| Age | Commit message (Collapse) | Author |
|---|
|
hughsie asked me if I can make shim tell userland what kinds of accesses
are allowed to the heap, stack, and allocations on the running platform,
so that these could be reported up through fwupd's Host Security ID
program (see https://fwupd.github.io/libfwupdplugin/hsi.html ).
This adds a new config-only (i.e. not a UEFI variable) variable
generated during boot, "/sys/firmware/efi/mok-variables/HSIStatus",
which tells us those properties as well as if the EFI Memory Attribute
Protocol is present.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Currently when you've added a variable and not correctly changed the
test cases to match, you get a message like:
./test-mok-mirror
test-mok-mirror: setting variable sort policy to MOCK_SORT_DESCENDING
test-mok-mirror: setting delete policy to MOCK_VAR_DELETE_ATTR_ALLOW_ZERO
running test_mok_mirror_with_enough_space
test_mok_mirror_with_enough_space: passed
running test_mok_mirror_setvar_out_of_resources
check_config_table:232:mok.name[0] 72 != test.name[0] 0
check_config_table:232:Assertion `mok_entry->name[0] == mock_entry->name[0]' failed.
This adds another two lines:
test-mok-mirror: Failed on entry 4 mok.name:"HSIStatus" mock.name:""
test-mok-mirror: Entry is missing in expected variable list.
Or:
test-mok-mirror: Failed on entry 4 mok.name:"" mock.name:"HSIStatus"
test-mok-mirror: Entry is missing in found variable list.
Which will usually tell you which variable you forgot to add that's
present in test data, or what's missing in the test data and present
in the expected data.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
In 70366a286552760863bacb521fb00c654586b494, I introduced a test case
for test-mok-mirror to test the behavior when SetVariable() gives
EFI_OUT_OF_RESOURCES. Unfortunately this includes a memory error in its
cleanup functions:
==1972634== Invalid read of size 8
==1972634== at 0x4032F3: mock_sv_adjust_usage_data (mock-variables.c:468)
==1972634== by 0x40387B: mock_delete_variable (mock-variables.c:541)
==1972634== by 0x4014E8: mock_reset_variables (mock-variables.c:1353)
==1972634== by 0x401348: mock_finalize_vars_and_configs (mock-variables.c:1405)
==1972634== by 0x401731: main (test-mok-mirror.c:688)
==1972634== Address 0x1ffeffc4f8 is on thread 1's stack
==1972634== 6784 bytes below stack pointer
This is caused because the test data uses a linked-list data structure
in an array in the test data, and we try to iterate the list to free the
data, but of course the list pointers aren't initialized because it's an
array.
Whoops.
This patch makes it so we don't try to clean up that list, because we
don't need to.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This adds another test case for mirroring mok variables - in this case
there is arbitrarily not enough space in the SetVariable() storage
backend for some or all of the variables, and so some variables are
mirrored to both variables and the config space storage, and some only
to the config space storage.
Currently the test only ensures that the out-of-resources condition on
the variable storage is handled correctly; we don't (yet) test the
config space. That's an avenue for future work.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
This makes a generic test_mok_mirror() which can validate the result of
(hopefully) any run of any result of import_mok_state(), and changes
test_mok_mirror_0() to use it, and also documents what's being tested
and the results it expects to see.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Within previous versions of shim the MokListTrusted var did not
exist. The user had to opt in to using the feature.
Change the default behavior to an opt out model. Since old
shims will not have the BS MokListTrusted set, use inverse
logic that sets the MokListTrustedRT to 1 when the boot
service variable is missing.
Many Linux distros carry out of tree patches to trust the mok
keys by default. These out of tree patches can be dropped
when using a Linux kernel that supports MokListTrustedRT.
Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
|
|
Currently valgrind shows a minor issue which is not introduced in this
patch series:
==2595397==
==2595397== HEAP SUMMARY:
==2595397== in use at exit: 16,368 bytes in 48 blocks
==2595397== total heap usage: 6,953 allocs, 6,905 frees, 9,146,749 bytes allocated
==2595397==
==2595397== 16,368 bytes in 48 blocks are definitely lost in loss record 1 of 1
==2595397== at 0x4845464: calloc (vg_replace_malloc.c:1117)
==2595397== by 0x4087F2: mock_efi_allocate_pool (test.c:72)
==2595397== by 0x4098DE: UnknownInlinedFun (misc.c:33)
==2595397== by 0x4098DE: AllocateZeroPool (misc.c:48)
==2595397== by 0x403D40: get_variable_attr (variables.c:301)
==2595397== by 0x4071C4: import_one_mok_state (mok.c:831)
==2595397== by 0x4072F4: import_mok_state (mok.c:908)
==2595397== by 0x407FA6: test_mok_mirror_0 (test-mok-mirror.c:205)
==2595397== by 0x4035B2: main (test-mok-mirror.c:378)
==2595397==
==2595397== LEAK SUMMARY:
==2595397== definitely lost: 16,368 bytes in 48 blocks
==2595397== indirectly lost: 0 bytes in 0 blocks
==2595397== possibly lost: 0 bytes in 0 blocks
==2595397== still reachable: 0 bytes in 0 blocks
==2595397== suppressed: 0 bytes in 0 blocks
==2595397==
This is because we're doing get_variable_attr() on the same variable
more than once and saving the value to our variables table. Each
additional time we do so leaks the previous one.
This patch solves the issue by not getting the variable again if it's
already set in the table, and adds a test case to check if we're doing
get_variable() of any variety on the same variable more than once.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
Test that our mok mirroring doesn't ever try to delete any variable that
it has previously created, and that it properly mirrors at least
MokList, MokListX, and SbatLevel, at least when variables actually work.
These tests will fail (rather a lot) without 7f64fd6da9458b73c4.
Currently valgrind shows a memory leak in this code which is not
introduced in this patch series. Since all of our memory is freed on
Exit() or when kernel does ExitBootServices(), this doesn't have any
significant repercussions.
Signed-off-by: Peter Jones <pjones@redhat.com>
|
