summaryrefslogtreecommitdiff
path: root/shim.c
AgeCommit message (Expand)Author
2017-08-11Add ENABLE_SHIM_CERT to make MokManager/fallback signing optional.Peter Jones
2017-08-03Always measure all of MokSBState, MokList, and MokListXPeter Jones
2017-08-03Measure stage 2 according to specMatthew Garrett
2017-08-01Extend PCR 7Matthew Garrett
2017-06-15update verification_method if the loaded image is signed by shim/vendor certLans Zhang
2017-06-15skip the error message when creating MokListRT if vendor cert is emptyLans Zhang
2017-04-27Fix buffer overrun / damaged options passed to second_stage.John S. Gruber
2017-04-11shim: Remove the obsolete OBJ_cleanupGary Lin
2017-04-03generate_hash(): fix the regressionLans Zhang
2017-04-03Ignore BDS when it tells us we got our own path on the command line.Peter Jones
2017-03-27Fix some i386 type casting errorsPeter Jones
2017-03-27shim: disambiguate our global image handle.Peter Jones
2017-02-28Use EfiLoaderCode memory for loading PE/COFF executablesArd Biesheuvel
2017-02-06Also just check for access denied anyway.Peter Jones
2017-02-06Ensure all of the SB verification returns the same error code.Peter Jones
2017-02-06shim: fix the mirroring MokSBState failIvan Hu
2017-02-06generate_hash(): make check_size() set an error, and verify SecDir size.Peter Jones
2016-09-21shim: verify Extended Key Usage flagsMathieu Trudel-Lapierre
2016-09-09Fix up a merge error in 467878f3e0.Peter Jones
2016-09-09verify_buffer: check that the value of cert->Hdr.dwLength is reasonablePeter Jones
2016-09-06Minor formatting fixPeter Jones
2016-09-06Use authenticode signature length from WIN_CERTIFICATE structure.Sachin Agrawal
2016-09-06Don't close file twice in should_use_fallback error pathBenjamin Antin
2016-09-06shim: remove unused variableGary Lin
2016-09-06Fix the size of MokDBStateLans Zhang
2016-09-06Add the optional HTTPBoot supportGary Ching-Pang Lin
2016-09-06read_header/handle_image: treat uninitialized file alignment as PAGE_SIZEPeter Jones
2016-09-06Make fallback and mokmanager know about multi-arch.Peter Jones
2016-06-09shim: make the PE loader less overzealous on rejectionsPeter Jones
2016-05-11Measure state and second stage into TPMMatthew Garrett
2016-05-11shim: dealing with only one string on loadoptionIvan Hu
2016-03-22shim: mirror MokSBState in runtime so the kernel can make use of it.Mathieu Trudel-Lapierre
2015-11-17shim: check for EFI\BOOT\BOOT${ARCH}.EFI as well as the leading \ versionPeter Jones
2015-11-17shim: fix resource leak on should_use_fallback() error pathPeter Jones
2015-11-17shim: if generate_path() gets a full path, just return it.Peter Jones
2015-11-17shim: fix a wrong-abi call to Stall() and ResetSystem()Peter Jones
2015-11-17shim: handle BDS's li->LoadOptions and Shell's li->LoadOptions .Peter Jones
2015-11-17Fix unsigned int overflow on our i386 debug hook test.Peter Jones
2015-06-30Improve our debuginfo path printPeter Jones
2015-06-29Only be verbose the first time secure_mode() is called.Peter Jones
2015-06-29Add a conditional point for a debugger to attach.Peter Jones
2015-06-29Don't print anything or delay when start_image() succeeds.Peter Jones
2015-06-16Make shim to check MokXAuth for MOKX resetGary Ching-Pang Lin
2015-06-16Verify the EFI images with MOK blacklistGary Ching-Pang Lin
2015-06-16Copy the MOK blacklist to a RT variableGary Ching-Pang Lin
2015-06-16Support MOK blacklistGary Ching-Pang Lin
2015-06-11Ensure that apps launched by shim get correct BS->Exit() behaviorPeter Jones
2015-06-11Don't leave in_protocol==1 when shim_verify() isn't enforcing.Peter Jones
2015-06-04Only run MokManager if asked or a security violation occurs.Peter Jones
2015-04-13Don't install our protocols if we're not in secure mode.Peter Jones
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-24 22:56:31 +0000