proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-08-04 23:26:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
651 Commits 1 Branch 3 Tags 11 MiB
C 97.8%
Makefile 0.8%
Shell 0.7%
Assembly 0.7%
818a0dbd24
Go to file
Javier Martinez Canillas 818a0dbd24 shim: Prevent shim to set itself as a second stage loader 
When shim is invoked from a relative path (e.g: from the UEFI shell), the
Loaded Image handle LoadOptions can be set to the binary relative path.

But the is_our_path() function only checks if LoadOptions is set to the
absolute path of shim to ignore it. So if a relative path is there, shim
would set itself as the secondary loader and invoke itself in a loop.

To prevent that, use the path in LoadOptions to calculate the absolute
path and compare it with the one in the Loader Image handle FilePath.

Resolves: bz#1622485

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Reviewed-by: Maran Wilson maran.wilson@oracle.com
Tested-by: Maran Wilson maran.wilson@oracle.com
Upstream-commit-id: e563bc3dcd1
2020-07-23 20:52:12 -04:00
Cryptlib Work around clang bugs for scan-build. 2018-03-15 11:23:26 -04:00
include Fix get_variable() usage in setup_verbosity() 2018-04-05 14:49:17 -04:00
lib Fix get_variable() usage in setup_verbosity() 2018-04-05 14:49:17 -04:00
.gitignore Add "make scan-build" target. 2018-03-12 16:21:43 -04:00
.syntastic_c_config Fix syntastic config for include/ 2018-03-12 18:00:41 -04:00
.travis.yml .travis.yml: update travis to get newer gnu-efi. 2018-03-23 15:06:32 -04:00
buildid.c buildid: Check the return values of write() calls 2017-09-29 11:10:32 -04:00
BUILDING Document REQUIRE_TPM 2018-03-12 16:21:43 -04:00
cert.S Add support for 32-bit ARM 2014-08-12 10:54:05 -04:00
COPYRIGHT Add copyright file 2012-07-09 11:03:12 -04:00
crypt_blowfish.c Move includes around to clean the source tree up a bit. 2018-03-12 16:21:43 -04:00
elf_aarch64_efi.lds Don't allow anything with a small alignment in our PE files. 2017-04-26 21:52:23 -04:00
elf_arm_efi.lds Don't allow anything with a small alignment in our PE files. 2017-04-26 21:52:23 -04:00
elf_ia32_efi.lds Don't allow anything with a small alignment in our PE files. 2017-04-26 21:52:23 -04:00
elf_ia64_efi.lds Make shim_version live in a special aligned section. 2017-02-23 16:08:42 -05:00
elf_x86_64_efi.lds Don't allow anything with a small alignment in our PE files. 2017-04-26 21:52:23 -04:00
errlog.c console: Add console_print and console_print_at helpers 2018-03-12 18:00:41 -04:00
fallback.c Audit get_variable() calls for correct FreePool() use. 2018-04-05 14:49:17 -04:00
httpboot.c httpboot: show the error message for the ChildHandle 2020-07-23 20:51:18 -04:00
make-certs Sign MokManager with a locally-generated key 2012-11-26 13:43:50 -05:00
Make.coverity Add 'make coverity' target. 2018-03-12 16:21:43 -04:00
Make.defaults Makefiles: ensure -m32 gets propogated to our gcc parameter queries 2020-07-23 20:51:18 -04:00
Make.rules Add 'make coverity' target. 2018-03-12 16:21:43 -04:00
Make.scan-build Work around clang bugs for scan-build. 2018-03-15 11:23:26 -04:00
Makefile Fix the compile error of mkdir wrong directory. 2020-07-23 20:52:12 -04:00
model.c Add a model file for coverity. 2018-03-12 16:21:43 -04:00
mok.c shim: Make our variable validation and mirroring table driven. 2018-03-12 16:21:43 -04:00
MokManager.c MokManager: Stop using EFI_VARIABLE_APPEND_WRITE 2020-07-23 20:51:18 -04:00
MokVars.txt Add MokListX to MokVars.txt 2017-08-03 11:00:58 -04:00
netboot.c console: Add console_print and console_print_at helpers 2018-03-12 18:00:41 -04:00
PasswordCrypt.c shim: Use EFI_ERROR() instead of comparing to EFI_SUCCESS everywhere. 2018-03-12 16:21:43 -04:00
README Add install targets. 2017-08-11 15:18:39 -04:00
README.fallback README.fallback: correct the path of BOOT.CSV in layout example 2017-07-24 14:12:31 -04:00
README.tpm Add GRUB's PCR Usage to README.tpm 2020-07-23 20:51:49 -04:00
replacements.c console: Add console_print and console_print_at helpers 2018-03-12 18:00:41 -04:00
shim.c shim: Prevent shim to set itself as a second stage loader 2020-07-23 20:52:12 -04:00
shim.h Fix typo in debug path in shim.h 2020-07-23 20:51:18 -04:00
testplan.txt Another testplan error. 2014-10-02 01:01:46 -04:00
TODO Add another TODO for shim-16 2018-04-04 16:49:43 -04:00
tpm.c tpm_log_event_raw(): be more careful about EFI_NOT_FOUND 2018-04-04 16:49:43 -04:00
travis-build.sh travis: Fix a typo 2018-03-14 18:41:59 -04:00
version.c.in Make shim_version live in a special aligned section. 2017-02-23 16:08:42 -05:00
version.h Add ident-like blobs to shim.efi for version checking. 2013-10-03 11:11:09 -04:00

README 

shim is a trivial EFI application that, when run, attempts to open and
execute another application. It will initially attempt to do this via the
standard EFI LoadImage() and StartImage() calls. If these fail (because secure
boot is enabled and the binary is not signed with an appropriate key, for
instance) it will then validate the binary against a built-in certificate. If
this succeeds and if the binary or signing key are not blacklisted then shim
will relocate and execute the binary.

shim will also install a protocol which permits the second-stage bootloader
to perform similar binary validation. This protocol has a GUID as described
in the shim.h header file and provides a single entry point. On 64-bit systems
this entry point expects to be called with SysV ABI rather than MSABI, and
so calls to it should not be wrapped.

On systems with a TPM chip enabled and supported by the system firmware,
shim will extend various PCRs with the digests of the targets it is
loading.  A full list is in the file README.tpm .

To use shim, simply place a DER-encoded public certificate in a file such as
pub.cer and build with "make VENDOR_CERT_FILE=pub.cer".

There are a couple of build options, and a couple of ways to customize the
build, described in BUILDING.