summaryrefslogtreecommitdiff
path: root/shim.c
AgeCommit message (Expand)Author
2016-07-18Don't close file twice in should_use_fallback error pathRelease_3.0.9Release_3.0.8Release_3.0.7Release_3.0.6Release_3.0.5Release_3.0.4Release_3.0.3Release_3.0.2Release_3.0.11Release_3.0.10Release_3.0.1Release_3.0.0Benjamin Antin
2016-06-30shim: Fix unused variable errorCarlo Caione
2016-06-09shim: make the PE loader less overzealous on rejectionsPeter Jones
2016-05-11Measure state and second stage into TPMMatthew Garrett
2016-05-11shim: dealing with only one string on loadoptionIvan Hu
2016-03-22shim: mirror MokSBState in runtime so the kernel can make use of it.Mathieu Trudel-Lapierre
2015-11-17shim: check for EFI\BOOT\BOOT${ARCH}.EFI as well as the leading \ versionPeter Jones
2015-11-17shim: fix resource leak on should_use_fallback() error pathPeter Jones
2015-11-17shim: if generate_path() gets a full path, just return it.Peter Jones
2015-11-17shim: fix a wrong-abi call to Stall() and ResetSystem()Peter Jones
2015-11-17shim: handle BDS's li->LoadOptions and Shell's li->LoadOptions .Peter Jones
2015-11-17Fix unsigned int overflow on our i386 debug hook test.Peter Jones
2015-06-30Improve our debuginfo path printPeter Jones
2015-06-29Only be verbose the first time secure_mode() is called.Peter Jones
2015-06-29Add a conditional point for a debugger to attach.Peter Jones
2015-06-29Don't print anything or delay when start_image() succeeds.Peter Jones
2015-06-16Make shim to check MokXAuth for MOKX resetGary Ching-Pang Lin
2015-06-16Verify the EFI images with MOK blacklistGary Ching-Pang Lin
2015-06-16Copy the MOK blacklist to a RT variableGary Ching-Pang Lin
2015-06-16Support MOK blacklistGary Ching-Pang Lin
2015-06-11Ensure that apps launched by shim get correct BS->Exit() behaviorPeter Jones
2015-06-11Don't leave in_protocol==1 when shim_verify() isn't enforcing.Peter Jones
2015-06-04Only run MokManager if asked or a security violation occurs.Peter Jones
2015-04-13Don't install our protocols if we're not in secure mode.Peter Jones
2015-04-13Align the sections we're loading, and check for validity /after/ discarding.Peter Jones
2014-10-02Don't verify images with the empty build keyGary Ching-Pang Lin
2014-10-02Don't append an empty cert list to MokListRT if vendor_cert_size is 0.Peter Jones
2014-09-30Actually find the relocations correctly and process them that way.Peter Jones
2014-09-21Fix our "in_protocol" printing.Peter Jones
2014-09-21Don't call AuthenticodeVerify if vendor_cert_size is 0.Peter Jones
2014-09-21Validate computed hash bases/hash sizes more thoroughly.Peter Jones
2014-09-21Make 64-on-32 maybe work on x86_64.Peter Jones
2014-09-19Actually refer to the base relocation table of our loaded image.Peter Jones
2014-08-27Make sure we don't try to load a binary from a different arch.Peter Jones
2014-08-27Handle empty .reloc section in PE/COFF loaderArd Biesheuvel
2014-06-25Simplify the checking of SB and DB statesGary Ching-Pang Lin
2014-06-25Make sure we default to assuming we're locked down.Peter Jones
2014-06-25Check the secure variables with the lib functionsGary Ching-Pang Lin
2014-06-25Explain the logic in secure_mode() better.Peter Jones
2014-06-25Free the string from DevicePathToStrGary Ching-Pang Lin
2014-06-25Silence the functions of shim protocolGary Ching-Pang Lin
2014-06-25No newline for console_notifyGary Ching-Pang Lin
2014-06-25Remove grubpath in generate_path()Gary Ching-Pang Lin
2014-06-25Check the first 4 bytes of the certificateGary Ching-Pang Lin
2014-06-25Fetch the netboot image from the same deviceGary Ching-Pang Lin
2014-04-11Get rid of SectionCache in generate_hash(), it is unused.Peter Jones
2014-04-11Kees' patch missed the offset adjustment to PEHdr.Peter Jones
2014-04-11additional bounds-checking on section sizesKees Cook
2014-02-14Allow fallback to use the system's LoadImage/StartImage .Peter Jones
2013-11-19Don't hook system services if shim has no built-in keysMatthew Garrett
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-27 03:28:49 +0000