| Age | Commit message (Collapse) | Author |
|---|
|
|
|
shim-16.0
What's Changed
* Validate that a supplied vendor cert is not in PEM format by @steve-mcintyre in https://github.com/rhboot/shim/pull/646
* sbat: Add grub.peimage,2 to latest (CVE-2024-2312) by @julian-klode in https://github.com/rhboot/shim/pull/651
* sbat: Also bump latest for grub,4 (and to todays date) by @julian-klode in https://github.com/rhboot/shim/pull/653
* undo change that limits certificate files to a single file by @jsetje in https://github.com/rhboot/shim/pull/659
* shim: don't set second_stage to the empty string by @jjd27 in https://github.com/rhboot/shim/pull/640
* Fix SBAT.md for today's consensus about numbers by @aronowski in https://github.com/rhboot/shim/pull/672
* Update Code of Conduct contact address by @aronowski in https://github.com/rhboot/shim/pull/683
* make-certs: Handle missing OpenSSL installation by @aronowski in https://github.com/rhboot/shim/pull/595
* Update MokVars.txt by @mikebeaton in https://github.com/rhboot/shim/pull/598
* export DEFINES for sub makefile by @bryteise in https://github.com/rhboot/shim/pull/600
* Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition by @vittyvk in https://github.com/rhboot/shim/pull/609
* Null-terminate 'arguments' in fallback by @vittyvk in https://github.com/rhboot/shim/pull/611
* Fix "Verifiying" typo in error message by @chrisbainbridge in https://github.com/rhboot/shim/pull/706
* Update Fedora CI targets by @vathpela in https://github.com/rhboot/shim/pull/708
* Force gcc to produce DWARF4 so that gdb can use it by @mikebeaton in https://github.com/rhboot/shim/pull/607
* Minor housekeeping 2024121700 by @vathpela in https://github.com/rhboot/shim/pull/709
* Discard load-options that start with WINDOWS by @Metabolix in https://github.com/rhboot/shim/pull/621
* Fix the issue that the gBS->LoadImage pointer was empty. by @15058718379 in https://github.com/rhboot/shim/pull/703
* shim: Allow data after the end of device path node in load options by @dbnicholson in https://github.com/rhboot/shim/pull/694
* Handle network file not found like disks by @dbnicholson in https://github.com/rhboot/shim/pull/695
* Update gnu-efi submodule for EFI_HTTP_ERROR by @vathpela in https://github.com/rhboot/shim/pull/674
* Increase EFI file alignment by @lumag in https://github.com/rhboot/shim/pull/673
* avoid EFIv2 runtime services on Apple x86 machines by @eduardacatrinei in https://github.com/rhboot/shim/pull/690
* Improve shortcut performance when comparing two boolean expressions by @dennis-tseng99 in https://github.com/rhboot/shim/pull/667
* Provide better error message when MokManager is not found by @rmetrich in https://github.com/rhboot/shim/pull/663
* tpm: Boot with a warning if the event log is full by @kukrimate in https://github.com/rhboot/shim/pull/657
* MokManager: remove redundant logical constraints by @xypron in https://github.com/rhboot/shim/pull/409
* Test import_mok_state() when MokListRT would be bigger than available size by @vathpela in https://github.com/rhboot/shim/pull/417
* test-mok-mirror: minor bug fix by @vathpela in https://github.com/rhboot/shim/pull/715
* Fix file system browser hang when enrolling MOK from disk by @miczyg1 in https://github.com/rhboot/shim/pull/622
* Ignore a minor clang-tidy nit by @vathpela in https://github.com/rhboot/shim/pull/716
* Allow fallback to default loader when encountering errors on network boot by @nathan-omeara in https://github.com/rhboot/shim/pull/666
* test.mk: don't use a temporary random.bin by @vathpela in https://github.com/rhboot/shim/pull/718
* pe: Enhance debug report for update_mem_attrs by @jongwu in https://github.com/rhboot/shim/pull/594
* Multiple certificate handling improvements by @rosslagerwall in https://github.com/rhboot/shim/pull/644
* Generate SbatLevel Metadata from SbatLevel_Variable.txt by @jsetje in https://github.com/rhboot/shim/pull/711
* Apply EKU check with compile option by @dennis-tseng99 in https://github.com/rhboot/shim/pull/664
* Add configuration option to boot an alternative 2nd stage by @esnowberg in https://github.com/rhboot/shim/pull/608
* Loader protocol (with Device Path resolution support) by @kukrimate in https://github.com/rhboot/shim/pull/656
* netboot cleanup for additional files by @jsetje in https://github.com/rhboot/shim/pull/686
* Document how revocations can be delivered by @jsetje in https://github.com/rhboot/shim/pull/722
* post-process-pe: add tests to validate NX compliance by @vathpela in https://github.com/rhboot/shim/pull/705
* regression: CopyMem() in ad8692e copies out of bounds by @jsetje in https://github.com/rhboot/shim/pull/725
* Save the debug and error logs in mok-variables by @vathpela in https://github.com/rhboot/shim/pull/726
* Add features for the Host Security ID program by @vathpela in https://github.com/rhboot/shim/pull/660
* Mirror some more efi variables to mok-variables by @vathpela in https://github.com/rhboot/shim/pull/723
* This adds DXE Services measurements to HSI and uses them for NX by @vathpela in https://github.com/rhboot/shim/pull/724
* Add shim's current NX_COMPAT status to HSIStatus by @vathpela in https://github.com/rhboot/shim/pull/727
* README.tpm: reflect that vendor_db is in fact logged as "vendor_db" by @jsetje in https://github.com/rhboot/shim/pull/728
* Reject HTTP message with duplicate Content-Length header fields by @dennis-tseng99 in https://github.com/rhboot/shim/pull/637
* Disable log saving by @vathpela in https://github.com/rhboot/shim/pull/729
* fallback: don't add new boot order entries backwards by @vathpela in https://github.com/rhboot/shim/pull/730
* Misc fixes... by @vathpela in https://github.com/rhboot/shim/pull/735
* README.tpm: Update MokList entry to MokListRT by @trungams in https://github.com/rhboot/shim/pull/732
* SBAT Level update for February 2025 GRUB CVEs by @jsetje in https://github.com/rhboot/shim/pull/736
New Contributors
* @jjd27 made their first contribution in https://github.com/rhboot/shim/pull/640
* @mikebeaton made their first contribution in https://github.com/rhboot/shim/pull/598
* @bryteise made their first contribution in https://github.com/rhboot/shim/pull/600
* @vittyvk made their first contribution in https://github.com/rhboot/shim/pull/609
* @chrisbainbridge made their first contribution in https://github.com/rhboot/shim/pull/706
* @Metabolix made their first contribution in https://github.com/rhboot/shim/pull/621
* @15058718379 made their first contribution in https://github.com/rhboot/shim/pull/703
* @dbnicholson made their first contribution in https://github.com/rhboot/shim/pull/694
* @lumag made their first contribution in https://github.com/rhboot/shim/pull/673
* @eduardacatrinei made their first contribution in https://github.com/rhboot/shim/pull/690
* @kukrimate made their first contribution in https://github.com/rhboot/shim/pull/657
* @miczyg1 made their first contribution in https://github.com/rhboot/shim/pull/622
* @nathan-omeara made their first contribution in https://github.com/rhboot/shim/pull/666
* @jongwu made their first contribution in https://github.com/rhboot/shim/pull/594
* @rosslagerwall made their first contribution in https://github.com/rhboot/shim/pull/644
* @trungams made their first contribution in https://github.com/rhboot/shim/pull/732
**Full Changelog**: https://github.com/rhboot/shim/compare/15.8...16.0
* tag '16.0': (451 commits)
Update version to 16.0
SBAT Level update for February 2025 GRUB CVEs
README.tpm: Update MokList entry to MokListRT
Make 'make fanalyzer' work again.
simple_dir_filter(): test our 'next' pointer
shim_load_image(): initialize the buffer fully
mirror_mok_db(): Free our mok variable name correctly
mirror_one_mok_variable(): fix a memory leak on TPM log error.
mirror_mok_db(): get rid of an unused variable+allocation
generate_sbat_var_defs: Ensure revlistentry->revocations is initialized.
generate_sbat_var_defs: Fix memory leak on realloc failure and fd leak.
generate_sbat_var_defs: run clang-format on readfile()
SetSecureVariable(): free Cert on failure
Update version to 16.0~rc1
make-archive: some minor housekeeping
makefiles: Make GITTAG swizzle tildes to dashes
fallback: don't add new boot order entries backwards
Disable log saving for now.
Some save_logs() improvements.
reject message with different values in multiple Content-Length header field
...
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Moves the minimum GRUB SBAT Level to 5 in order to require fixes
for the following GRUB CVEs:
CVE-2024-45774
CVE-2024-45775
CVE-2024-45776
CVE-2024-45777
CVE-2024-45778
CVE-2024-45779
CVE-2024-45780
CVE-2024-45781
CVE-2024-45782
CVE-2024-45783
CVE-2025-0622
CVE-2025-0624
CVE-2025-0677
CVE-2025-0678
CVE-2025-0684
CVE-2025-0685
CVE-2025-0686
CVE-2025-0689
CVE-2025-0690
CVE-2025-1118
CVE-2025-1125
This also bumps the default SBAT_AUTOMATIC_DATE to 2024040900.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Commit 092c2b2bbed950727e41cf450b61c794881c33e7 switched to using
MokListRT instead of MokList during PCR7 measurement. Updating the
README to reflect the correct behaviour.
Signed-off-by: Thien Trung Vuong <tvuong@microsoft.com>
|
|
It breaks every time somehow.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
"gcc -fanalyzer" thinks that in simple_dir_filter(), we can get "next"
to be a NULL pointer even when simple_dir_read_all() return success and
we're iterating the total number of entries it claimed it returned.
I don't think this is true, but to make it stop complaining I've added
tests to that pointer that'll make it stop if it gets to the end of the
list.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
scan-build notes that we assign bprop.hnd, an EFI_HANDLE for the device
path protocol, to our loaded_image->li.DeviceHandle, and it thinks since
bprop is uninitialized that means it can be NULL or garbage.
I don't think that's actually true, because every path to that requires
either returning an error or doing some variety of:
status = BS->LocateDevicePath(&gEfiDevicePathProtocolGuid, &bp, &hnd)
and checking its error, but only one of those paths explicitly sets a
value, and static checkers can't tell what BS->LocateDevicePath does
with the pointer.
This patch avoids the issue by initializing the whole bprop structure to
begin with.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
When we've split a mok variable into name0..nameN, we re-use the same
buffer over and over, but we never free it at the end.
This frees it.
Resolves: Coverity CID 457501
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
If measuring a mok variable to the TPM returns failure, this function
returns, but never frees the data intended to be measured.
This frees it.
Resolves: Coverity CID 457503
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Coverity identified a resource leak of namen8 in mirror_mok_db(), and
upon further examination nothing is even using it any more; we're
allocating it and populating it for nothing.
This removes all that.
Resolves: Coverity CID 457510
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Resolves: Coverity CID 457507
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Resolves: Coverity CID 457502
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
If variable_create_esl_with_one_signature() succeeds but
CreateTimeBasedPayload() fails, we leak the allocation for our
certificate.
This patch frees it.
Resolves: Coverity CID 457504
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
In issues #554 and elsewhere, it's been noted that when fallback is
creating multiple entries, it will create them in one order and add them
to BootOrder in the opposite order. This is weird.
This patch changes fallback to keep a list of "new" entries, and then
prepend that entire list to BootOrder when it's done, rather than
prepending one at a time, that avoiding the inversion.
Resolves issue #554.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Depending on ~something~ to do with the firmware that's currently really
unclear (to me anyway), on some firmwares making the mok variable config
table over a certain size - somewhere around 0x70000 or so bytes -
causes kernel to fail to map it correctly:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at mm/early_ioremap.c:139 __early_ioremap+0xef/0x220
Modules linked in:
CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted 6.12.15-200.fc41.x86_64 #1
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20250221-6.copr8698600 02/21/2025
RIP: 0010:__early_ioremap+0xef/0x220
Code: e5 00 f0 ff ff 48 81 e5 00 f0 ff ff 4c 89 6c 24 08 41 81 e4 ff 0f 00 00 4c 29 ed 48 89 e8 48 c1 e8 0c 41 89 c7 83 f8 40 76 04 <0f> 0b eb 82 45 6b ee c0 41 81 c5 ff 05 00 00 45 85 ff 74 36 83 3d
RSP: 0000:ffffffff96803dd8 EFLAGS: 00010002 ORIG_RAX: 0000000000000000
RAX: 0000000000000041 RBX: 0000000000000001 RCX: ffffffff97768250
RDX: 8000000000000163 RSI: 0000000000000001 RDI: 000000007c4c3000
RBP: 0000000000041000 R08: ffffffffff201630 R09: 0000000000000030
R10: 000000007c4c3000 R11: ffffffff96803e20 R12: 0000000000000000
R13: 000000007c4c3000 R14: 0000000000000001 R15: 0000000000000041
FS: 0000000000000000(0000) GS:ffffffff97291000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffff9f1d8000040e CR3: 00000000653a4000 CR4: 00000000000000f0
Call Trace:
<TASK>
? __early_ioremap+0xef/0x220
? __warn.cold+0x93/0xfa
? __early_ioremap+0xef/0x220
? report_bug+0xff/0x140
? early_fixup_exception+0x5d/0xb0
? early_idt_handler_common+0x2f/0x3a
? __early_ioremap+0xef/0x220
? efi_mokvar_table_init+0xce/0x1d0
? setup_arch+0x864/0xc10
? start_kernel+0x6b/0xa10
? x86_64_start_reservations+0x24/0x30
? x86_64_start_kernel+0xed/0xf0
? common_startup_64+0x13e/0x141
</TASK>
---[ end trace 0000000000000000 ]---
mokvar: Failed to map EFI MOKvar config table pa=0x7c4c3000, size=265187.
Unfortunately this makes the *entire* mok variable store unmappable, and
we get nothing in /sys/firmware/efi/mok-variables/ at all.
For now, I've disabled saving the logs even though it's really
convenient to have, until we can collaborate on a better approach that
avoids this pitfall.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
In d972515e608e ("Save the debug and error logs in mok-variables") had a
few deficiencies: 1) the size of the result table isn't correctly
computed when either errlog or dbglog is 0 sized (much more likely for
the former), 2) when we save the error log we leak the allocation for
the previous mok variables, and 3) original mok variables were allocated
with AllocatePages(), but the new ones were allocated with
AllocateZeroPool(). The former guarantees page alignment, which we want
here.
This fixes all three of these.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
If multiple headers occur, usually the last header would have authority;
however the section 3.3.3 of RFC 7230 states that:
If a message is received without Transfer-Encoding and with
either multiple Content-Length header fields having differing
field-values or ..., then the message framing is invalid and the
recipient MUST treat it as an unrecoverable error.
For example:
If there are 2 headers, for example, "Content-Length: 42" and "Content-Length: 52",
then current shim httpboot.c will accept the last one which is "Content-Length": 52".
This is not correct.
This patch allows multiple values if they are the same, but rejects message
if any different value is found. In function receive_http_response() of httpboot.c,
each received duplicate Content-Length field must be checked whether its value is
different. If it is, then this message is invalid.
Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>
|
|
README.tpm incorrectly stated that vendor_db is logged as "db"
when in fact it logs as "vendor_db". This caused confusion like
https://github.com/keylime/keylime/issues/1725
Fixing the code risks breaking existing logs, so we're updating
the doc instead. vendor_dbx is in fact logged as "dbx", so that
remains unchanged.
Thanks to Morten Linderud <morten@linderud.pw> for raising this.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
hughsie asked me to also make it observable at runtime whether the shim
binary that was used to boot was set as NX_COMPAT or not.
This adds that into the HSIStatus data as "shim-has-nx-compat-set".
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
When we're parsing the PE header of shim itself from the Loaded Image
object, the signatures aren't present, but the Certificate Table entry
in the Data Directory has not been cleared, so it'll fail verification.
We know when we're doing that, so this patch makes that test optional.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes all the HSI bitfield operations to print a string showing
the change instead of just hex values.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds three more entries to our HSI data:
has-dxe-services-table: technically only tells us if UEFI's
LocateProtocol will give us a DXE services
table, but practically also tells us if the
machine is implementing DXE in any way.
has-get-memory-space-descriptor: tells us if DXE->GetMemorySpaceDescriptor
is populated
has-set-memory-space-descriptor: tells us if DXE->SetMemorySpaceDescriptor
is populated
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds DXE implementations of get_mem_attrs() and update_mem_attrs()
for machines that implement DXE but don't yet have the
EFI_MEMORY_ATTRIBUTE_PROTOCOL.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds definitions to gnu-efi for the main struct for DXE services,
the related GUID definitions, and the types and the getter and setter
definitions for EFI_GCD_MEMORY_SPACE_DESCRIPTOR.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Some machines have EFI Boot Services variables but not Runtime
variables, and thus it can be quite difficult to figure out what's going
on once the system is booted.
This changes mok variable mirroring to also mirror the following
variables to the mok variable config table:
AuditMode
BootOrder
BootCurrent
BootNext
Boot0000
Boot0001
Boot0002
Boot0003
Boot0004
Boot0005
Boot0006
DeployedMode
SecureBoot
SetupMode
SignatureSupport
Timeout
PK
KEK
db
dbx
Kernel_SkuSiStatus
There's no attempt to do anything involving creating runtime or
boot-services only variables, it just mirrors them into the config
table so they'll be exposed there.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Previously the mok mirror state flags were only used in the mok
mirroring code. But there are other consumers of that data, namely our
variable test cases, and it's useful for them to be able to check the
flags.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes test-mock-variables and related code to not print all debug
messages at SHIM_DEBUG=1, and also adds some prints and comments for
context as to what's going on in the tests.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This debug printf in our mock variable test code, which isn't normally
enabled, has a missing comma at the end of the format specifier. This
causes __FILE__ to be part of the format specifier, which then means
we've got a missing parameter and also the types don't match up like
you'd hope.
This causes the most confusing segfaults.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
hughsie asked me if I can make shim tell userland what kinds of accesses
are allowed to the heap, stack, and allocations on the running platform,
so that these could be reported up through fwupd's Host Security ID
program (see https://fwupd.github.io/libfwupdplugin/hsi.html ).
This adds a new config-only (i.e. not a UEFI variable) variable
generated during boot, "/sys/firmware/efi/mok-variables/HSIStatus",
which tells us those properties as well as if the EFI Memory Attribute
Protocol is present.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This moves the EFI Memory Attribute Protocol helper functions to their
own file, since they're not related to PE things.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Currently when you've added a variable and not correctly changed the
test cases to match, you get a message like:
./test-mok-mirror
test-mok-mirror: setting variable sort policy to MOCK_SORT_DESCENDING
test-mok-mirror: setting delete policy to MOCK_VAR_DELETE_ATTR_ALLOW_ZERO
running test_mok_mirror_with_enough_space
test_mok_mirror_with_enough_space: passed
running test_mok_mirror_setvar_out_of_resources
check_config_table:232:mok.name[0] 72 != test.name[0] 0
check_config_table:232:Assertion `mok_entry->name[0] == mock_entry->name[0]' failed.
This adds another two lines:
test-mok-mirror: Failed on entry 4 mok.name:"HSIStatus" mock.name:""
test-mok-mirror: Entry is missing in expected variable list.
Or:
test-mok-mirror: Failed on entry 4 mok.name:"" mock.name:"HSIStatus"
test-mok-mirror: Entry is missing in found variable list.
Which will usually tell you which variable you forgot to add that's
present in test data, or what's missing in the test data and present
in the expected data.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds a member to the mok_state_variable struct to provide a
callback function for formatting external data. It basically has
snprintf()-like semantics for filling the buffer, but without the actual
printf-like formatting bits.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds a mok variable flag "MOK_VARIABLE_CONFIG_ONLY" to specify that
the data should be added to our UEFI config table, but shim should not
create a legacy UEFI variable.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes get_mem_attrs() to return EFI_UNSUPPORTED if
LibLocateProtocol() does not return an error but does give us a NULL
pointer.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Previously when there were no load options, this would go in the debug
log:
load-options.c:313:parse_load_options() full load options:
include/hexdump.h:92:vhexdumpf() hexdump of a NULL pointer!
This changes it to say:
load-options.c:315:parse_load_options() LoadOptions is empty
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This changes our debug and error logging to save the entire logs into
mok-variables as "shim-dbg.txt" and "shim-log.txt".
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This moves decls for errlog.c into errlog.h
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This fixes some minor errors with the testing of how ALIGN() and similar
are defined, and makes an explicit "ALIGN_UP()" macro to complement the
existing ALIGN_DOWN() macro.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
The CopyMem() introduced in "ad8692e avoid EFIv2 runtime services on
Apple x86 machines" copies 100 CHAR16s no matter what. NX enabled
firmware catches this and the boot breaks on those systems when the
value is smaller than that and it's up against a page boundary with a
page that's not mapped as readable.
https://uefi.org/specs/UEFI/2.10/04_EFI_System_Table.html says
that FirmwareVendor is a pointer to a NUL terminated string that
identifies the vendor that produces the system firmware for the platform.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
This changes post-process-pe to give warnings, and optionally errors, if
a shim binary is built with Section Alignment or characteristics are not
compatible with NX, or if the EFI_IMAGE_DLLCHARACTERISTICS_NX_COMPAT
flag is not set and require_nx_compat is true.
Co-authored-by: Peter Jones <pjones@redhat.com>
Co-authored-by: Kamil Aronowski <kamil.aronowski@yahoo.com>
Signed-off-by: Dennis Tseng <dennis.tseng@suse.com>
|
|
Revocation metadata has been consolidated into SbatLevel_Variable.txt and
can be delivered both built into shim as well as via revocations_sbat.efi
binaries. This adds a short text file describing how revocation levels
can be built into these components and delivered.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
|
Since we can't read the directory, we can try to load
shim_certificate_[0..9].efi explicitly and give up after
the first one that fails to load.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
|
