diff --git a/shim-bnc841426-silence-shim-protocols.patch b/shim-bnc841426-silence-shim-protocols.patch new file mode 100644 index 0000000..0524ec9 --- /dev/null +++ b/shim-bnc841426-silence-shim-protocols.patch @@ -0,0 +1,789 @@ +From f60d64b0e119ad7df60d9111fc94fe7ded65750f Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Thu, 20 Jun 2013 12:41:14 -0400 +Subject: [PATCH 1/3] Don't print that fallback isn't found in + should_use_fallback() + +The call can simply fail if it isn't found - which will be the case on +removeable install media. + +Signed-off-by: Peter Jones +--- + shim.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/shim.c b/shim.c +index 47e3812..895b594 100644 +--- a/shim.c ++++ b/shim.c +@@ -951,7 +951,12 @@ should_use_fallback(EFI_HANDLE image_handle) + rc = uefi_call_wrapper(vh->Open, 5, vh, &fh, L"\\EFI\\BOOT" FALLBACK, + EFI_FILE_MODE_READ, 0); + if (EFI_ERROR(rc)) { +- Print(L"Could not open \"\\EFI\\BOOT%s\": %d\n", FALLBACK, rc); ++ /* Do not print the error here - this is an acceptable case ++ * for removable media, where we genuinely don't want ++ * fallback.efi to exist. ++ * Print(L"Could not open \"\\EFI\\BOOT%s\": %d\n", FALLBACK, ++ * rc); ++ */ + uefi_call_wrapper(vh->Close, 1, vh); + return 0; + } +-- +1.8.1.4 + + +From abe44733163c3ef8da96c09dadd8e54e65f9bdab Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Thu, 25 Jul 2013 10:51:05 -0400 +Subject: [PATCH 2/3] Don't print things on the screen by default when + everything works. + +There's no point to this text, and it generally confuses people. + +Signed-off-by: Peter Jones +--- + shim.c | 26 +++++++++++++++++++++----- + 1 file changed, 21 insertions(+), 5 deletions(-) + +diff --git a/shim.c b/shim.c +index 895b594..137290d 100644 +--- a/shim.c ++++ b/shim.c +@@ -53,6 +53,7 @@ static EFI_STATUS (EFIAPI *entry_point) (EFI_HANDLE image_handle, EFI_SYSTEM_TAB + static CHAR16 *second_stage; + static void *load_options; + static UINT32 load_options_size; ++static UINT8 verbose; + + /* + * The vendor certificate used for validating the second stage loader +@@ -431,7 +432,8 @@ static BOOLEAN secure_mode (void) + + /* FIXME - more paranoia here? */ + if (status != EFI_SUCCESS || sb != 1) { +- Print(L"Secure boot not enabled\n"); ++ if (verbose) ++ Print(L"Secure boot not enabled\n"); + return FALSE; + } + +@@ -439,7 +441,8 @@ static BOOLEAN secure_mode (void) + (void *)&setupmode); + + if (status == EFI_SUCCESS && setupmode == 1) { +- Print(L"Platform is in setup mode\n"); ++ if (verbose) ++ Print(L"Platform is in setup mode\n"); + return FALSE; + } + +@@ -699,7 +702,8 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + status = check_whitelist(cert, sha256hash, sha1hash); + + if (status == EFI_SUCCESS) { +- Print(L"Binary is whitelisted\n"); ++ if (verbose) ++ Print(L"Binary is whitelisted\n"); + return status; + } + +@@ -711,7 +715,8 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + shim_cert, sizeof(shim_cert), sha256hash, + SHA256_DIGEST_SIZE)) { + status = EFI_SUCCESS; +- Print(L"Binary is verified by the vendor certificate\n"); ++ if (verbose) ++ Print(L"Binary is verified by the vendor certificate\n"); + return status; + } + +@@ -724,7 +729,8 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + vendor_cert, vendor_cert_size, sha256hash, + SHA256_DIGEST_SIZE)) { + status = EFI_SUCCESS; +- Print(L"Binary is verified by the vendor certificate\n"); ++ if (verbose) ++ Print(L"Binary is verified by the vendor certificate\n"); + return status; + } + +@@ -1501,6 +1507,10 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab) + static SHIM_LOCK shim_lock_interface; + EFI_HANDLE handle = NULL; + EFI_STATUS efi_status; ++ UINT8 verbose_check; ++ UINTN verbose_check_size; ++ UINT32 attributes; ++ EFI_GUID global_var = EFI_GLOBAL_VARIABLE; + + /* + * Set up the shim lock protocol so that grub and MokManager can +@@ -1517,6 +1527,12 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab) + */ + InitializeLib(image_handle, systab); + ++ verbose_check_size = 1; ++ efi_status = get_variable(L"SHIM_VERBOSE", global_var, &attributes, ++ &verbose_check_size, (void *)&verbose_check); ++ if (!EFI_ERROR(efi_status)) ++ verbose = verbose_check; ++ + /* Set the second stage loader */ + set_second_stage (image_handle); + +-- +1.8.1.4 + + +From 3a131108f7b86af4fe5ed0021374467feb98bd54 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Tue, 1 Oct 2013 11:58:52 +0800 +Subject: [PATCH 3/3] Keep silent in shim protocol + +On some machines, grub2 hung on shim_verify() which tried to output +messages. This commit silences the functions used in the shim +protocols to avoid system hang. +--- + shim.c | 178 +++++++++++++++++++++++++++++++++++++++-------------------------- + 1 file changed, 106 insertions(+), 72 deletions(-) + +diff --git a/shim.c b/shim.c +index 137290d..a0de14e 100644 +--- a/shim.c ++++ b/shim.c +@@ -54,6 +54,9 @@ static CHAR16 *second_stage; + static void *load_options; + static UINT32 load_options_size; + static UINT8 verbose; ++static UINT8 in_protocol; ++ ++#define ERROR(...) if(!in_protocol) {Print(__VA_ARGS__);} + + /* + * The vendor certificate used for validating the second stage loader +@@ -94,7 +97,7 @@ static EFI_STATUS get_variable (CHAR16 *name, EFI_GUID guid, UINT32 *attributes, + *buffer = AllocatePool(*size); + + if (!*buffer) { +- Print(L"Unable to allocate variable buffer\n"); ++ ERROR(L"Unable to allocate variable buffer\n"); + return EFI_OUT_OF_RESOURCES; + } + +@@ -134,7 +137,7 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context, + context->PEHdr->Pe32Plus.OptionalHeader.ImageBase = (UINT64)data; + + if (context->NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC) { +- Print(L"Image has no relocation entry\n"); ++ ERROR(L"Image has no relocation entry\n"); + return EFI_UNSUPPORTED; + } + +@@ -142,7 +145,7 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context, + RelocBaseEnd = ImageAddress(data, size, context->RelocDir->VirtualAddress + context->RelocDir->Size - 1); + + if (!RelocBase || !RelocBaseEnd) { +- Print(L"Reloc table overflows binary\n"); ++ ERROR(L"Reloc table overflows binary\n"); + return EFI_UNSUPPORTED; + } + +@@ -153,13 +156,13 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context, + RelocEnd = (UINT16 *) ((char *) RelocBase + RelocBase->SizeOfBlock); + + if ((void *)RelocEnd < data || (void *)RelocEnd > ImageEnd) { +- Print(L"Reloc entry overflows binary\n"); ++ ERROR(L"Reloc entry overflows binary\n"); + return EFI_UNSUPPORTED; + } + + FixupBase = ImageAddress(data, size, RelocBase->VirtualAddress); + if (!FixupBase) { +- Print(L"Invalid fixupbase\n"); ++ ERROR(L"Invalid fixupbase\n"); + return EFI_UNSUPPORTED; + } + +@@ -208,7 +211,7 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context, + break; + + default: +- Print(L"Unknown relocation\n"); ++ ERROR(L"Unknown relocation\n"); + return EFI_UNSUPPORTED; + } + Reloc += 1; +@@ -432,7 +435,7 @@ static BOOLEAN secure_mode (void) + + /* FIXME - more paranoia here? */ + if (status != EFI_SUCCESS || sb != 1) { +- if (verbose) ++ if (verbose && !in_protocol) + Print(L"Secure boot not enabled\n"); + return FALSE; + } +@@ -441,7 +444,7 @@ static BOOLEAN secure_mode (void) + (void *)&setupmode); + + if (status == EFI_SUCCESS && setupmode == 1) { +- if (verbose) ++ if (verbose && !in_protocol) + Print(L"Platform is in setup mode\n"); + return FALSE; + } +@@ -477,12 +480,12 @@ static EFI_STATUS generate_hash (char *data, int datasize, + sha1ctx = AllocatePool(sha1ctxsize); + + if (!sha256ctx || !sha1ctx) { +- Print(L"Unable to allocate memory for hash context\n"); ++ ERROR(L"Unable to allocate memory for hash context\n"); + return EFI_OUT_OF_RESOURCES; + } + + if (!Sha256Init(sha256ctx) || !Sha1Init(sha1ctx)) { +- Print(L"Unable to initialise hash\n"); ++ ERROR(L"Unable to initialise hash\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -494,7 +497,7 @@ static EFI_STATUS generate_hash (char *data, int datasize, + + if (!(Sha256Update(sha256ctx, hashbase, hashsize)) || + !(Sha1Update(sha1ctx, hashbase, hashsize))) { +- Print(L"Unable to generate hash\n"); ++ ERROR(L"Unable to generate hash\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -506,7 +509,7 @@ static EFI_STATUS generate_hash (char *data, int datasize, + + if (!(Sha256Update(sha256ctx, hashbase, hashsize)) || + !(Sha1Update(sha1ctx, hashbase, hashsize))) { +- Print(L"Unable to generate hash\n"); ++ ERROR(L"Unable to generate hash\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -518,7 +521,7 @@ static EFI_STATUS generate_hash (char *data, int datasize, + + if (!(Sha256Update(sha256ctx, hashbase, hashsize)) || + !(Sha1Update(sha1ctx, hashbase, hashsize))) { +- Print(L"Unable to generate hash\n"); ++ ERROR(L"Unable to generate hash\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -539,14 +542,14 @@ static EFI_STATUS generate_hash (char *data, int datasize, + } + + if (SumOfSectionBytes >= datasize) { +- Print(L"Malformed binary: %x %x\n", SumOfSectionBytes, size); ++ ERROR(L"Malformed binary: %x %x\n", SumOfSectionBytes, size); + status = EFI_INVALID_PARAMETER; + goto done; + } + + SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * context->PEHdr->Pe32.FileHeader.NumberOfSections); + if (SectionHeader == NULL) { +- Print(L"Unable to allocate section header\n"); ++ ERROR(L"Unable to allocate section header\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -572,14 +575,14 @@ static EFI_STATUS generate_hash (char *data, int datasize, + hashsize = (unsigned int) Section->SizeOfRawData; + + if (!hashbase) { +- Print(L"Malformed section header\n"); ++ ERROR(L"Malformed section header\n"); + status = EFI_INVALID_PARAMETER; + goto done; + } + + if (!(Sha256Update(sha256ctx, hashbase, hashsize)) || + !(Sha1Update(sha1ctx, hashbase, hashsize))) { +- Print(L"Unable to generate hash\n"); ++ ERROR(L"Unable to generate hash\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -596,7 +599,7 @@ static EFI_STATUS generate_hash (char *data, int datasize, + + if (!(Sha256Update(sha256ctx, hashbase, hashsize)) || + !(Sha1Update(sha1ctx, hashbase, hashsize))) { +- Print(L"Unable to generate hash\n"); ++ ERROR(L"Unable to generate hash\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -604,7 +607,7 @@ static EFI_STATUS generate_hash (char *data, int datasize, + + if (!(Sha256Final(sha256ctx, sha256hash)) || + !(Sha1Final(sha1ctx, sha1hash))) { +- Print(L"Unable to finalise hash\n"); ++ ERROR(L"Unable to finalise hash\n"); + status = EFI_OUT_OF_RESOURCES; + goto done; + } +@@ -634,9 +637,9 @@ static EFI_STATUS verify_mok (void) { + &MokListDataSize, &MokListData); + + if (attributes & EFI_VARIABLE_RUNTIME_ACCESS) { +- Print(L"MokList is compromised!\nErase all keys in MokList!\n"); ++ ERROR(L"MokList is compromised!\nErase all keys in MokList!\n"); + if (LibDeleteVariable(L"MokList", &shim_lock_guid) != EFI_SUCCESS) { +- Print(L"Failed to erase MokList\n"); ++ ERROR(L"Failed to erase MokList\n"); + } + status = EFI_ACCESS_DENIED; + return status; +@@ -658,19 +661,19 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + unsigned int size = datasize; + + if (context->SecDir->Size == 0) { +- Print(L"Empty security header\n"); ++ ERROR(L"Empty security header\n"); + return EFI_INVALID_PARAMETER; + } + + cert = ImageAddress (data, size, context->SecDir->VirtualAddress); + + if (!cert) { +- Print(L"Certificate located outside the image\n"); ++ ERROR(L"Certificate located outside the image\n"); + return EFI_INVALID_PARAMETER; + } + + if (cert->Hdr.wCertificateType != WIN_CERT_TYPE_PKCS_SIGNED_DATA) { +- Print(L"Unsupported certificate type %x\n", ++ ERROR(L"Unsupported certificate type %x\n", + cert->Hdr.wCertificateType); + return EFI_UNSUPPORTED; + } +@@ -691,7 +694,7 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + status = check_blacklist(cert, sha256hash, sha1hash); + + if (status != EFI_SUCCESS) { +- Print(L"Binary is blacklisted\n"); ++ ERROR(L"Binary is blacklisted\n"); + return status; + } + +@@ -702,7 +705,7 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + status = check_whitelist(cert, sha256hash, sha1hash); + + if (status == EFI_SUCCESS) { +- if (verbose) ++ if (verbose && !in_protocol) + Print(L"Binary is whitelisted\n"); + return status; + } +@@ -715,7 +718,7 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + shim_cert, sizeof(shim_cert), sha256hash, + SHA256_DIGEST_SIZE)) { + status = EFI_SUCCESS; +- if (verbose) ++ if (verbose && !in_protocol) + Print(L"Binary is verified by the vendor certificate\n"); + return status; + } +@@ -729,12 +732,12 @@ static EFI_STATUS verify_buffer (char *data, int datasize, + vendor_cert, vendor_cert_size, sha256hash, + SHA256_DIGEST_SIZE)) { + status = EFI_SUCCESS; +- if (verbose) ++ if (verbose && !in_protocol) + Print(L"Binary is verified by the vendor certificate\n"); + return status; + } + +- Print(L"Invalid signature\n"); ++ ERROR(L"Invalid signature\n"); + status = EFI_ACCESS_DENIED; + + return status; +@@ -750,7 +753,7 @@ static EFI_STATUS read_header(void *data, unsigned int datasize, + EFI_IMAGE_OPTIONAL_HEADER_UNION *PEHdr = data; + + if (datasize < sizeof(EFI_IMAGE_DOS_HEADER)) { +- Print(L"Invalid image\n"); ++ ERROR(L"Invalid image\n"); + return EFI_UNSUPPORTED; + } + +@@ -758,22 +761,22 @@ static EFI_STATUS read_header(void *data, unsigned int datasize, + PEHdr = (EFI_IMAGE_OPTIONAL_HEADER_UNION *)((char *)data + DosHdr->e_lfanew); + + if ((((UINT8 *)PEHdr - (UINT8 *)data) + sizeof(EFI_IMAGE_OPTIONAL_HEADER_UNION)) > datasize) { +- Print(L"Invalid image\n"); ++ ERROR(L"Invalid image\n"); + return EFI_UNSUPPORTED; + } + + if (PEHdr->Te.Signature != EFI_IMAGE_NT_SIGNATURE) { +- Print(L"Unsupported image type\n"); ++ ERROR(L"Unsupported image type\n"); + return EFI_UNSUPPORTED; + } + + if (PEHdr->Pe32.FileHeader.Characteristics & EFI_IMAGE_FILE_RELOCS_STRIPPED) { +- Print(L"Unsupported image - Relocations have been stripped\n"); ++ ERROR(L"Unsupported image - Relocations have been stripped\n"); + return EFI_UNSUPPORTED; + } + + if (PEHdr->Pe32.OptionalHeader.Magic != EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) { +- Print(L"Only 64-bit images supported\n"); ++ ERROR(L"Only 64-bit images supported\n"); + return EFI_UNSUPPORTED; + } + +@@ -789,22 +792,23 @@ static EFI_STATUS read_header(void *data, unsigned int datasize, + context->SecDir = (EFI_IMAGE_DATA_DIRECTORY *) &PEHdr->Pe32Plus.OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]; + + if (context->ImageSize < context->SizeOfHeaders) { +- Print(L"Invalid image\n"); ++ ERROR(L"Invalid image\n"); + return EFI_UNSUPPORTED; + } + + if (((UINT8 *)context->SecDir - (UINT8 *)data) > (datasize - sizeof(EFI_IMAGE_DATA_DIRECTORY))) { +- Print(L"Invalid image\n"); ++ ERROR(L"Invalid image\n"); + return EFI_UNSUPPORTED; + } + + if (context->SecDir->VirtualAddress >= datasize) { +- Print(L"Malformed security header\n"); ++ ERROR(L"Malformed security header\n"); + return EFI_INVALID_PARAMETER; + } + return EFI_SUCCESS; + } + ++ + /* + * Once the image has been loaded it needs to be validated and relocated + */ +@@ -823,7 +827,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, + */ + efi_status = read_header(data, datasize, &context); + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to read header\n"); ++ ERROR(L"Failed to read header\n"); + return efi_status; + } + +@@ -834,7 +838,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, + efi_status = verify_buffer(data, datasize, &context); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Verification failed\n"); ++ ERROR(L"Verification failed\n"); + return efi_status; + } + } +@@ -842,7 +846,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, + buffer = AllocatePool(context.ImageSize); + + if (!buffer) { +- Print(L"Failed to allocate image buffer\n"); ++ ERROR(L"Failed to allocate image buffer\n"); + return EFI_OUT_OF_RESOURCES; + } + +@@ -862,7 +866,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, + end = ImageAddress (buffer, context.ImageSize, Section->VirtualAddress + size - 1); + + if (!base || !end) { +- Print(L"Invalid section size\n"); ++ ERROR(L"Invalid section size\n"); + return EFI_UNSUPPORTED; + } + +@@ -881,7 +885,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, + efi_status = relocate_coff(&context, buffer); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Relocation failed\n"); ++ ERROR(L"Relocation failed\n"); + FreePool(buffer); + return efi_status; + } +@@ -899,7 +903,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, + li->LoadOptionsSize = load_options_size; + + if (!entry_point) { +- Print(L"Invalid entry point\n"); ++ ERROR(L"Invalid entry point\n"); + FreePool(buffer); + return EFI_UNSUPPORTED; + } +@@ -922,7 +926,7 @@ should_use_fallback(EFI_HANDLE image_handle) + rc = uefi_call_wrapper(BS->HandleProtocol, 3, image_handle, + &loaded_image_protocol, (void **)&li); + if (EFI_ERROR(rc)) { +- Print(L"Could not get image for bootx64.efi: %d\n", rc); ++ ERROR(L"Could not get image for bootx64.efi: %d\n", rc); + return 0; + } + +@@ -944,13 +948,13 @@ should_use_fallback(EFI_HANDLE image_handle) + rc = uefi_call_wrapper(BS->HandleProtocol, 3, li->DeviceHandle, + &FileSystemProtocol, (void **)&fio); + if (EFI_ERROR(rc)) { +- Print(L"Could not get fio for li->DeviceHandle: %d\n", rc); ++ ERROR(L"Could not get fio for li->DeviceHandle: %d\n", rc); + return 0; + } + + rc = uefi_call_wrapper(fio->OpenVolume, 2, fio, &vh); + if (EFI_ERROR(rc)) { +- Print(L"Could not open fio volume: %d\n", rc); ++ ERROR(L"Could not open fio volume: %d\n", rc); + return 0; + } + +@@ -1029,7 +1033,7 @@ static EFI_STATUS generate_path(EFI_LOADED_IMAGE *li, CHAR16 *ImagePath, + *PathName = AllocatePool(StrSize(bootpath) + StrSize(ImagePath)); + + if (!*PathName) { +- Print(L"Failed to allocate path buffer\n"); ++ ERROR(L"Failed to allocate path buffer\n"); + efi_status = EFI_OUT_OF_RESOURCES; + goto error; + } +@@ -1072,14 +1076,14 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data, + (void **)&drive); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to find fs\n"); ++ ERROR(L"Failed to find fs\n"); + goto error; + } + + efi_status = uefi_call_wrapper(drive->OpenVolume, 2, drive, &root); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to open fs\n"); ++ ERROR(L"Failed to open fs\n"); + goto error; + } + +@@ -1090,14 +1094,14 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data, + EFI_FILE_MODE_READ, 0); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to open %s - %lx\n", PathName, efi_status); ++ ERROR(L"Failed to open %s - %lx\n", PathName, efi_status); + goto error; + } + + fileinfo = AllocatePool(buffersize); + + if (!fileinfo) { +- Print(L"Unable to allocate file info buffer\n"); ++ ERROR(L"Unable to allocate file info buffer\n"); + efi_status = EFI_OUT_OF_RESOURCES; + goto error; + } +@@ -1113,7 +1117,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data, + FreePool(fileinfo); + fileinfo = AllocatePool(buffersize); + if (!fileinfo) { +- Print(L"Unable to allocate file info buffer\n"); ++ ERROR(L"Unable to allocate file info buffer\n"); + efi_status = EFI_OUT_OF_RESOURCES; + goto error; + } +@@ -1123,7 +1127,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data, + } + + if (efi_status != EFI_SUCCESS) { +- Print(L"Unable to get file info\n"); ++ ERROR(L"Unable to get file info\n"); + goto error; + } + +@@ -1132,7 +1136,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data, + *data = AllocatePool(buffersize); + + if (!*data) { +- Print(L"Unable to allocate file buffer\n"); ++ ERROR(L"Unable to allocate file buffer\n"); + efi_status = EFI_OUT_OF_RESOURCES; + goto error; + } +@@ -1151,7 +1155,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data, + } + + if (efi_status != EFI_SUCCESS) { +- Print(L"Unexpected return from initial read: %x, buffersize %x\n", efi_status, buffersize); ++ ERROR(L"Unexpected return from initial read: %x, buffersize %x\n", efi_status, buffersize); + goto error; + } + +@@ -1180,15 +1184,45 @@ EFI_STATUS shim_verify (void *buffer, UINT32 size) + EFI_STATUS status; + PE_COFF_LOADER_IMAGE_CONTEXT context; + +- if (!secure_mode()) +- return EFI_SUCCESS; ++ in_protocol = 1; ++ ++ if (!secure_mode()) { ++ status = EFI_SUCCESS; ++ goto done; ++ } + + status = read_header(buffer, size, &context); + + if (status != EFI_SUCCESS) +- return status; ++ goto done; + + status = verify_buffer(buffer, size, &context); ++done: ++ in_protocol = 0; ++ return status; ++} ++ ++static EFI_STATUS shim_hash (char *data, int datasize, ++ PE_COFF_LOADER_IMAGE_CONTEXT *context, ++ UINT8 *sha256hash, UINT8 *sha1hash) ++{ ++ EFI_STATUS status; ++ ++ in_protocol = 1; ++ status = generate_hash(data, datasize, context, sha256hash, sha1hash); ++ in_protocol = 0; ++ ++ return status; ++} ++ ++static EFI_STATUS shim_read_header(void *data, unsigned int datasize, ++ PE_COFF_LOADER_IMAGE_CONTEXT *context) ++{ ++ EFI_STATUS status; ++ ++ in_protocol = 1; ++ status = read_header(data, datasize, context); ++ in_protocol = 0; + + return status; + } +@@ -1216,7 +1250,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath) + &loaded_image_protocol, (void **)&li); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Unable to init protocol\n"); ++ ERROR(L"Unable to init protocol\n"); + return efi_status; + } + +@@ -1226,20 +1260,20 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath) + efi_status = generate_path(li, ImagePath, &path, &PathName); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Unable to generate path: %s\n", ImagePath); ++ ERROR(L"Unable to generate path: %s\n", ImagePath); + goto done; + } + + if (findNetboot(image_handle)) { + efi_status = parseNetbootinfo(image_handle); + if (efi_status != EFI_SUCCESS) { +- Print(L"Netboot parsing failed: %d\n", efi_status); ++ ERROR(L"Netboot parsing failed: %d\n", efi_status); + return EFI_PROTOCOL_ERROR; + } + efi_status = FetchNetbootimage(image_handle, &sourcebuffer, + &sourcesize); + if (efi_status != EFI_SUCCESS) { +- Print(L"Unable to fetch TFTP image\n"); ++ ERROR(L"Unable to fetch TFTP image\n"); + return efi_status; + } + data = sourcebuffer; +@@ -1251,7 +1285,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath) + efi_status = load_image(li, &data, &datasize, PathName); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to load image\n"); ++ ERROR(L"Failed to load image\n"); + goto done; + } + } +@@ -1268,7 +1302,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath) + efi_status = handle_image(data, datasize, li); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to load image\n"); ++ ERROR(L"Failed to load image\n"); + CopyMem(li, &li_bak, sizeof(li_bak)); + goto done; + } +@@ -1336,7 +1370,7 @@ EFI_STATUS mirror_mok_list() + | EFI_VARIABLE_RUNTIME_ACCESS, + DataSize, Data); + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to set MokListRT %d\n", efi_status); ++ ERROR(L"Failed to set MokListRT %d\n", efi_status); + } + + done: +@@ -1378,7 +1412,7 @@ EFI_STATUS check_mok_request(EFI_HANDLE image_handle) + efi_status = start_image(image_handle, MOK_MANAGER); + + if (efi_status != EFI_SUCCESS) { +- Print(L"Failed to start MokManager\n"); ++ ERROR(L"Failed to start MokManager\n"); + return efi_status; + } + } +@@ -1409,9 +1443,9 @@ static EFI_STATUS check_mok_sb (void) + * modified by the OS + */ + if (attributes & EFI_VARIABLE_RUNTIME_ACCESS) { +- Print(L"MokSBState is compromised! Clearing it\n"); ++ ERROR(L"MokSBState is compromised! Clearing it\n"); + if (LibDeleteVariable(L"MokSBState", &shim_lock_guid) != EFI_SUCCESS) { +- Print(L"Failed to erase MokSBState\n"); ++ ERROR(L"Failed to erase MokSBState\n"); + } + status = EFI_ACCESS_DENIED; + } else { +@@ -1442,7 +1476,7 @@ EFI_STATUS set_second_stage (EFI_HANDLE image_handle) + status = uefi_call_wrapper(BS->HandleProtocol, 3, image_handle, + &LoadedImageProtocol, (void **) &li); + if (status != EFI_SUCCESS) { +- Print (L"Failed to get load options\n"); ++ ERROR (L"Failed to get load options\n"); + return status; + } + +@@ -1486,7 +1520,7 @@ EFI_STATUS set_second_stage (EFI_HANDLE image_handle) + if (loader_len > 0) { + loader_str = AllocatePool((loader_len + 1) * sizeof(CHAR16)); + if (!loader_str) { +- Print(L"Failed to allocate loader string\n"); ++ ERROR(L"Failed to allocate loader string\n"); + return EFI_OUT_OF_RESOURCES; + } + for (i = 0; i < loader_len; i++) +@@ -1517,8 +1551,8 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab) + * call back in and use shim functions + */ + shim_lock_interface.Verify = shim_verify; +- shim_lock_interface.Hash = generate_hash; +- shim_lock_interface.Context = read_header; ++ shim_lock_interface.Hash = shim_hash; ++ shim_lock_interface.Context = shim_read_header; + + systab = passed_systab; + +-- +1.8.1.4 + diff --git a/shim-mokmanager-disable-gfx-console.patch b/shim-mokmanager-disable-gfx-console.patch new file mode 100644 index 0000000..58235bb --- /dev/null +++ b/shim-mokmanager-disable-gfx-console.patch @@ -0,0 +1,149 @@ +From c19cef4b4a61c82ba9a2c323659a20ec5d1d7ba2 Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Thu, 26 Sep 2013 09:44:50 -0400 +Subject: [PATCH] MokManager needs to disable the graphics console. + +Without this patch, on some machines we never see MokManager's UI. This +protocol has never (I think?) been officially published, and yet I still +have new hardware that needs it. + +If you're looking for a reference, look at: + +EdkCompatibilityPkg/Foundation/Protocol/ConsoleControl/ConsoleControl.c + +in the edk2 tree from Tiano. + +Signed-off-by: Peter Jones +--- + Makefile | 2 +- + MokManager.c | 32 ++++++++++++++++++++++++++++++++ + console_control.h | 44 ++++++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 77 insertions(+), 1 deletion(-) + create mode 100644 console_control.h + +diff --git a/Makefile b/Makefile +index 77f3e52..1e4aed8 100644 +--- a/Makefile ++++ b/Makefile +@@ -37,7 +37,7 @@ OBJS = shim.o netboot.o cert.o dbx.o + KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key + SOURCES = shim.c shim.h netboot.c signature.h PeImage.h + MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o +-MOK_SOURCES = MokManager.c shim.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h ++MOK_SOURCES = MokManager.c shim.h console_control.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h + FALLBACK_OBJS = fallback.o + FALLBACK_SRCS = fallback.c + +diff --git a/MokManager.c b/MokManager.c +index 604129f..01362f2 100644 +--- a/MokManager.c ++++ b/MokManager.c +@@ -6,6 +6,7 @@ + #include "signature.h" + #include "PeImage.h" + #include "PasswordCrypt.h" ++#include "console_control.h" + + #include "include/console.h" + #include "include/simple_file.h" +@@ -1741,6 +1742,34 @@ static EFI_STATUS check_mok_request(EFI_HANDLE image_handle) + return EFI_SUCCESS; + } + ++static VOID setup_console (int text) ++{ ++ EFI_STATUS status; ++ EFI_GUID console_control_guid = EFI_CONSOLE_CONTROL_PROTOCOL_GUID; ++ EFI_CONSOLE_CONTROL_PROTOCOL *concon; ++ static EFI_CONSOLE_CONTROL_SCREEN_MODE mode = ++ EfiConsoleControlScreenGraphics; ++ EFI_CONSOLE_CONTROL_SCREEN_MODE new_mode; ++ ++ status = LibLocateProtocol(&console_control_guid, (VOID **)&concon); ++ if (status != EFI_SUCCESS) ++ return; ++ ++ if (text) { ++ new_mode = EfiConsoleControlScreenText; ++ ++ status = uefi_call_wrapper(concon->GetMode, 4, concon, &mode, ++ 0, 0); ++ /* If that didn't work, assume it's graphics */ ++ if (status != EFI_SUCCESS) ++ mode = EfiConsoleControlScreenGraphics; ++ } else { ++ new_mode = mode; ++ } ++ ++ uefi_call_wrapper(concon->SetMode, 2, concon, new_mode); ++} ++ + static EFI_STATUS setup_rand (void) + { + EFI_TIME time; +@@ -1772,9 +1801,12 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *systab) + + InitializeLib(image_handle, systab); + ++ setup_console(1); ++ + setup_rand(); + + efi_status = check_mok_request(image_handle); + ++ setup_console(0); + return efi_status; + } +diff --git a/console_control.h b/console_control.h +new file mode 100644 +index 0000000..5fb8a4a +--- /dev/null ++++ b/console_control.h +@@ -0,0 +1,44 @@ ++#ifndef _SHIM_CONSOLE_CONTROL_H ++#define _SHIM_CONSOLE_CONTROL_H 1 ++ ++#define EFI_CONSOLE_CONTROL_PROTOCOL_GUID \ ++ { 0xf42f7782, 0x12e, 0x4c12, {0x99, 0x56, 0x49, 0xf9, 0x43, 0x4, 0xf7, 0x21} } ++ ++typedef struct _EFI_CONSOLE_CONTROL_PROTOCOL EFI_CONSOLE_CONTROL_PROTOCOL; ++ ++typedef enum { ++ EfiConsoleControlScreenText, ++ EfiConsoleControlScreenGraphics, ++ EfiConsoleControlScreenMaxValue ++} EFI_CONSOLE_CONTROL_SCREEN_MODE; ++ ++typedef ++EFI_STATUS ++(EFIAPI *EFI_CONSOLE_CONTROL_PROTOCOL_GET_MODE) ( ++ IN EFI_CONSOLE_CONTROL_PROTOCOL *This, ++ OUT EFI_CONSOLE_CONTROL_SCREEN_MODE *Mode, ++ OUT BOOLEAN *GopUgaExists, OPTIONAL ++ OUT BOOLEAN *StdInLocked OPTIONAL ++ ); ++ ++typedef ++EFI_STATUS ++(EFIAPI *EFI_CONSOLE_CONTROL_PROTOCOL_SET_MODE) ( ++ IN EFI_CONSOLE_CONTROL_PROTOCOL *This, ++ IN EFI_CONSOLE_CONTROL_SCREEN_MODE Mode ++ ); ++ ++typedef ++EFI_STATUS ++(EFIAPI *EFI_CONSOLE_CONTROL_PROTOCOL_LOCK_STD_IN) ( ++ IN EFI_CONSOLE_CONTROL_PROTOCOL *This, ++ IN CHAR16 *Password ++ ); ++ ++struct _EFI_CONSOLE_CONTROL_PROTOCOL { ++ EFI_CONSOLE_CONTROL_PROTOCOL_GET_MODE GetMode; ++ EFI_CONSOLE_CONTROL_PROTOCOL_SET_MODE SetMode; ++ EFI_CONSOLE_CONTROL_PROTOCOL_LOCK_STD_IN LockStdIn; ++}; ++ ++#endif /* _SHIM_CONSOLE_CONTROL_H */ +-- +1.8.1.4 + diff --git a/shim-netboot-fixes.patch b/shim-netboot-fixes.patch new file mode 100644 index 0000000..ebf05ea --- /dev/null +++ b/shim-netboot-fixes.patch @@ -0,0 +1,370 @@ +From 6bd858269e91b3966c569f5d18a6fd3932b65112 Mon Sep 17 00:00:00 2001 +From: Steve Langasek +Date: Fri, 20 Sep 2013 11:29:23 -0500 +Subject: [PATCH 1/7] Pass the right arguments to + EFI_PXE_BASE_CODE_TFTP_READ_FILE + +A wrong pointer was being passed to EFI_PXE_BASE_CODE_TFTP_READ_FILE, +preventing us from getting the file size back from the tftp call, ensuring +that we don't have enough information to properly secureboot-validate the +retrieved image. +--- + netboot.c | 4 ++-- + shim.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/netboot.c b/netboot.c +index d569048..f7a6a1a 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -328,7 +328,7 @@ EFI_STATUS parseNetbootinfo(EFI_HANDLE image_handle) + return rc; + } + +-EFI_STATUS FetchNetbootimage(EFI_HANDLE image_handle, VOID **buffer, UINTN *bufsiz) ++EFI_STATUS FetchNetbootimage(EFI_HANDLE image_handle, VOID **buffer, UINT64 *bufsiz) + { + EFI_STATUS rc; + EFI_PXE_BASE_CODE_TFTP_OPCODE read = EFI_PXE_BASE_CODE_TFTP_READ_FILE; +@@ -346,7 +346,7 @@ EFI_STATUS FetchNetbootimage(EFI_HANDLE image_handle, VOID **buffer, UINTN *bufs + + try_again: + rc = uefi_call_wrapper(pxe->Mtftp, 10, pxe, read, *buffer, overwrite, +- &bufsiz, &blksz, &tftp_addr, full_path, NULL, nobuffer); ++ bufsiz, &blksz, &tftp_addr, full_path, NULL, nobuffer); + + if (rc == EFI_BUFFER_TOO_SMALL) { + /* try again, doubling buf size */ +diff --git a/shim.c b/shim.c +index 47e3812..c1bb85f 100644 +--- a/shim.c ++++ b/shim.c +@@ -1193,7 +1193,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath) + EFI_DEVICE_PATH *path; + CHAR16 *PathName = NULL; + void *sourcebuffer = NULL; +- UINTN sourcesize = 0; ++ UINT64 sourcesize = 0; + void *data = NULL; + int datasize; + +-- +1.8.1.4 + + +From b1fa932c45038fbe280420b88f0103610fff48aa Mon Sep 17 00:00:00 2001 +From: Steve Langasek +Date: Fri, 20 Sep 2013 13:03:57 -0500 +Subject: [PATCH 2/7] Fix nul termination errors in filenames passed to tftp + +Fix various errors in the tftp string handling, to ensure we always have +properly nul-terminated strings. +--- + netboot.c | 39 ++++++++++++++++----------------------- + 1 file changed, 16 insertions(+), 23 deletions(-) + +diff --git a/netboot.c b/netboot.c +index f7a6a1a..b31e71c 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -54,7 +54,7 @@ static inline unsigned short int __swap16(unsigned short int x) + + static EFI_PXE_BASE_CODE *pxe; + static EFI_IP_ADDRESS tftp_addr; +-static char *full_path; ++static UINT8 *full_path; + + + typedef struct { +@@ -112,7 +112,7 @@ try_again: + for (i=0; i < (bs / sizeof(EFI_HANDLE)); i++) { + status = uefi_call_wrapper(BS->OpenProtocol, 6, hbuf[i], + &pxe_base_code_protocol, +- &pxe, image_handle, NULL, ++ (void **)&pxe, image_handle, NULL, + EFI_OPEN_PROTOCOL_GET_PROTOCOL); + + if (status != EFI_SUCCESS) { +@@ -228,15 +228,15 @@ static UINT8 *str2ip6(char *str) + + static BOOLEAN extract_tftp_info(char *url) + { +- char *start, *end; ++ CHAR8 *start, *end; + char ip6str[128]; +- char *template = DEFAULT_LOADER; ++ CHAR8 *template = (CHAR8 *)DEFAULT_LOADER; + + if (strncmp((UINT8 *)url, (UINT8 *)"tftp://", 7)) { + Print(L"URLS MUST START WITH tftp://\n"); + return FALSE; + } +- start = url + 7; ++ start = (CHAR8 *)url + 7; + if (*start != '[') { + Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); + return FALSE; +@@ -251,21 +251,19 @@ static BOOLEAN extract_tftp_info(char *url) + Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); + return FALSE; + } +- *end = '\0'; + memset(ip6str, 0, 128); +- memcpy(ip6str, start, strlen((UINT8 *)start)); +- *end = ']'; ++ memcpy(ip6str, start, end + 1 - start); + end++; + memcpy(&tftp_addr.v6, str2ip6(ip6str), 16); +- full_path = AllocatePool(strlen((UINT8 *)end)+strlen((UINT8 *)template)+1); ++ full_path = AllocateZeroPool(strlen(end)+strlen(template)+1); + if (!full_path) + return FALSE; +- memset(full_path, 0, strlen((UINT8 *)end)+strlen((UINT8 *)template)); +- memcpy(full_path, end, strlen((UINT8 *)end)); +- end = strrchr(full_path, '/'); ++ memcpy(full_path, end, strlen(end)); ++ end = (CHAR8 *)strrchr((char *)full_path, '/'); + if (!end) +- end = full_path; +- memcpy(end, template, strlen((UINT8 *)template)); ++ end = (CHAR8 *)full_path; ++ memcpy(end, template, strlen(template)); ++ end[strlen(template)] = '\0'; + + return TRUE; + } +@@ -286,20 +284,15 @@ static EFI_STATUS parseDhcp6() + + static EFI_STATUS parseDhcp4() + { +- char *template = DEFAULT_LOADER; +- char *tmp; +- int len = strlen((CHAR8 *)template); ++ CHAR8 *template = (CHAR8 *)DEFAULT_LOADER; ++ full_path = AllocateZeroPool(strlen(template)+1); + +- tmp = AllocatePool(len+1); +- +- if (!tmp) ++ if (!full_path) + return EFI_OUT_OF_RESOURCES; + +- + memcpy(&tftp_addr.v4, pxe->Mode->DhcpAck.Dhcpv4.BootpSiAddr, 4); + +- memcpy(tmp, template, len+1); +- full_path = tmp; ++ memcpy(full_path, template, strlen(template)); + + /* Note we don't capture the filename option here because we know its shim.efi + * We instead assume the filename at the end of the path is going to be grubx64.efi +-- +1.8.1.4 + + +From a68d8233dcc76094813e5c235a80fb6c7ec6ad7c Mon Sep 17 00:00:00 2001 +From: Steve Langasek +Date: Fri, 20 Sep 2013 17:06:33 -0500 +Subject: [PATCH 3/7] Fix an off-by-one error + +We don't need to add one because our end pointer is already off the end of +the string we want to copy. +--- + netboot.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/netboot.c b/netboot.c +index b31e71c..15dbdf7 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -252,7 +252,7 @@ static BOOLEAN extract_tftp_info(char *url) + return FALSE; + } + memset(ip6str, 0, 128); +- memcpy(ip6str, start, end + 1 - start); ++ memcpy(ip6str, start, end - start); + end++; + memcpy(&tftp_addr.v6, str2ip6(ip6str), 16); + full_path = AllocateZeroPool(strlen(end)+strlen(template)+1); +-- +1.8.1.4 + + +From bbaa1df5dcc6570dc29544dbcc00353f925a1128 Mon Sep 17 00:00:00 2001 +From: Steve Langasek +Date: Sun, 22 Sep 2013 22:21:49 -0700 +Subject: [PATCH 4/7] Misc allocation cleanups + +--- + netboot.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/netboot.c b/netboot.c +index 15dbdf7..c81e28e 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -160,10 +160,9 @@ static char *get_v6_bootfile_url(EFI_PXE_BASE_CODE_DHCPV6_PACKET *pkt) + if (ntohs(option->OpCode) == 59) { + /* This is the bootfile url option */ + urllen = ntohs(option->Length); +- url = AllocatePool(urllen+2); ++ url = AllocateZeroPool(urllen+1); + if (!url) + return NULL; +- memset(url, 0, urllen+2); + memcpy(url, option->Data, urllen); + return url; + } +@@ -275,10 +274,13 @@ static EFI_STATUS parseDhcp6() + + + bootfile_url = get_v6_bootfile_url(packet); +- if (extract_tftp_info(bootfile_url) == FALSE) +- return EFI_NOT_FOUND; + if (!bootfile_url) + return EFI_NOT_FOUND; ++ if (extract_tftp_info(bootfile_url) == FALSE) { ++ FreePool(bootfile_url); ++ return EFI_NOT_FOUND; ++ } ++ FreePool(bootfile_url); + return EFI_SUCCESS; + } + +-- +1.8.1.4 + + +From 4b1e7425479a111553f1055757429249bc389d28 Mon Sep 17 00:00:00 2001 +From: Steve Langasek +Date: Sun, 22 Sep 2013 22:25:47 -0700 +Subject: [PATCH 5/7] More consistent types, fewer casts + +--- + netboot.c | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +diff --git a/netboot.c b/netboot.c +index c81e28e..dab1f5c 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -142,11 +142,11 @@ try_again: + return rc; + } + +-static char *get_v6_bootfile_url(EFI_PXE_BASE_CODE_DHCPV6_PACKET *pkt) ++static CHAR8 *get_v6_bootfile_url(EFI_PXE_BASE_CODE_DHCPV6_PACKET *pkt) + { + void *optr; + EFI_DHCP6_PACKET_OPTION *option; +- char *url; ++ CHAR8 *url; + UINT32 urllen; + + optr = pkt->DhcpOptions; +@@ -225,7 +225,7 @@ static UINT8 *str2ip6(char *str) + return (UINT8 *)ip; + } + +-static BOOLEAN extract_tftp_info(char *url) ++static BOOLEAN extract_tftp_info(CHAR8 *url) + { + CHAR8 *start, *end; + char ip6str[128]; +@@ -235,7 +235,7 @@ static BOOLEAN extract_tftp_info(char *url) + Print(L"URLS MUST START WITH tftp://\n"); + return FALSE; + } +- start = (CHAR8 *)url + 7; ++ start = url + 7; + if (*start != '[') { + Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); + return FALSE; +@@ -270,8 +270,7 @@ static BOOLEAN extract_tftp_info(char *url) + static EFI_STATUS parseDhcp6() + { + EFI_PXE_BASE_CODE_DHCPV6_PACKET *packet = (EFI_PXE_BASE_CODE_DHCPV6_PACKET *)&pxe->Mode->DhcpAck.Raw; +- char *bootfile_url; +- ++ CHAR8 *bootfile_url; + + bootfile_url = get_v6_bootfile_url(packet); + if (!bootfile_url) +-- +1.8.1.4 + + +From 12cd90c232301efe7d262a33c471a6af1282ae03 Mon Sep 17 00:00:00 2001 +From: Steve Langasek +Date: Sun, 22 Sep 2013 22:45:26 -0700 +Subject: [PATCH 6/7] Correct limits on the length of ipv6 addresses + +The maximum length of a string representation of an ipv6 address is 39 +characters (8 groups of 4 hex chars, with 7 colons in between). So don't +allocate more room than this - and more importantly, don't blindly accept +strings from the server that are longer than our buffer... +--- + netboot.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/netboot.c b/netboot.c +index dab1f5c..61777a2 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -228,7 +228,7 @@ static UINT8 *str2ip6(char *str) + static BOOLEAN extract_tftp_info(CHAR8 *url) + { + CHAR8 *start, *end; +- char ip6str[128]; ++ char ip6str[40]; + CHAR8 *template = (CHAR8 *)DEFAULT_LOADER; + + if (strncmp((UINT8 *)url, (UINT8 *)"tftp://", 7)) { +@@ -245,12 +245,16 @@ static BOOLEAN extract_tftp_info(CHAR8 *url) + end = start; + while ((*end != '\0') && (*end != ']')) { + end++; ++ if (end - start > 39) { ++ Print(L"TFTP URL includes malformed IPv6 address\n"); ++ return FALSE; ++ } + } + if (end == '\0') { + Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); + return FALSE; + } +- memset(ip6str, 0, 128); ++ memset(ip6str, 0, 40); + memcpy(ip6str, start, end - start); + end++; + memcpy(&tftp_addr.v6, str2ip6(ip6str), 16); +-- +1.8.1.4 + + +From 0c3bd9d9ea5261cfdf5c1d6feb2f42d17ba4ca8a Mon Sep 17 00:00:00 2001 +From: Steve Langasek +Date: Sun, 22 Sep 2013 23:11:26 -0700 +Subject: [PATCH 7/7] Fix a memory leak + +--- + netboot.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/netboot.c b/netboot.c +index 61777a2..927445d 100644 +--- a/netboot.c ++++ b/netboot.c +@@ -356,6 +356,8 @@ try_again: + goto try_again; + } + ++ if (rc != EFI_SUCCESS && *buffer) { ++ FreePool(*buffer); ++ } + return rc; +- + } +-- +1.8.1.4 + diff --git a/shim.changes b/shim.changes index af8cd95..b5b463c 100644 --- a/shim.changes +++ b/shim.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue Oct 1 04:29:29 UTC 2013 - glin@suse.com + +- Add shim-netboot-fixes.patch to include upstream netboot fixes +- Add shim-mokmanager-disable-gfx-console.patch to disable the + graphics console to avoid system hang on some machines +- Add shim-bnc841426-silence-shim-protocols.patch to silence the + shim protocols (bnc#841426) + ------------------------------------------------------------------- Wed Sep 25 07:17:54 UTC 2013 - glin@suse.com diff --git a/shim.spec b/shim.spec index c599c72..c8d8f20 100644 --- a/shim.spec +++ b/shim.spec @@ -58,6 +58,12 @@ Patch7: shim-bnc807760-change-pxe-2nd-loader-name.patch Patch8: shim-bnc808106-correct-certcount.patch # PATCH-FIX-UPSTREAM shim-mokmanager-ui-revamp.patch glin@suse.com -- Revamp the MokManager UI Patch9: shim-mokmanager-ui-revamp.patch +# PATCH-FIX-UPSTREAM shim-netboot-fixes.patch glin@suse.com -- Upstream netboot fixes +Patch10: shim-netboot-fixes.patch +# PATCH-FIX-UPSTREAM shim-mokmanager-disable-gfx-console.patch glin@suse.com -- Disable graphics console to avoid system hang on some machines +Patch11: shim-mokmanager-disable-gfx-console.patch +# PATCH-FIX-UPSTREAM shim-bnc841426-silence-shim-protocols.patch bnc#841426 glin@suse.com -- Silence the shim protocols to avoid system hang +Patch12: shim-bnc841426-silence-shim-protocols.patch BuildRequires: gnu-efi >= 3.0t BuildRequires: mozilla-nss-tools BuildRequires: openssl >= 0.9.8 @@ -90,6 +96,9 @@ Authors: %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 %build chmod +x "make-certs"