proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-06-23 04:39:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
758 Commits 1 Branch 3 Tags 11 MiB
16f4f47f5c
Commit Graph

6 Commits

Author SHA1 Message Date
Peter Jones
6b8ef61a1a SBAT: parse a copy of the table that's got a NUL at the end 
Right now we allocate the PE file's contents in RW memory, but hopefully
that won't always be the case.  Our SBAT parsing, however, very much
expects to be able to edit it.  We also don't actually know that shim's
.sbat section is loaded r/w, so we can't necessarily write there.

This patch copies the SBAT data to its own buffer, plus one NUL byte at
the end, so we can always be sure that will work.

Signed-off-by: Peter Jones <pjones@redhat.com>
 2021-02-13 11:02:59 -05:00
Javier Martinez Canillas
ee8f7ed332 Add a function to parse the SBAT metadata from the .sbat section 
Parse the SBAT [0] Version-Based Revocation Metadata that's contained in a
.sbat data section of the loaded PE binary. This information is used along
with data in a SBAT variable to determine if a EFI binary has been revoked.

[0]: https://github.com/rhboot/shim/blob/sbat/SBAT.md

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
 2021-02-13 11:02:59 -05:00
Peter Jones
16732ad128 Add the beginning of .sbat parsing stuff 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2021-02-13 11:02:59 -05:00
Peter Jones
19f3b31f6a Add some more PE helpers we need for SBAT 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2021-02-13 11:02:59 -05:00
Peter Jones
dea41d4c27 Refactor some PE handling code 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2021-02-13 11:02:59 -05:00
Peter Jones
06e98a10f6 Move a bunch of PE-related stuff out of shim.c 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2021-02-13 11:02:59 -05:00