diff options
| author | Jia Zhang <lans.zhang2008@gmail.com> | 2017-08-22 17:53:49 +0800 |
|---|---|---|
| committer | Jia Zhang <lans.zhang2008@gmail.com> | 2017-08-23 05:16:38 +0800 |
| commit | bfd800fe0287d9130a152cf4ad994178a8432401 (patch) | |
| tree | d955ae26ff836b240373873cea5a641c1a2a2066 | |
| parent | 6ad9a338e616ff3eed629b7917946f56af903da6 (diff) | |
| download | meta-secure-core-bfd800fe0287d9130a152cf4ad994178a8432401.tar.gz | |
shim: sync up with upstream
Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
7 files changed, 22 insertions, 335 deletions
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim/0006-Prevent-from-removing-intermediate-.efi.patch b/meta-efi-secure-boot/recipes-bsp/shim/shim/0006-Prevent-from-removing-intermediate-.efi.patch index 970c992..eb39bb9 100644 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim/0006-Prevent-from-removing-intermediate-.efi.patch +++ b/meta-efi-secure-boot/recipes-bsp/shim/shim/0006-Prevent-from-removing-intermediate-.efi.patch | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | From 8cfbeee2979f0049bf018f207afc01b55d1a7bcd Mon Sep 17 00:00:00 2001 | 1 | From 4019b6bad6e4e63fdf2079a1637c5f7afa9defbe Mon Sep 17 00:00:00 2001 |
| 2 | From: Lans Zhang <jia.zhang@windriver.com> | 2 | From: Jia Zhang <lans.zhang2008@gmail.com> |
| 3 | Date: Fri, 30 Jun 2017 16:59:34 +0800 | 3 | Date: Tue, 22 Aug 2017 17:31:04 +0800 |
| 4 | Subject: [PATCH] Prevent from removing intermediate .efi | 4 | Subject: [PATCH] Prevent from removing intermediate .efi |
| 5 | 5 | ||
| 6 | Upstream-Status: Pending | 6 | Upstream-Status: Pending |
| @@ -10,24 +10,24 @@ sysroots/x86_64-linux/usr/bin/pesign -n certdb -i MokManager.efi -c "shim" -s -o | |||
| 10 | rm fallback.efi MokManager.efi | 10 | rm fallback.efi MokManager.efi |
| 11 | DEBUG: Shell function do_compile finished | 11 | DEBUG: Shell function do_compile finished |
| 12 | 12 | ||
| 13 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | 13 | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com> |
| 14 | --- | 14 | --- |
| 15 | Makefile | 2 ++ | 15 | Makefile | 2 ++ |
| 16 | 1 file changed, 2 insertions(+) | 16 | 1 file changed, 2 insertions(+) |
| 17 | 17 | ||
| 18 | diff --git a/Makefile b/Makefile | 18 | diff --git a/Makefile b/Makefile |
| 19 | index 0497e4d..19e1b4f 100644 | 19 | index afd6504..0ec2b0b 100644 |
| 20 | --- a/Makefile | 20 | --- a/Makefile |
| 21 | +++ b/Makefile | 21 | +++ b/Makefile |
| 22 | @@ -108,6 +108,8 @@ ifneq ($(origin ENABLE_HTTPBOOT), undefined) | 22 | @@ -159,6 +159,8 @@ SOURCES = $(foreach source,$(ORIG_SOURCES),$(TOPDIR)/$(source)) version.c |
| 23 | SOURCES += httpboot.c httpboot.h | 23 | MOK_SOURCES = $(foreach source,$(ORIG_MOK_SOURCES),$(TOPDIR)/$(source)) |
| 24 | endif | 24 | FALLBACK_SRCS = $(foreach source,$(ORIG_FALLBACK_SRCS),$(TOPDIR)/$(source)) |
| 25 | 25 | ||
| 26 | +.PRECIOUS: $(MMNAME).efi $(FBNAME).efi | 26 | +.PRECIOUS: $(MMNAME).efi $(FBNAME).efi |
| 27 | + | 27 | + |
| 28 | all: $(TARGET) | 28 | all: $(TARGETS) |
| 29 | 29 | ||
| 30 | shim.crt shim.key: | 30 | shim.crt: |
| 31 | -- | 31 | -- |
| 32 | 2.7.5 | 32 | 2.14.1 |
| 33 | 33 | ||
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim/0007-Use-sbsign-to-sign-MokManager-and-fallback.patch b/meta-efi-secure-boot/recipes-bsp/shim/shim/0007-Use-sbsign-to-sign-MokManager-and-fallback.patch deleted file mode 100644 index 14fae76..0000000 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim/0007-Use-sbsign-to-sign-MokManager-and-fallback.patch +++ /dev/null | |||
| @@ -1,44 +0,0 @@ | |||
| 1 | From 04da6c928d5f15b7adb6c51e55b9aa0a8126063d Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Lans Zhang <jia.zhang@windriver.com> | ||
| 3 | Date: Wed, 21 Sep 2016 11:31:02 +0800 | ||
| 4 | Subject: [PATCH 07/11] Use sbsign to sign MokManager and fallback | ||
| 5 | |||
| 6 | Upstream-Status: Pending | ||
| 7 | |||
| 8 | pesign is written with -std=gnu11 and thus the host gcc version lower | ||
| 9 | than 4.7 cannot build out pesign. | ||
| 10 | |||
| 11 | sbsign is another alternate used to sign efi binary and it works well. | ||
| 12 | Therefore, drop to use sbsign to sign efi binary. | ||
| 13 | |||
| 14 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | ||
| 15 | --- | ||
| 16 | Makefile | 5 +++-- | ||
| 17 | 1 file changed, 3 insertions(+), 2 deletions(-) | ||
| 18 | |||
| 19 | diff --git a/Makefile b/Makefile | ||
| 20 | index 7c71993..58b4b4c 100644 | ||
| 21 | --- a/Makefile | ||
| 22 | +++ b/Makefile | ||
| 23 | @@ -12,6 +12,7 @@ HEXDUMP ?= hexdump | ||
| 24 | PK12UTIL ?= pk12util | ||
| 25 | CERTUTIL ?= certutil | ||
| 26 | PESIGN ?= pesign | ||
| 27 | +SBSIGN ?= sbsign | ||
| 28 | |||
| 29 | ARCH = $(shell $(CC) -dumpmachine | cut -f1 -d- | sed s,i[3456789]86,ia32,) | ||
| 30 | OBJCOPY_GTE224 = $(shell expr `$(OBJCOPY) --version |grep ^"GNU objcopy" | sed 's/^.*\((.*)\|version\) //g' | cut -f1-2 -d.` \>= 2.24) | ||
| 31 | @@ -190,8 +191,8 @@ endif | ||
| 32 | -j .note.gnu.build-id \ | ||
| 33 | $(FORMAT) $^ $@.debug | ||
| 34 | |||
| 35 | -%.efi.signed: %.efi certdb/secmod.db | ||
| 36 | - $(PESIGN) -n certdb -i $< -c "shim" -s -o $@ -f | ||
| 37 | +%.efi.signed: %.efi shim.key shim.crt | ||
| 38 | + $(SBSIGN) --key shim.key --cert shim.crt --output $@ $< | ||
| 39 | |||
| 40 | clean: | ||
| 41 | $(MAKE) -C Cryptlib clean | ||
| 42 | -- | ||
| 43 | 2.11.0 | ||
| 44 | |||
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim/0008-Fix-the-world-build-failure-due-to-the-missing-rule-.patch b/meta-efi-secure-boot/recipes-bsp/shim/shim/0008-Fix-the-world-build-failure-due-to-the-missing-rule-.patch index c53a52f..fbf0f14 100644 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim/0008-Fix-the-world-build-failure-due-to-the-missing-rule-.patch +++ b/meta-efi-secure-boot/recipes-bsp/shim/shim/0008-Fix-the-world-build-failure-due-to-the-missing-rule-.patch | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | From 3b4fe6b2eda92c78c80a2c0c1ab5625fd0920811 Mon Sep 17 00:00:00 2001 | 1 | From 22b58e64a0cd10456f79f146216c899a898ce037 Mon Sep 17 00:00:00 2001 |
| 2 | From: Lans Zhang <jia.zhang@windriver.com> | 2 | From: Jia Zhang <lans.zhang2008@gmail.com> |
| 3 | Date: Thu, 3 Aug 2017 09:53:37 +0800 | 3 | Date: Tue, 22 Aug 2017 17:32:47 +0800 |
| 4 | Subject: [PATCH] Fix the world build failure due to the missing rule of | 4 | Subject: [PATCH] Fix the world build failure due to the missing rule of |
| 5 | generating shim.key | 5 | generating shim.key |
| 6 | 6 | ||
| @@ -12,18 +12,18 @@ for signing. However, the commit 79c0d3ab3964ff03483277a515aaf50016bbe786 | |||
| 12 | forgets to add the rule of generating shim.key, causing the world build | 12 | forgets to add the rule of generating shim.key, causing the world build |
| 13 | failure. | 13 | failure. |
| 14 | 14 | ||
| 15 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | 15 | Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com> |
| 16 | --- | 16 | --- |
| 17 | Makefile | 2 +- | 17 | Makefile | 2 +- |
| 18 | 1 file changed, 1 insertion(+), 1 deletion(-) | 18 | 1 file changed, 1 insertion(+), 1 deletion(-) |
| 19 | 19 | ||
| 20 | diff --git a/Makefile b/Makefile | 20 | diff --git a/Makefile b/Makefile |
| 21 | index 063578a..96bdf14 100644 | 21 | index 0ec2b0b..2fc6c90 100644 |
| 22 | --- a/Makefile | 22 | --- a/Makefile |
| 23 | +++ b/Makefile | 23 | +++ b/Makefile |
| 24 | @@ -125,7 +125,7 @@ FALLBACK_SRCS = $(foreach source,$(ORIG_FALLBACK_SRCS),$(TOPDIR)/$(source)) | 24 | @@ -163,7 +163,7 @@ FALLBACK_SRCS = $(foreach source,$(ORIG_FALLBACK_SRCS),$(TOPDIR)/$(source)) |
| 25 | 25 | ||
| 26 | all: $(TARGET) | 26 | all: $(TARGETS) |
| 27 | 27 | ||
| 28 | -shim.crt: | 28 | -shim.crt: |
| 29 | +shim.crt shim.key: | 29 | +shim.crt shim.key: |
| @@ -31,5 +31,5 @@ index 063578a..96bdf14 100644 | |||
| 31 | 31 | ||
| 32 | shim.cer: shim.crt | 32 | shim.cer: shim.crt |
| 33 | -- | 33 | -- |
| 34 | 2.7.5 | 34 | 2.14.1 |
| 35 | 35 | ||
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim/0010-Makefile-do-not-sign-the-efi-file.patch b/meta-efi-secure-boot/recipes-bsp/shim/shim/0010-Makefile-do-not-sign-the-efi-file.patch deleted file mode 100644 index 4819a94..0000000 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim/0010-Makefile-do-not-sign-the-efi-file.patch +++ /dev/null | |||
| @@ -1,35 +0,0 @@ | |||
| 1 | From b3d57a092d837fe8134e0b3ff408040fa33d4efc Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Yunguo Wei <yunguo.wei@windriver.com> | ||
| 3 | Date: Wed, 28 Dec 2016 11:08:37 +0800 | ||
| 4 | Subject: [PATCH 10/11] Makefile: do not sign the efi file | ||
| 5 | |||
| 6 | Shim tries to sign all the efi binaries at build time, but is not | ||
| 7 | suitable for us. Because the private key has to be supplied, and this | ||
| 8 | doesn't make sense to EDSS key. | ||
| 9 | |||
| 10 | We will use a seperated function in bitbake file to | ||
| 11 | sign these efi binaries, so that we can freely use EDSS key, Wind | ||
| 12 | River sample key or user key. | ||
| 13 | |||
| 14 | Signed-off-by: Yunguo Wei <yunguo.wei@windriver.com> | ||
| 15 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | ||
| 16 | --- | ||
| 17 | Makefile | 2 +- | ||
| 18 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 19 | |||
| 20 | diff --git a/Makefile b/Makefile | ||
| 21 | index 24e21a8..0912cd0 100644 | ||
| 22 | --- a/Makefile | ||
| 23 | +++ b/Makefile | ||
| 24 | @@ -92,7 +92,7 @@ endif | ||
| 25 | |||
| 26 | LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(EFI_PATH) -L$(LIB_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1 | ||
| 27 | |||
| 28 | -TARGET = $(SHIMNAME).efi $(MMNAME).efi.signed $(FBNAME).efi.signed | ||
| 29 | +TARGET = $(SHIMNAME).efi $(MMNAME).efi $(FBNAME).efi | ||
| 30 | OBJS = shim.o netboot.o cert.o replacements.o tpm.o version.o | ||
| 31 | KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer | ||
| 32 | SOURCES = shim.c shim.h netboot.c include/PeImage.h include/wincert.h include/console.h replacements.c replacements.h tpm.c tpm.h version.c version.h | ||
| 33 | -- | ||
| 34 | 2.11.0 | ||
| 35 | |||
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim/0013-fallback-fix-double-free-of-dp.patch b/meta-efi-secure-boot/recipes-bsp/shim/shim/0013-fallback-fix-double-free-of-dp.patch deleted file mode 100644 index e9d3b47..0000000 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim/0013-fallback-fix-double-free-of-dp.patch +++ /dev/null | |||
| @@ -1,35 +0,0 @@ | |||
| 1 | From 2003b828be0e0fe774e119922e81ee0bb0d2ecdd Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Lans Zhang <jia.zhang@windriver.com> | ||
| 3 | Date: Wed, 9 Aug 2017 16:10:14 +0800 | ||
| 4 | Subject: [PATCH 1/2] fallback: fix double free of dp | ||
| 5 | |||
| 6 | If the boot option recorded in csv is not in a media device path, the | ||
| 7 | corresponding full device path will be referred for creating the boot | ||
| 8 | variable. | ||
| 9 | |||
| 10 | However, the current code logic always frees the full device path | ||
| 11 | (full_device_path) and the media device path (dp) separately. In order | ||
| 12 | to resolve this issue, always check whether dp equals to full_device_path | ||
| 13 | before freeing dp. | ||
| 14 | |||
| 15 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | ||
| 16 | --- | ||
| 17 | fallback.c | 2 +- | ||
| 18 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 19 | |||
| 20 | diff --git a/fallback.c b/fallback.c | ||
| 21 | index 9b64077..2ef1b86 100644 | ||
| 22 | --- a/fallback.c | ||
| 23 | +++ b/fallback.c | ||
| 24 | @@ -482,7 +482,7 @@ add_to_boot_list(CHAR16 *dirname, CHAR16 *filename, CHAR16 *label, CHAR16 *argum | ||
| 25 | err: | ||
| 26 | if (full_device_path) | ||
| 27 | FreePool(full_device_path); | ||
| 28 | - if (dp) | ||
| 29 | + if (dp && dp != full_device_path) | ||
| 30 | FreePool(dp); | ||
| 31 | if (fullpath) | ||
| 32 | FreePool(fullpath); | ||
| 33 | -- | ||
| 34 | 2.13.2 | ||
| 35 | |||
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim/0014-fallback-work-around-the-issue-of-boot-option-creati.patch b/meta-efi-secure-boot/recipes-bsp/shim/shim/0014-fallback-work-around-the-issue-of-boot-option-creati.patch deleted file mode 100644 index cad1cc2..0000000 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim/0014-fallback-work-around-the-issue-of-boot-option-creati.patch +++ /dev/null | |||
| @@ -1,197 +0,0 @@ | |||
| 1 | From 0fbd5a6375bbfe463979cc1958bc721353e49625 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Lans Zhang <jia.zhang@windriver.com> | ||
| 3 | Date: Fri, 11 Aug 2017 13:42:20 +0800 | ||
| 4 | Subject: [PATCH 2/2] fallback: work around the issue of boot option creation | ||
| 5 | with AMI BIOS | ||
| 6 | |||
| 7 | AMI BIOS (e.g, Intel NUC5i3MYHE) may automatically hide and patch BootXXXX | ||
| 8 | variables with ami_masked_device_path_guid. | ||
| 9 | |||
| 10 | Initially, the normal boot option created by fallback looks like this: | ||
| 11 | 00000000 01 00 00 00 5e 00 42 00 6f 00 6f 00 74 00 6c 00 |....^.B.o.o.t.l.| | ||
| 12 | 00000010 6f 00 61 00 64 00 65 00 72 00 20 00 54 00 65 00 |o.a.d.e.r. .T.e.| | ||
| 13 | 00000020 73 00 74 00 20 00 28 00 36 00 34 00 2d 00 62 00 |s.t. .(.6.4.-.b.| | ||
| 14 | 00000030 69 00 74 00 29 00 00 00 04 01 2a 00 01 00 00 00 |i.t.).....*.....| | ||
| 15 | 00000040 00 08 00 00 00 00 00 00 00 00 08 00 00 00 00 00 |................| | ||
| 16 | 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| | ||
| 17 | 00000060 01 01 04 04 30 00 5c 00 45 00 46 00 49 00 5c 00 |....0.\.E.F.I.\.| | ||
| 18 | 00000070 42 00 4f 00 4f 00 54 00 5c 00 74 00 65 00 73 00 |B.O.O.T.\.t.e.s.| | ||
| 19 | 00000080 74 00 78 00 36 00 34 00 2e 00 65 00 66 00 69 00 |t.x.6.4...e.f.i.| | ||
| 20 | 00000090 00 00 7f ff 04 00 |......| | ||
| 21 | 00000096 | ||
| 22 | |||
| 23 | after reboot, fallback has to create a new one due to the previous boot | ||
| 24 | option is hidden and masked by AMI BIOS: | ||
| 25 | 00000000 09 00 00 00 76 00 42 00 6f 00 6f 00 74 00 6c 00 |....v.B.o.o.t.l.| | ||
| 26 | 00000010 6f 00 61 00 64 00 65 00 72 00 20 00 54 00 65 00 |o.a.d.e.r. .T.e.| | ||
| 27 | 00000020 73 00 74 00 20 00 28 00 36 00 34 00 2d 00 62 00 |s.t. .(.6.4.-.b.| | ||
| 28 | 00000030 69 00 74 00 29 00 00 00 01 04 14 00 e7 75 e2 99 |i.t.)........u..| | ||
| 29 | 00000040 a0 75 37 4b a2 e6 c5 38 5e 6c 00 cb 7f ff 04 00 |.u7K...8^l......| | ||
| 30 | 00000050 04 01 2a 00 01 00 00 00 00 08 00 00 00 00 00 00 |..*.............| | ||
| 31 | 00000060 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| | ||
| 32 | 00000070 00 00 00 00 00 00 00 00 01 01 04 04 30 00 5c 00 |............0.\.| | ||
| 33 | 00000080 45 00 46 00 49 00 5c 00 42 00 4f 00 4f 00 54 00 |E.F.I.\.B.O.O.T.| | ||
| 34 | 00000090 5c 00 74 00 65 00 73 00 74 00 78 00 36 00 34 00 |\.t.e.s.t.x.6.4.| | ||
| 35 | 000000a0 2e 00 65 00 66 00 69 00 00 00 7f ff 04 00 |..e.f.i.......| | ||
| 36 | 000000ae | ||
| 37 | |||
| 38 | And after several reboot, fallback will have to create more boot options | ||
| 39 | because AMI BIOS corrupts the previous ones. | ||
| 40 | |||
| 41 | We can get the valid device path if just skipping the masked device path and | ||
| 42 | its next end path. | ||
| 43 | |||
| 44 | Signed-off-by: Lans Zhang <jia.zhang@windriver.com> | ||
| 45 | --- | ||
| 46 | fallback.c | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--- | ||
| 47 | 1 file changed, 109 insertions(+), 5 deletions(-) | ||
| 48 | |||
| 49 | diff --git a/fallback.c b/fallback.c | ||
| 50 | index 2ef1b86..46894af 100644 | ||
| 51 | --- a/fallback.c | ||
| 52 | +++ b/fallback.c | ||
| 53 | @@ -287,6 +287,105 @@ add_boot_option(EFI_DEVICE_PATH *hddp, EFI_DEVICE_PATH *fulldp, | ||
| 54 | return EFI_OUT_OF_RESOURCES; | ||
| 55 | } | ||
| 56 | |||
| 57 | +/* | ||
| 58 | + * AMI BIOS (e.g, Intel NUC5i3MYHE) may automatically hide and patch BootXXXX | ||
| 59 | + * variables with ami_masked_device_path_guid. We can get the valid device path | ||
| 60 | + * if just skipping it and its next end path. | ||
| 61 | + */ | ||
| 62 | + | ||
| 63 | +static EFI_GUID ami_masked_device_path_guid = { | ||
| 64 | + 0x99e275e7, 0x75a0, 0x4b37, | ||
| 65 | + { 0xa2, 0xe6, 0xc5, 0x38, 0x5e, 0x6c, 0x0, 0xcb } | ||
| 66 | +}; | ||
| 67 | + | ||
| 68 | +static unsigned int | ||
| 69 | +calc_masked_boot_option_size(unsigned int size) | ||
| 70 | +{ | ||
| 71 | + return size + sizeof(EFI_DEVICE_PATH) + | ||
| 72 | + sizeof(ami_masked_device_path_guid) + sizeof(EFI_DEVICE_PATH); | ||
| 73 | +} | ||
| 74 | + | ||
| 75 | +static int | ||
| 76 | +check_masked_boot_option(CHAR8 *candidate, unsigned int candidate_size, | ||
| 77 | + CHAR8 *data, unsigned int data_size) | ||
| 78 | +{ | ||
| 79 | + /* | ||
| 80 | + * The patched BootXXXX variables contain a hardware device path and | ||
| 81 | + * an end path, preceding the real device path. | ||
| 82 | + */ | ||
| 83 | + if (calc_masked_boot_option_size(data_size) != candidate_size) | ||
| 84 | + return 1; | ||
| 85 | + | ||
| 86 | + CHAR8 *cursor = candidate; | ||
| 87 | + | ||
| 88 | + /* Check whether the BootXXXX is patched */ | ||
| 89 | + cursor += sizeof(UINT32) + sizeof(UINT16); | ||
| 90 | + cursor += StrSize((CHAR16 *)cursor); | ||
| 91 | + | ||
| 92 | + unsigned int min_valid_size = cursor - candidate + sizeof(EFI_DEVICE_PATH); | ||
| 93 | + | ||
| 94 | + if (candidate_size <= min_valid_size) | ||
| 95 | + return 1; | ||
| 96 | + | ||
| 97 | + EFI_DEVICE_PATH *dp = (EFI_DEVICE_PATH *)cursor; | ||
| 98 | + unsigned int node_size = DevicePathNodeLength(dp) - sizeof(EFI_DEVICE_PATH); | ||
| 99 | + | ||
| 100 | + min_valid_size += node_size; | ||
| 101 | + if (candidate_size <= min_valid_size || | ||
| 102 | + DevicePathType(dp) != HARDWARE_DEVICE_PATH || | ||
| 103 | + DevicePathSubType(dp) != HW_VENDOR_DP || | ||
| 104 | + node_size != sizeof(ami_masked_device_path_guid) || | ||
| 105 | + CompareGuid((EFI_GUID *)(cursor + sizeof(EFI_DEVICE_PATH)), | ||
| 106 | + &ami_masked_device_path_guid)) | ||
| 107 | + return 1; | ||
| 108 | + | ||
| 109 | + /* Check whether the patched guid is followed by an end path */ | ||
| 110 | + min_valid_size += sizeof(EFI_DEVICE_PATH); | ||
| 111 | + if (candidate_size <= min_valid_size) | ||
| 112 | + return 1; | ||
| 113 | + | ||
| 114 | + dp = NextDevicePathNode(dp); | ||
| 115 | + if (!IsDevicePathEnd(dp)) | ||
| 116 | + return 1; | ||
| 117 | + | ||
| 118 | + /* | ||
| 119 | + * OK. We may really get a masked BootXXXX variable. The next | ||
| 120 | + * step is to test whether it is hidden. | ||
| 121 | + */ | ||
| 122 | + UINT32 attrs = *(UINT32 *)candidate; | ||
| 123 | +#ifndef LOAD_OPTION_HIDDEN | ||
| 124 | +# define LOAD_OPTION_HIDDEN 0x00000008 | ||
| 125 | +#endif | ||
| 126 | + if (!(attrs & LOAD_OPTION_HIDDEN)) | ||
| 127 | + return 1; | ||
| 128 | + | ||
| 129 | + attrs &= ~LOAD_OPTION_HIDDEN; | ||
| 130 | + | ||
| 131 | + /* Compare the field Attributes */ | ||
| 132 | + if (attrs != *(UINT32 *)data) | ||
| 133 | + return 1; | ||
| 134 | + | ||
| 135 | + /* Compare the field FilePathListLength */ | ||
| 136 | + data += sizeof(UINT32); | ||
| 137 | + candidate += sizeof(UINT32); | ||
| 138 | + if (calc_masked_boot_option_size(*(UINT16 *)data) != | ||
| 139 | + *(UINT16 *)candidate) | ||
| 140 | + return 1; | ||
| 141 | + | ||
| 142 | + /* Compare the field Description */ | ||
| 143 | + data += sizeof(UINT16); | ||
| 144 | + candidate += sizeof(UINT16); | ||
| 145 | + if (CompareMem(candidate, data, cursor - candidate)) | ||
| 146 | + return 1; | ||
| 147 | + | ||
| 148 | + /* Compare the filed FilePathList */ | ||
| 149 | + cursor = (CHAR8 *)NextDevicePathNode(dp); | ||
| 150 | + data += sizeof(UINT16); | ||
| 151 | + data += StrSize((CHAR16 *)data); | ||
| 152 | + | ||
| 153 | + return CompareMem(cursor, data, candidate_size - min_valid_size); | ||
| 154 | +} | ||
| 155 | + | ||
| 156 | EFI_STATUS | ||
| 157 | find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp, | ||
| 158 | CHAR16 *filename, CHAR16 *label, CHAR16 *arguments, | ||
| 159 | @@ -316,7 +415,8 @@ find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp, | ||
| 160 | EFI_GUID global = EFI_GLOBAL_VARIABLE; | ||
| 161 | EFI_STATUS rc; | ||
| 162 | |||
| 163 | - CHAR8 *candidate = AllocateZeroPool(size); | ||
| 164 | + UINTN max_candidate_size = calc_masked_boot_option_size(size); | ||
| 165 | + CHAR8 *candidate = AllocateZeroPool(max_candidate_size); | ||
| 166 | if (!candidate) { | ||
| 167 | FreePool(data); | ||
| 168 | return EFI_OUT_OF_RESOURCES; | ||
| 169 | @@ -328,17 +428,21 @@ find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp, | ||
| 170 | varname[6] = hexmap[(bootorder[i] & 0x00f0) >> 4]; | ||
| 171 | varname[7] = hexmap[(bootorder[i] & 0x000f) >> 0]; | ||
| 172 | |||
| 173 | - UINTN candidate_size = size; | ||
| 174 | + UINTN candidate_size = max_candidate_size; | ||
| 175 | rc = uefi_call_wrapper(RT->GetVariable, 5, varname, &global, | ||
| 176 | NULL, &candidate_size, candidate); | ||
| 177 | if (EFI_ERROR(rc)) | ||
| 178 | continue; | ||
| 179 | |||
| 180 | - if (candidate_size != size) | ||
| 181 | + if (candidate_size != size) { | ||
| 182 | + if (check_masked_boot_option(candidate, candidate_size, | ||
| 183 | + data, size)) | ||
| 184 | + continue; | ||
| 185 | + } else if (CompareMem(candidate, data, size)) | ||
| 186 | continue; | ||
| 187 | |||
| 188 | - if (CompareMem(candidate, data, size)) | ||
| 189 | - continue; | ||
| 190 | + VerbosePrint(L"Found boot entry \"%s\" with label \"%s\" " | ||
| 191 | + L"for file \"%s\"\n", varname, label, filename); | ||
| 192 | |||
| 193 | /* at this point, we have duplicate data. */ | ||
| 194 | if (!first_new_option) { | ||
| 195 | -- | ||
| 196 | 2.13.2 | ||
| 197 | |||
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb b/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb index 001de7d..5aeeedb 100644 --- a/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb +++ b/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb | |||
| @@ -26,13 +26,9 @@ SRC_URI = "\ | |||
| 26 | file://0001-shim-allow-to-verify-sha1-digest-for-Authenticode.patch;apply=0 \ | 26 | file://0001-shim-allow-to-verify-sha1-digest-for-Authenticode.patch;apply=0 \ |
| 27 | file://0005-Fix-signing-failure-due-to-not-finding-certificate.patch;apply=0 \ | 27 | file://0005-Fix-signing-failure-due-to-not-finding-certificate.patch;apply=0 \ |
| 28 | file://0006-Prevent-from-removing-intermediate-.efi.patch \ | 28 | file://0006-Prevent-from-removing-intermediate-.efi.patch \ |
| 29 | file://0007-Use-sbsign-to-sign-MokManager-and-fallback.patch \ | ||
| 30 | file://0008-Fix-the-world-build-failure-due-to-the-missing-rule-.patch \ | 29 | file://0008-Fix-the-world-build-failure-due-to-the-missing-rule-.patch \ |
| 31 | file://0010-Makefile-do-not-sign-the-efi-file.patch \ | ||
| 32 | file://0011-Update-verification_method-if-the-loaded-image-is-si.patch;apply=0 \ | 30 | file://0011-Update-verification_method-if-the-loaded-image-is-si.patch;apply=0 \ |
| 33 | file://0012-netboot-replace-the-depreciated-EFI_PXE_BASE_CODE.patch \ | 31 | file://0012-netboot-replace-the-depreciated-EFI_PXE_BASE_CODE.patch \ |
| 34 | file://0013-fallback-fix-double-free-of-dp.patch \ | ||
| 35 | file://0014-fallback-work-around-the-issue-of-boot-option-creati.patch \ | ||
| 36 | file://0015-fallback-allow-to-search-.csv-in-EFI-BOOT.patch \ | 32 | file://0015-fallback-allow-to-search-.csv-in-EFI-BOOT.patch \ |
| 37 | file://0016-fallback-don-t-set-the-csv-entry-as-the-first-boot-b.patch \ | 33 | file://0016-fallback-don-t-set-the-csv-entry-as-the-first-boot-b.patch \ |
| 38 | file://0017-fallback-always-try-to-boot-the-option-recorded-in-c.patch \ | 34 | file://0017-fallback-always-try-to-boot-the-option-recorded-in-c.patch \ |
| @@ -42,7 +38,7 @@ SRC_URI_append_x86-64 = "\ | |||
| 42 | 'file://shim' + d.expand('EFI_ARCH') + '.efi.signed file://LICENSE' \ | 38 | 'file://shim' + d.expand('EFI_ARCH') + '.efi.signed file://LICENSE' \ |
| 43 | if uks_signing_model(d) == 'sample' else '', '', d)} \ | 39 | if uks_signing_model(d) == 'sample' else '', '', d)} \ |
| 44 | " | 40 | " |
| 45 | SRCREV = "631265b7e9c447412d423ffed1b39dfd706054cd" | 41 | SRCREV = "5202f80c32bdcab0469785e953bf9fa8dd4eaaa1" |
| 46 | 42 | ||
| 47 | S = "${WORKDIR}/git" | 43 | S = "${WORKDIR}/git" |
| 48 | 44 | ||
| @@ -50,6 +46,7 @@ inherit deploy user-key-store | |||
| 50 | 46 | ||
| 51 | EXTRA_OEMAKE = "\ | 47 | EXTRA_OEMAKE = "\ |
| 52 | CROSS_COMPILE="${TARGET_PREFIX}" \ | 48 | CROSS_COMPILE="${TARGET_PREFIX}" \ |
| 49 | prefix="${STAGING_DIR_HOST}/${prefix}" \ | ||
| 53 | LIB_GCC="`${CC} -print-libgcc-file-name`" \ | 50 | LIB_GCC="`${CC} -print-libgcc-file-name`" \ |
| 54 | LIB_PATH="${STAGING_LIBDIR}" \ | 51 | LIB_PATH="${STAGING_LIBDIR}" \ |
| 55 | EFI_PATH="${STAGING_LIBDIR}" \ | 52 | EFI_PATH="${STAGING_LIBDIR}" \ |
| @@ -68,6 +65,7 @@ EXTRA_OEMAKE = "\ | |||
| 68 | if uks_signing_model(d) == 'user' else ''} \ | 65 | if uks_signing_model(d) == 'user' else ''} \ |
| 69 | ENABLE_HTTPBOOT=1 \ | 66 | ENABLE_HTTPBOOT=1 \ |
| 70 | OVERRIDE_SECURITY_POLICY=1 \ | 67 | OVERRIDE_SECURITY_POLICY=1 \ |
| 68 | ENABLE_SBSIGN=1 \ | ||
| 71 | " | 69 | " |
| 72 | 70 | ||
| 73 | PARALLEL_MAKE = "" | 71 | PARALLEL_MAKE = "" |