summaryrefslogtreecommitdiff
path: root/shim.c
AgeCommit message (Expand)Author
2024-01-22Try to load revocations.efi even if directory read failsJan Setje-Eilers
2024-01-22netboot read_image() should not hardcode DEFAULT_LOADERJan Setje-Eilers
2024-01-22Rename "previous" revocations to "automatic"Jan Setje-Eilers
2024-01-22Suppress "Failed to open <..>\revocations.efi" when file does not existJan Setje-Eilers
2024-01-22Fix some minor ia32 build issues.Peter Jones
2023-12-05sbat revocations: check the full section namePeter Jones
2023-12-05shim should not self revokeJan Setje-Eilers
2023-12-05BS Variables for bootmgr revocationsJan Setje-Eilers
2023-12-05Allow SbatLevel data from external binaryJan Setje-Eilers
2023-12-05CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit systemPeter Jones
2023-12-05CVE-2023-40549 Authenticode: verify that the signature header is in bounds.Peter Jones
2023-12-05CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat()Peter Jones
2023-06-27Verify signature before verifying sbat levelsJan Setje-Eilers
2023-06-21Rename 'msecs' to 'usecs' to avoid potential confusionKamil Aronowski
2023-05-02Further improve load_certs() for non-compliant drivers/firmwaresPete Batard
2023-05-02Drop invalid calls to `CRYPTO_set_mem_functions`Nicholas Bishop
2023-05-02Optionally allow to keep shim protocol installedLuca Boccassi
2023-02-01Don't loop forever in load_certs() with buggy firmwareRenaud Métrich
2022-11-08load_cert_file: Use EFI RT memory functionEric Snowberg
2022-11-08load_cert_file: Fix stack issueEric Snowberg
2022-08-03Reference MokListRT instead of MokListEric Snowberg
2022-05-23load_cert_file(): don't defererence NULLPeter Jones
2022-05-18load_certs: trust dir->Read() slightly less.Peter Jones
2022-05-18Always initialize data/datasize before calling read_image()Peter Jones
2022-05-17Load additional certs from a signed binaryEric Snowberg
2022-05-17Abstract out image readingEric Snowberg
2022-05-17shim: use SHIM_DEVEL_VERBOSE when built in devel modePeter Jones
2022-04-05shim: implement SBAT verification for the shim_lock protocolChris Coulson
2021-12-10shim: Don't stop forever at "Secure Boot not enabled" notificationRenaud Métrich
2021-10-12shim: Don't parse load options if invoked from removable media pathJulian Andres Klode
2021-10-12Extract is_removable_media_path() out of should_use_fallback()Julian Andres Klode
2021-09-14Fallback to default loader if parsed one does not existJulian Andres Klode
2021-09-07shim/mm/fb: move global state to its own source filePeter Jones
2021-09-07cleanup: always use BS and RT, not gBS and gRTPeter Jones
2021-09-03shim: avoid BOOTx64.EFI in message on other architecturesHeinrich Schuchardt
2021-07-20shim: move the bulk of set_second_stage() to its own filePeter Jones
2021-07-20shim: rename pause() to wait_for_debug()Peter Jones
2021-07-20shim: another attempt to fix load options handlingChris Coulson
2021-06-23Relax the check for import_mok_state()Gary Lin
2021-03-30Fix an off-by-one on the sbat self-check.Peter Jones
2021-03-30sbat: add more dprint()Peter Jones
2021-03-27Change SBAT variable name to SbatLevelJan Setje-Eilers
2021-03-18shim: Use the default loader if an EFI_LOAD_OPTION can't be parsedJavier Martinez Canillas
2021-03-15shim: Fix a NULL pointer dereference caused by start not being setJavier Martinez Canillas
2021-03-12Fix a plausible NULL dereference.Peter Jones
2021-03-12Make ENABLE_SHIM_DEVEL work better.Peter Jones
2021-03-11shim: simplify sbat self-check logic.Peter Jones
2021-03-11If the SBAT UEFI variable is not set, initialize it as a bootservices variable.Jan Setje-Eilers
2021-03-10shim: attempt to improve the argument handlingPaul Moore
2021-03-10Fix compilation for older gccAlex Burmashev
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-31 06:01:21 +0000