summaryrefslogtreecommitdiff
path: root/shim.c
AgeCommit message (Expand)Author
2025-02-26Disable log saving for now.Peter Jones
2025-02-25Add shim's current NX_COMPAT status to HSIStatusPeter Jones
2025-02-25pe: read_header(): allow skipping SecDir content validationPeter Jones
2025-02-24shim: add HSIStatus featurePeter Jones
2025-02-24Save the debug and error logs in mok-variablesPeter Jones
2025-02-18netboot can try to load shim_certificate_[0..9].efiJan Setje-Eilers
2025-02-18Allow indepdent SkuSi and SBAT revocation updatesJan Setje-Eilers
2025-02-18netboot: process revocations.efi as revocations not shim_certificateJan Setje-Eilers
2025-02-18Suppress file open failures for some netboot casesJan Setje-Eilers
2025-02-11Implement the rest of the loader protocol functionsPeter Jones
2025-02-11Move some stuff aroundPeter Jones
2025-02-11Implement shim image load protocolArd Biesheuvel
2025-02-06Add configuration option to boot an alternative 2nd stageEric Snowberg
2025-02-04Load concatenated EFI_SIGNATURE_LISTs from shim_certificate.efiRoss Lagerwall
2025-02-04Fix leak in error pathRoss Lagerwall
2025-01-21Fall back to default loader when encountering errors on network bootNathan O'Meara
2025-01-21Ignore a minor clang-tidy nitPeter Jones
2025-01-17Move is_removable_media_path() to a shared location.Peter Jones
2025-01-17Fix bad reference to PathName in image loadingRenaud Métrich
2025-01-15Fix the issue that the gBS->LoadImage pointer was empty.jinlun
2024-11-24Fix "Verifiying" typo in error messageChris Bainbridge
2024-11-12Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definitionVitaly Kuznetsov
2024-05-08undo change that limits certificate files to a single fileJan Setje-Eilers
2024-01-22Try to load revocations.efi even if directory read failsJan Setje-Eilers
2024-01-22netboot read_image() should not hardcode DEFAULT_LOADERJan Setje-Eilers
2024-01-22Rename "previous" revocations to "automatic"Jan Setje-Eilers
2024-01-22Suppress "Failed to open <..>\revocations.efi" when file does not existJan Setje-Eilers
2024-01-22Fix some minor ia32 build issues.Peter Jones
2023-12-05sbat revocations: check the full section namePeter Jones
2023-12-05shim should not self revokeJan Setje-Eilers
2023-12-05BS Variables for bootmgr revocationsJan Setje-Eilers
2023-12-05Allow SbatLevel data from external binaryJan Setje-Eilers
2023-12-05CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit systemPeter Jones
2023-12-05CVE-2023-40549 Authenticode: verify that the signature header is in bounds.Peter Jones
2023-12-05CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat()Peter Jones
2023-06-27Verify signature before verifying sbat levelsJan Setje-Eilers
2023-06-21Rename 'msecs' to 'usecs' to avoid potential confusionKamil Aronowski
2023-05-02Further improve load_certs() for non-compliant drivers/firmwaresPete Batard
2023-05-02Drop invalid calls to `CRYPTO_set_mem_functions`Nicholas Bishop
2023-05-02Optionally allow to keep shim protocol installedLuca Boccassi
2023-02-01Don't loop forever in load_certs() with buggy firmwareRenaud Métrich
2022-11-08load_cert_file: Use EFI RT memory functionEric Snowberg
2022-11-08load_cert_file: Fix stack issueEric Snowberg
2022-08-03Reference MokListRT instead of MokListEric Snowberg
2022-05-23load_cert_file(): don't defererence NULLPeter Jones
2022-05-18load_certs: trust dir->Read() slightly less.Peter Jones
2022-05-18Always initialize data/datasize before calling read_image()Peter Jones
2022-05-17Load additional certs from a signed binaryEric Snowberg
2022-05-17Abstract out image readingEric Snowberg
2022-05-17shim: use SHIM_DEVEL_VERBOSE when built in devel modePeter Jones
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-21 23:55:35 +0000