My favorite part of -Wsign-compare is how it shows different results on
different arches for no obvious reason.
Signed-off-by: Peter Jones <pjones@redhat.com>
It turned out that my previous crash fix(*) was wrong.
We actually always used the gcc built-in va functions instead of
the "real" va functions for EFIAPI, and we are just lucky that
ERR_add_error_data didn't crash before.
This commit copies the va functions from MdePkg/Include/Base.h
in edk2 and introdues NO_BUILTIN_VA_FUNCS for x86_64, so that all
the x86_64 build will adopt the new va functions. For safety,
I also added EFIAPI to all the functions which use va_* to avoid
the potential trouble.
(*) a7f4b26cc3
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Building 0.9 with GNU Make 4.0 fails with the following error:
Makefile:4: *** Recursive variable 'RELEASE' references itself (eventually). Stop.
Change RELEASE to simply-expanded.
Signed-off-by: Linn Crosetto <linn@hpe.com>
According to the gcc5 porting guideline (*), gcc5 defaults to
-std=gnu11 instead of -std=gnu89. Append -std=gnu89 to CFLAGS
to avoid the potential problems.
(*) https://gcc.gnu.org/gcc-5/porting_to.html
Based on the patch from Cristian Rodriguez <crrodriguez@opensuse.org>
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Without declaring EFIAPI for ERR_add_error_vdata, shim would crash
while verifying the loaded image.
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Nobody should be deploying SHA-1. No hardware deploys it, and the rate
of change on https://en.wikipedia.org/wiki/SHA-1#Attacks is wildly
uninspiring.
Signed-off-by: Peter Jones <pjones@redhat.com>
match_hash() requests the number of keys in a list and it was
mistakenly replaced with the size of the Mok node. This would
made MokManager to remove the whole Mok node instead of one
hash.
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
MokSize of the hash signature list includes the owner GUID,
so we should not add the 16bytes compensation.
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
When we made lib build with the correct CFLAGS, it inherited
-Werror=sign-compare, and I fixed up some parameters on
console_print_box() and console_print_box_at() to avoid sign comparison
errors.
The fixups were *completely wrong*, as some behavior relies on negative
values. So this fixes them in a completely different way, by casting
appropriately to signed types where we're doing comparisons.
Signed-off-by: Peter Jones <pjones@redhat.com>
Right now applications run by shim get our wrapper for Exit(), but it
doesn't do as much cleanup as it should - shim itself also exits, but
currently is not doing all the cleanup it should be doing.
This changes it so all of shim's cleanup is also performed.
Based on a patch and lots of review from Gary Lin.
Signed-off-by: Peter Jones <pjones@redhat.com>
Right now if shim_verify() sees secure_mode()==0, it exits with
EFI_SUCCESS, but accidentally leaves in_protocol=1. This means any
other call will have supressed error/warning messages.
That's wrong, so don't do it.
Signed-off-by: Peter Jones <pjones@redhat.com>
Don't run MokManager on any random error from start_image(second_stage);
only try it if it /is/ the second stage, or if start_image gave us
EFI_SECURITY_VIOLATION.
Signed-off-by: Peter Jones <pjones@redhat.com>
The wildcard support was introduced in objcopy since binutils 2.24.
However, objcopy < 2.24 never issues any warning message with the
wildcard and a faulty binary will be generated. This commit makes
the build failed as a notification for the usage of binutils < 2.24.
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
- Clarify meaning of insecure_mode. (LP: #1384973)
* debian/patches/CVE-2014-3675.patch, debian/patches/CVE-2014-3677.patch,
debian/patches/0001-Update-openssl-to-0.9.8za.patch: dropped, included
in the upstream release.
* debian/patches/sbsigntool-not-pesign,debian/patches/second-stage-path:
refreshed.
