proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-06-15 17:59:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
694 Commits 1 Branch 3 Tags 11 MiB
dd3a5d7125
Commit Graph

14 Commits

Author SHA1 Message Date
Peter Jones
dd3a5d7125 Add support for vendor_db built-in shim authorized list. 
Potential new signing strategies ( for example signing grub, fwupdate
and vmlinuz with separate certificates ) require shim to support a
vendor provided bundle of trusted certificates and hashes, which allows
shim to trust EFI binaries matching either certificate by signature or
hash in the vendor_db.  Functionality is similar to vendor_dbx.

This also improves the mirroring quite a bit.
Upstream: pr#206
 2020-07-23 22:22:04 -04:00
Hans de Goede
1fe31ee1b4 console: Add console_print and console_print_at helpers 
This is a preparation commit for removing the setup_console(1) calls from
MokManager and shim so that we don't force the EFI console to switch to
text-mode.

This commit replaces all direct calls to Print / PrintAt with calls to
the new helpers (no functional changes) so that we can delay calling
setup_console(1) till the first Print call in a follow-up patch.

Signed-off-by: Hans de Goede <hdegoede@redhat.com>
 2018-03-12 18:00:41 -04:00
Peter Jones
9fdca5bbe1 Don't use uefi_call_wrapper(), ever. 
I'm pretty done with typing uefi_call_wrapper() and counting arguments
every time.  Instead, just make the compiler error if we don't have
ms_abi.  Also, make it so nothing can use uefi_call_wrapper() directly.

Signed-off-by: Peter Jones <pjones@redhat.com>
 2018-03-12 16:21:43 -04:00
Peter Jones
a55b4d6688 lib: Use EFI_ERROR() instead of comparing to EFI_SUCCESS everywhere. 
Also consistently name our status variable "efi_status" unless there's a
good reason not to, such as already having another one of those.

Signed-off-by: Peter Jones <pjones@redhat.com>
 2018-03-12 16:21:43 -04:00
Peter Jones
4816cd7533 lib: find_in_variable_esl(): Fix a tiny nitpick clang-analyze has. 
clang-analyze believes the following:

311	EFI_STATUS
312	variable_enroll_hash(CHAR16 *var, EFI_GUID owner,
313			     UINT8 hash[SHA256_DIGEST_SIZE])
314	{
315		EFI_STATUS efi_status;
316
317		efi_status = find_in_variable_esl(var, owner, hash, SHA256_DIGEST_SIZE);
>               Calling 'find_in_variable_esl' →

260	EFI_STATUS
261	find_in_variable_esl(CHAR16* var, EFI_GUID owner, UINT8 *key, UINTN keylen)
262	{
263		UINTN DataSize;
264		UINT8 *Data;
>               ← 'Data' declared without an initial value →
265		EFI_STATUS efi_status;
266
267		efi_status = get_variable(var, &Data, &DataSize, owner);
>               ← Calling 'get_variable' →

237	EFI_STATUS
238	get_variable(CHAR16 *var, UINT8 **data, UINTN *len, EFI_GUID owner)
239	{
240		return get_variable_attr(var, data, len, owner, NULL);
>		← Calling 'get_variable_attr' →

213	EFI_STATUS
214	get_variable_attr(CHAR16 *var, UINT8 **data, UINTN *len, EFI_GUID owner,
215			  UINT32 *attributes)
216	{
217		EFI_STATUS efi_status;
218
219		*len = 0;
220
221		efi_status = GetVariable(var, &owner, NULL, len, NULL);
>		← Calling 'GetVariable' →
>		← Returning from 'GetVariable' →
222		if (efi_status != EFI_BUFFER_TOO_SMALL)
>		← Assuming the condition is true →
>		← Taking true branch →
223			return efi_status;
224
225		*data = AllocateZeroPool(*len);
226		if (!*data)
227			return EFI_OUT_OF_RESOURCES;
228
229		efi_status = GetVariable(var, &owner, attributes, len, *data);
230		if (EFI_ERROR(efi_status)) {
231			FreePool(*data);
232			*data = NULL;
233		}
234		return efi_status;
235	}

And it can't figure out that the first GetVariable() call will, in fact,
always return EFI_BUFFER_TOO_SMALL, and that AllocateZeroPool() will
then *correctly* clobber the two variables we never assigned the value
from.  It also then believes that efi_status might have been returned
/without/ being an error, and thinks that means we'll use the
uninitialized pointer.

This won't happen, but hey, let's make the code better express to the
checker what is intended.

Signed-off-by: Peter Jones <pjones@redhat.com>
 2018-03-12 16:21:43 -04:00
Peter Jones
7ee19bdc41 Use gcc's offsetof() instead of hacking out our own. 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2018-03-12 16:21:43 -04:00
Peter Jones
b953468e91 Don't have tons of local guid definitions for no reason at all. 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2018-03-12 16:21:43 -04:00
Peter Jones
4d70f10481 lib/variables.c: reformat CreateTimeBasedPayload() 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2018-03-12 16:21:43 -04:00
Peter Jones
dc62a3c4dc Move includes around to clean the source tree up a bit. 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2018-03-12 16:21:43 -04:00
Peter Jones
eb4cb6a509 Make sure we default to assuming we're locked down. 
If "SecureBoot" exists but "SetupMode" does not, assume "SetupMode" says
we're not in Setup Mode.

Signed-off-by: Peter Jones <pjones@redhat.com>
 2014-06-25 10:55:56 -04:00
Gary Ching-Pang Lin
868b372115 Check the secure variables with the lib functions 
There are functions defined in lib to check the secure variables.
Use the functions to shun the duplicate code.

Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>

Conflicts:
	shim.c
 2014-06-25 10:55:12 -04:00
Peter Jones
293f28d1fe Error check the right thing in get_variable_attr() when allocating. 
Signed-off-by: Peter Jones <pjones@redhat.com>
 2013-11-21 11:48:24 -05:00
Gary Ching-Pang Lin
7d602e843c Merge variable retrieving functions 2013-09-26 11:58:02 -04:00
Matthew Garrett
d359712e1b Port MokManager to Linux Foundation loader UI code 
This is the first stage of porting the MokManager UI to the UI code used
by the Linux Foundation UEFI loader.
 2013-09-26 11:57:59 -04:00