOT\mmx64.efi: Not Found
-----------------------------------------------------------------------
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
|
|
In original sbat.c:
...
else if (preserve_sbat_uefi_variable(sbat, sbatsize, attributes,
sbat_var_candidate) &&
!reset_sbat) {
...
The time omplexity of preserve_sbat_uefi_variable() is higher than
reset_sbat. Maybe we could swap both of them to calculate reset_sbat
first. Such that the shortcut performance can be improved.
Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>
|
|
While booting a MacBookPro15,2 (the last Intel model, 2019), shim 15.8
gets stuck in RT->QueryVariableInfo(). Previously, these devices
shipped with EFI firmware version 1.10, and we had a quirk in place for
this (#364). However, Apple updated the firmware to version 2.40, but
it still doesn't implement runtime services.
This patch adds a test for Apple as the vendor, and treats that as
equivalent to having an older major UEFI version.
Signed-off-by: Eduard Acatrinei <eduard.acatrinei@certussoftware.ro>
|
|
Although file alignment for EFI apps is not clear, most of the UEFI
accept defaulf file alignment (0x200). Nevertheless some of the UEFI
bootloaders require file alignment to be 0x1000 (e.g. Lenovo Miix 630,
Lenovo Yoga C630, etc). Increase file alignment to the desired value.
Fixes #670
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
|
|
This updates our gnu-efi module to include the UEFI 2.10 error codes.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This allows the caller to make a more informed decision about how to
handle the error. In particular, by mapping HTTP errors to
EFI_INVALID_PARAMETER and EFI_NOT_FOUND, shim will try to fetch the
default second stage image like it does when loading images from disk.
Note that this also changes the default to return EFI_HTTP_ERROR instead
of EFI_ABORTED. This should not change any behavior as EFI_ABORTED
wasn't being handled before, but letting the caller decide what to do
with an unknown HTTP error is more appropriate.
Signed-off-by: Dan Nicholson <dbn@endlessos.org>
|
|
This allows the caller to make a more informed decision about how to
handle the error. The error code is available in the TftpError field of
the Mode interface. In particular, by mapping the TFTP errors to
EFI_INVALID_PARAMTER and EFI_NOT_FOUND, shim will try to fetch the
default second stage image like it does when loading images from disk.
Unfortunately, some firmware doesn't fill in the error fields, so a
generic EFI_TFTP_ERROR to EFI_NOT_FOUND conversion is included.
Signed-off-by: Dan Nicholson <dbn@endlessos.org>
|
|
The define can be dropped when gnu-efi is updated to include
de6f9259e8476495c78babbc25250a59de7f3942.
Signed-off-by: Dan Nicholson <dbn@endlessos.org>
|
|
When looking for load option optional data, the parser asserts that the
byte after the end of device path node is the same as what the file path
length says it should be. While unusual, it is valid if the end of
device path node comes before the end of the file path list.
That supports some unusual Dell load options where there are two device
paths in the list but the first is terminated by an End Entire Device
Path. Maybe they intended to use an End Device Path Instance node there?
Who knows. Either way, treating it as invalid ends up trying to read
paths from the beginning of the option with obviously poor results.
Fixes: #649
Signed-off-by: Dan Nicholson <dbn@endlessos.org>
|
|
The interface shouldn't be replaced at the shim_fini
stage When the vendor certificate doesn't exist.
Signed-off-by: jinlun <869793317@qq.com>
|
|
Windows bcdedit.exe creates boot entries where load options
begin with "WINDOWS\0" (in 8-bit chars), followed by some
Windows-specific data which is useless for shim. This data
causes shim error "Failed to open \EFI\mypath\䥗䑎坏S".
Resolves: #370
Signed-off-by: Lauri Kenttä <lauri.kentta@gmail.com>
|
|
I use compile_commands.json with vim all the time, so it's better if it
doesn't break.
This adds it to CI builds to try to ensure that better.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
