| Age | Commit message (Collapse) | Author |
|---|
|
scan-build notes that we assign bprop.hnd, an EFI_HANDLE for the device
path protocol, to our loaded_image->li.DeviceHandle, and it thinks since
bprop is uninitialized that means it can be NULL or garbage.
I don't think that's actually true, because every path to that requires
either returning an error or doing some variety of:
status = BS->LocateDevicePath(&gEfiDevicePathProtocolGuid, &bp, &hnd)
and checking its error, but only one of those paths explicitly sets a
value, and static checkers can't tell what BS->LocateDevicePath does
with the pointer.
This patch avoids the issue by initializing the whole bprop structure to
begin with.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
load_image() takes an optional parameter, DevicePath, in addition to the
SourceBuffer. Currently in shim_load_image() we don't check to see if
it's provided in the case where there's no SourceBuffer, even though it
can't work without it.
This adds that test and errors in that case, as well as avoiding
duplicating it when it's not present.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
When verifying an image, if we're "in" a shim protocol call, we require
the binary have an SBAT section. If it's not present we raise an
EFI_SECURITY_VIOLATION error code. Currently loader protocol's
load_image() is not marked as in protocol, so it instead will return
EFI_SUCCESS when verifying the SBAT section.
This patch changes that to be in protocol, so that SBAT will be required
on any images loaded with shim's loader protocol. This will bring SBAT
enforcement in-line with the shim_lock protocol.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
Currently the EFI_SIMPLE_FILE_SYSTEM_PROTOCOL and EFI_LOAD_FILE2_PROTOCOL
are supported.
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
|
|
This adds an implementation of Exit() and UnloadImage(), removes the
whole "loader_is_participating" mechanism and its supporting code, and
removes DISABLE_EBS_PROTECTION.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This moves some things around to help with loader protocol changes:
- Move replacements.c to loader-proto.c
- likewise with replacements.h
- move the SHIM_IMAGE_LOADER decl to loader-proto.h
- move the LoadImage / StartImage interface setup to an init function
- move shim_load_image() / shim_start_image() to loader-proto.c
Signed-off-by: Peter Jones <pjones@redhat.com>
|
