diff --git a/shim-15.6.tar.bz2 b/shim-15.6.tar.bz2 deleted file mode 100644 index 67dfd30..0000000 --- a/shim-15.6.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:eab91644a3efe91a666399f5d8eb3eed0e04d04f79d4b6c0b278ef7747a239a5 -size 1343748 diff --git a/shim-15.7.tar.bz2 b/shim-15.7.tar.bz2 new file mode 100644 index 0000000..9c5c79e --- /dev/null +++ b/shim-15.7.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:87cdeb190e5c7fe441769dde11a1b507ed7328e70a178cd9858c7ac7065cfade +size 1334863 diff --git a/shim-Enable-TDX-measurement-to-RTMR-register.patch b/shim-Enable-TDX-measurement-to-RTMR-register.patch deleted file mode 100644 index 2436253..0000000 --- a/shim-Enable-TDX-measurement-to-RTMR-register.patch +++ /dev/null @@ -1,240 +0,0 @@ -From 4fd484e4c29364b4fdf4d043556fa0a210c5fdfc Mon Sep 17 00:00:00 2001 -From: Lu Ken -Date: Sun, 22 May 2022 16:02:20 +0800 -Subject: [PATCH] Enable TDX measurement to RTMR register - -Intel Trust Domain Extensions (Intel TDX) extends Virtual Machine -Extensions (VMX) and Multi-Key Total Memory Encryption (MK-TME) with a -new kind of virtual machine guest called a Trust Domain(TD)[1]. A TD -runs in a CPU mode that is designed to protect the confidentiality of -its memory contents and its CPU state from any other software, including -the hosting Virtual Machine Monitor (VMM). - -Trust Domain Virtual Firmware (TDVF) is required to provide Intel TDX -implementation and service for EFI_CC_MEASUREMENT_PROTOCOL[2]. The bugzilla -for TDVF is at https://bugzilla.tianocore.org/show_bug.cgi?id=3625. - -To support CC measurement/attestation with Intel TDX technology, these 4 -RTMR registers will be extended by TDX service like TPM/TPM2 PCR: - -- RTMR[0] for TDVF configuration -- RTMR[1] for the TD OS loader and kernel -- RTMR[2] for the OS application -- RTMR[3] reserved for special usage only - -Add a TDX Implementation for CC Measurement protocol along with -TPM/TPM2 protocol. - -References: -[1] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-whitepaper-v4.pdf -[2] https://software.intel.com/content/dam/develop/external/us/en/documents/tdx-virtual-firmware-design-guide-rev-1.pdf -[3] https://software.intel.com/content/dam/develop/external/us/en/documents/intel-tdx-guest-hypervisor-communication-interface-1.0-344426-002.pdf - -Signed-off-by: Lu Ken -[rharwood: style pass on code and commit message] -Signed-off-by: Robbie Harwood ---- - include/cc.h | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++ - include/guid.h | 1 + - lib/guid.c | 1 + - shim.h | 1 + - tpm.c | 48 ++++++++++++++++++++++++++++ - 5 files changed, 136 insertions(+) - create mode 100644 include/cc.h - -diff --git a/include/cc.h b/include/cc.h -new file mode 100644 -index 0000000..8b12720 ---- /dev/null -+++ b/include/cc.h -@@ -0,0 +1,85 @@ -+// SPDX-License-Identifier: BSD-2-Clause-Patent -+ -+#ifndef SHIM_CC_H -+#define SHIM_CC_H -+ -+typedef struct { -+ uint8_t Major; -+ uint8_t Minor; -+} EFI_CC_VERSION; -+ -+#define EFI_CC_TYPE_NONE 0 -+#define EFI_CC_TYPE_SEV 1 -+#define EFI_CC_TYPE_TDX 2 -+ -+typedef struct { -+ uint8_t Type; -+ uint8_t SubType; -+} EFI_CC_TYPE; -+ -+typedef uint32_t EFI_CC_EVENT_LOG_BITMAP; -+typedef uint32_t EFI_CC_EVENT_LOG_FORMAT; -+typedef uint32_t EFI_CC_EVENT_ALGORITHM_BITMAP; -+typedef uint32_t EFI_CC_MR_INDEX; -+ -+#define TDX_MR_INDEX_MRTD 0 -+#define TDX_MR_INDEX_RTMR0 1 -+#define TDX_MR_INDEX_RTMR1 2 -+#define TDX_MR_INDEX_RTMR2 3 -+#define TDX_MR_INDEX_RTMR3 4 -+ -+#define EFI_CC_EVENT_LOG_FORMAT_TCG_2 0x00000002 -+#define EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004 -+#define EFI_CC_EVENT_HEADER_VERSION 1 -+ -+typedef struct tdEFI_CC_EVENT_HEADER { -+ uint32_t HeaderSize; -+ uint16_t HeaderVersion; -+ EFI_CC_MR_INDEX MrIndex; -+ uint32_t EventType; -+} __attribute__((packed)) EFI_CC_EVENT_HEADER; -+ -+typedef struct tdEFI_CC_EVENT { -+ uint32_t Size; -+ EFI_CC_EVENT_HEADER Header; -+ uint8_t Event[1]; -+} __attribute__((packed)) EFI_CC_EVENT; -+ -+typedef struct tdEFI_CC_BOOT_SERVICE_CAPABILITY { -+ uint8_t Size; -+ EFI_CC_VERSION StructureVersion; -+ EFI_CC_VERSION ProtocolVersion; -+ EFI_CC_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap; -+ EFI_CC_EVENT_LOG_BITMAP SupportedEventLogs; -+ EFI_CC_TYPE CcType; -+} EFI_CC_BOOT_SERVICE_CAPABILITY; -+ -+struct efi_cc_protocol -+{ -+ EFI_STATUS (EFIAPI *get_capability) ( -+ struct efi_cc_protocol *this, -+ EFI_CC_BOOT_SERVICE_CAPABILITY *ProtocolCapability); -+ EFI_STATUS (EFIAPI *get_event_log) ( -+ struct efi_cc_protocol *this, -+ EFI_CC_EVENT_LOG_FORMAT EventLogFormat, -+ EFI_PHYSICAL_ADDRESS *EventLogLocation, -+ EFI_PHYSICAL_ADDRESS *EventLogLastEntry, -+ BOOLEAN *EventLogTruncated); -+ EFI_STATUS (EFIAPI *hash_log_extend_event) ( -+ struct efi_cc_protocol *this, -+ uint64_t Flags, -+ EFI_PHYSICAL_ADDRESS DataToHash, -+ uint64_t DataToHashLen, -+ EFI_CC_EVENT *EfiCcEvent); -+ EFI_STATUS (EFIAPI *map_pcr_to_mr_index) ( -+ struct efi_cc_protocol *this, -+ uint32_t PcrIndex, -+ EFI_CC_MR_INDEX *MrIndex); -+}; -+ -+typedef struct efi_cc_protocol efi_cc_protocol_t; -+ -+#define EFI_CC_FLAG_PE_COFF_IMAGE 0x0000000000000010 -+ -+#endif /* SHIM_CC_H */ -+// vim:fenc=utf-8:tw=75 -diff --git a/include/guid.h b/include/guid.h -index d9910ff..dad63f0 100644 ---- a/include/guid.h -+++ b/include/guid.h -@@ -29,6 +29,7 @@ extern EFI_GUID EFI_IP6_CONFIG_GUID; - extern EFI_GUID EFI_LOADED_IMAGE_GUID; - extern EFI_GUID EFI_TPM_GUID; - extern EFI_GUID EFI_TPM2_GUID; -+extern EFI_GUID EFI_CC_MEASUREMENT_PROTOCOL_GUID; - extern EFI_GUID EFI_SECURE_BOOT_DB_GUID; - extern EFI_GUID EFI_SIMPLE_FILE_SYSTEM_GUID; - extern EFI_GUID SECURITY_PROTOCOL_GUID; -diff --git a/lib/guid.c b/lib/guid.c -index e100c92..904629e 100644 ---- a/lib/guid.c -+++ b/lib/guid.c -@@ -28,6 +28,7 @@ EFI_GUID EFI_IP6_CONFIG_GUID = { 0x937fe521, 0x95ae, 0x4d1a, {0x89, 0x29, 0x48, - EFI_GUID EFI_LOADED_IMAGE_GUID = EFI_LOADED_IMAGE_PROTOCOL_GUID; - EFI_GUID EFI_TPM_GUID = { 0xf541796d, 0xa62e, 0x4954, {0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd } }; - EFI_GUID EFI_TPM2_GUID = { 0x607f766c, 0x7455, 0x42be, {0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f } }; -+EFI_GUID EFI_CC_MEASUREMENT_PROTOCOL_GUID = { 0x96751a3d, 0x72f4, 0x41a6, {0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b } }; - EFI_GUID EFI_SECURE_BOOT_DB_GUID = { 0xd719b2cb, 0x3d3a, 0x4596, { 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f } }; - EFI_GUID EFI_SIMPLE_FILE_SYSTEM_GUID = SIMPLE_FILE_SYSTEM_PROTOCOL; - EFI_GUID SECURITY_PROTOCOL_GUID = { 0xA46423E3, 0x4617, 0x49f1, {0xB9, 0xFF, 0xD1, 0xBF, 0xA9, 0x11, 0x58, 0x39 } }; -diff --git a/shim.h b/shim.h -index 7e9d10e..14824c6 100644 ---- a/shim.h -+++ b/shim.h -@@ -186,6 +186,7 @@ - #include "include/simple_file.h" - #include "include/str.h" - #include "include/tpm.h" -+#include "include/cc.h" - #include "include/ucs2.h" - #include "include/variables.h" - #include "include/hexdump.h" -diff --git a/tpm.c b/tpm.c -index 41f3665..388f8d1 100644 ---- a/tpm.c -+++ b/tpm.c -@@ -108,6 +108,45 @@ static EFI_STATUS tpm_locate_protocol(efi_tpm_protocol_t **tpm, - return EFI_NOT_FOUND; - } - -+static EFI_STATUS cc_log_event_raw(EFI_PHYSICAL_ADDRESS buf, UINTN size, -+ UINT8 pcr, const CHAR8 *log, UINTN logsize, -+ UINT32 type, BOOLEAN is_pe_image) -+{ -+ EFI_STATUS efi_status; -+ EFI_CC_EVENT *event; -+ efi_cc_protocol_t *cc; -+ EFI_CC_MR_INDEX mr; -+ uint64_t flags = is_pe_image ? EFI_CC_FLAG_PE_COFF_IMAGE : 0; -+ -+ efi_status = LibLocateProtocol(&EFI_CC_MEASUREMENT_PROTOCOL_GUID, -+ (VOID **)&cc); -+ if (EFI_ERROR(efi_status) || !cc) -+ return EFI_SUCCESS; -+ -+ efi_status = cc->map_pcr_to_mr_index(cc, pcr, &mr); -+ if (EFI_ERROR(efi_status)) -+ return EFI_NOT_FOUND; -+ -+ UINTN event_size = sizeof(*event) - sizeof(event->Event) + logsize; -+ -+ event = AllocatePool(event_size); -+ if (!event) { -+ perror(L"Unable to allocate event structure\n"); -+ return EFI_OUT_OF_RESOURCES; -+ } -+ -+ event->Header.HeaderSize = sizeof(EFI_CC_EVENT_HEADER); -+ event->Header.HeaderVersion = EFI_CC_EVENT_HEADER_VERSION; -+ event->Header.MrIndex = mr; -+ event->Header.EventType = type; -+ event->Size = event_size; -+ CopyMem(event->Event, (VOID *)log, logsize); -+ efi_status = cc->hash_log_extend_event(cc, flags, buf, (UINT64)size, -+ event); -+ FreePool(event); -+ return efi_status; -+} -+ - static EFI_STATUS tpm_log_event_raw(EFI_PHYSICAL_ADDRESS buf, UINTN size, - UINT8 pcr, const CHAR8 *log, UINTN logsize, - UINT32 type, CHAR8 *hash) -@@ -118,6 +157,15 @@ static EFI_STATUS tpm_log_event_raw(EFI_PHYSICAL_ADDRESS buf, UINTN size, - BOOLEAN old_caps; - EFI_TCG2_BOOT_SERVICE_CAPABILITY caps; - -+ /* CC guest like TDX or SEV will measure the buffer and log the event, -+ extend the result into a specific CC MR like TCG's PCR. It could -+ coexists with TCG's TPM 1.2 and TPM 2. -+ */ -+ efi_status = cc_log_event_raw(buf, size, pcr, log, logsize, type, -+ (hash != NULL)); -+ if (EFI_ERROR(efi_status)) -+ return efi_status; -+ - efi_status = tpm_locate_protocol(&tpm, &tpm2, &old_caps, &caps); - if (EFI_ERROR(efi_status)) { - #ifdef REQUIRE_TPM --- -2.35.3 - diff --git a/shim-bsc1177789-fix-null-pointer-deref-AuthenticodeVerify.patch b/shim-bsc1177789-fix-null-pointer-deref-AuthenticodeVerify.patch deleted file mode 100644 index 4b2a1d8..0000000 --- a/shim-bsc1177789-fix-null-pointer-deref-AuthenticodeVerify.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 928984f771e27d0a64def166bbc5137ce1859fe8 Mon Sep 17 00:00:00 2001 -From: Gary Lin -Date: Fri, 16 Oct 2020 15:24:44 +0800 -Subject: [PATCH] Cryptlib/CryptAuthenticode: fix NULL pointer dereference in - AuthenticodeVerify() - -Merge the fix from edk2 upstream: -https://bugzilla.tianocore.org/show_bug.cgi?id=1914 -https://edk2.groups.io/g/devel/message/66309 - -Signed-off-by: Gary Lin ---- - Cryptlib/Pk/CryptAuthenticode.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Cryptlib/Pk/CryptAuthenticode.c b/Cryptlib/Pk/CryptAuthenticode.c -index 74e50a2..faa1efd 100644 ---- a/Cryptlib/Pk/CryptAuthenticode.c -+++ b/Cryptlib/Pk/CryptAuthenticode.c -@@ -106,7 +106,7 @@ AuthenticodeVerify ( - // - // Check if it's PKCS#7 Signed Data (for Authenticode Scenario) - // -- if (!PKCS7_type_is_signed (Pkcs7)) { -+ if (!PKCS7_type_is_signed (Pkcs7) || PKCS7_get_detached (Pkcs7)) { - goto _Exit; - } - --- -2.28.0 - diff --git a/shim-jscPED-127-upgrade-shim-in-SLE15-SP5.patch b/shim-jscPED-127-upgrade-shim-in-SLE15-SP5.patch deleted file mode 100644 index a80223e..0000000 --- a/shim-jscPED-127-upgrade-shim-in-SLE15-SP5.patch +++ /dev/null @@ -1,672 +0,0 @@ -From 0eb07e11b20680200d3ce9c5bc59299121a75388 Mon Sep 17 00:00:00 2001 -From: Chris Coulson -Date: Tue, 31 May 2022 22:21:26 +0100 -Subject: [PATCH 01/12] Make SBAT variable payload introspectable - -Given a set of EFI variables and boot assets, it should be possible -to compute what the value of PCR 7 will be on the next boot. - -As shim manages the contents of the SbatLevel variable and this is -measured to PCR 7, export the payloads that shim contains in a new -COFF section (.sbatlevel) so that it can be introspected by code -outside of shim. - -The new section works a bit like .vendor_cert - it contains a header -and then the payload. In this case, the header contains no size fields -because the strings are NULL terminated. Shim uses this new section -internally in set_sbat_uefi_variable. - -The .sbatlevel section starts with a 4 byte version field which is -not used by shim but may be useful for external auditors if the -format of the section contents change in the future. - -Signed-off-by: Chris Coulson ---- - Makefile | 7 ++++--- - elf_aarch64_efi.lds | 4 ++++ - elf_ia32_efi.lds | 4 ++++ - elf_ia64_efi.lds | 4 ++++ - elf_x86_64_efi.lds | 4 ++++ - include/sbat.h | 32 -------------------------------- - include/sbat_var_defs.h | 38 ++++++++++++++++++++++++++++++++++++++ - include/test.mk | 2 +- - sbat.c | 21 ++++++++++++++++----- - sbat_var.S | 20 ++++++++++++++++++++ - shim.h | 1 + - 11 files changed, 96 insertions(+), 41 deletions(-) - create mode 100644 include/sbat_var_defs.h - create mode 100644 sbat_var.S - -diff --git a/Makefile b/Makefile -index 24ac314..866611c 100644 ---- a/Makefile -+++ b/Makefile -@@ -38,9 +38,9 @@ CFLAGS += -DENABLE_SHIM_CERT - else - TARGETS += $(MMNAME) $(FBNAME) - endif --OBJS = shim.o globals.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o pe.o httpboot.o csv.o load-options.o -+OBJS = shim.o globals.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o sbat_var.o pe.o httpboot.o csv.o load-options.o - KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer --ORIG_SOURCES = shim.c globals.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h) cert.S -+ORIG_SOURCES = shim.c globals.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h) cert.S sbat_var.S - MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o errlog.o sbat_data.o globals.o - ORIG_MOK_SOURCES = MokManager.c PasswordCrypt.c crypt_blowfish.c shim.h $(wildcard include/*.h) - FALLBACK_OBJS = fallback.o tpm.o errlog.o sbat_data.o globals.o -@@ -253,7 +253,7 @@ endif - $(OBJCOPY) -D -j .text -j .sdata -j .data -j .data.ident \ - -j .dynamic -j .rodata -j .rel* \ - -j .rela* -j .dyn -j .reloc -j .eh_frame \ -- -j .vendor_cert -j .sbat \ -+ -j .vendor_cert -j .sbat -j .sbatlevel \ - $(FORMAT) $< $@ - ./post-process-pe -vv $@ - -@@ -269,6 +269,7 @@ endif - $(OBJCOPY) -D -j .text -j .sdata -j .data \ - -j .dynamic -j .rodata -j .rel* \ - -j .rela* -j .dyn -j .reloc -j .eh_frame -j .sbat \ -+ -j .sbatlevel \ - -j .debug_info -j .debug_abbrev -j .debug_aranges \ - -j .debug_line -j .debug_str -j .debug_ranges \ - -j .note.gnu.build-id \ -diff --git a/elf_aarch64_efi.lds b/elf_aarch64_efi.lds -index 60c55ba..0861f5e 100644 ---- a/elf_aarch64_efi.lds -+++ b/elf_aarch64_efi.lds -@@ -34,6 +34,10 @@ SECTIONS - .data.ident : { - *(.data.ident) - } -+ . = ALIGN(4096); -+ .sbatlevel : { -+ *(.sbatlevel) -+ } - - . = ALIGN(4096); - .data : -diff --git a/elf_ia32_efi.lds b/elf_ia32_efi.lds -index 497a3a1..e8da91b 100644 ---- a/elf_ia32_efi.lds -+++ b/elf_ia32_efi.lds -@@ -28,6 +28,10 @@ SECTIONS - .data.ident : { - *(.data.ident) - } -+ . = ALIGN(4096); -+ .sbatlevel : { -+ *(.sbatlevel) -+ } - - . = ALIGN(4096); - .data : -diff --git a/elf_ia64_efi.lds b/elf_ia64_efi.lds -index 2669b85..a219560 100644 ---- a/elf_ia64_efi.lds -+++ b/elf_ia64_efi.lds -@@ -34,6 +34,10 @@ SECTIONS - .data.ident : { - *(.data.ident) - } -+ . = ALIGN(4096); -+ .sbatlevel : { -+ *(.sbatlevel) -+ } - - . = ALIGN(4096); - .data : -diff --git a/elf_x86_64_efi.lds b/elf_x86_64_efi.lds -index bcc6527..39aff6b 100644 ---- a/elf_x86_64_efi.lds -+++ b/elf_x86_64_efi.lds -@@ -35,6 +35,10 @@ SECTIONS - .data.ident : { - *(.data.ident) - } -+ . = ALIGN(4096); -+ .sbatlevel : { -+ *(.sbatlevel) -+ } - - . = ALIGN(4096); - .data : -diff --git a/include/sbat.h b/include/sbat.h -index aca4359..c94c4fb 100644 ---- a/include/sbat.h -+++ b/include/sbat.h -@@ -6,38 +6,6 @@ - #ifndef SBAT_H_ - #define SBAT_H_ - --#define SBAT_VAR_SIG "sbat," --#define SBAT_VAR_VERSION "1," --#define SBAT_VAR_ORIGINAL_DATE "2021030218" --#define SBAT_VAR_ORIGINAL \ -- SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_ORIGINAL_DATE "\n" -- --#if defined(ENABLE_SHIM_DEVEL) --#define SBAT_VAR_PREVIOUS_DATE "2022020101" --#define SBAT_VAR_PREVIOUS_REVOCATIONS "component,2\n" --#define SBAT_VAR_PREVIOUS \ -- SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ -- SBAT_VAR_PREVIOUS_REVOCATIONS -- --#define SBAT_VAR_LATEST_DATE "2022050100" --#define SBAT_VAR_LATEST_REVOCATIONS "component,2\nothercomponent,2\n" --#define SBAT_VAR_LATEST \ -- SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ -- SBAT_VAR_LATEST_REVOCATIONS --#else /* !ENABLE_SHIM_DEVEL */ --#define SBAT_VAR_PREVIOUS_DATE SBAT_VAR_ORIGINAL_DATE --#define SBAT_VAR_PREVIOUS_REVOCATIONS --#define SBAT_VAR_PREVIOUS \ -- SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ -- SBAT_VAR_PREVIOUS_REVOCATIONS -- --#define SBAT_VAR_LATEST_DATE "2022052400" --#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,2\n" --#define SBAT_VAR_LATEST \ -- SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ -- SBAT_VAR_LATEST_REVOCATIONS --#endif /* ENABLE_SHIM_DEVEL */ -- - #define UEFI_VAR_NV_BS \ - (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS) - #define UEFI_VAR_NV_BS_RT \ -diff --git a/include/sbat_var_defs.h b/include/sbat_var_defs.h -new file mode 100644 -index 0000000..c656b56 ---- /dev/null -+++ b/include/sbat_var_defs.h -@@ -0,0 +1,38 @@ -+// SPDX-License-Identifier: BSD-2-Clause-Patent -+ -+#ifndef SBAT_VAR_DEFS_H_ -+#define SBAT_VAR_DEFS_H_ -+ -+#define SBAT_VAR_SIG "sbat," -+#define SBAT_VAR_VERSION "1," -+#define SBAT_VAR_ORIGINAL_DATE "2021030218" -+#define SBAT_VAR_ORIGINAL \ -+ SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_ORIGINAL_DATE "\n" -+ -+#if defined(ENABLE_SHIM_DEVEL) -+#define SBAT_VAR_PREVIOUS_DATE "2022020101" -+#define SBAT_VAR_PREVIOUS_REVOCATIONS "component,2\n" -+#define SBAT_VAR_PREVIOUS \ -+ SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ -+ SBAT_VAR_PREVIOUS_REVOCATIONS -+ -+#define SBAT_VAR_LATEST_DATE "2022050100" -+#define SBAT_VAR_LATEST_REVOCATIONS "component,2\nothercomponent,2\n" -+#define SBAT_VAR_LATEST \ -+ SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ -+ SBAT_VAR_LATEST_REVOCATIONS -+#else /* !ENABLE_SHIM_DEVEL */ -+#define SBAT_VAR_PREVIOUS_DATE SBAT_VAR_ORIGINAL_DATE -+#define SBAT_VAR_PREVIOUS_REVOCATIONS -+#define SBAT_VAR_PREVIOUS \ -+ SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ -+ SBAT_VAR_PREVIOUS_REVOCATIONS -+ -+#define SBAT_VAR_LATEST_DATE "2022052400" -+#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,2\n" -+#define SBAT_VAR_LATEST \ -+ SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ -+ SBAT_VAR_LATEST_REVOCATIONS -+#endif /* ENABLE_SHIM_DEVEL */ -+ -+#endif /* !SBAT_VAR_DEFS_H_ */ -diff --git a/include/test.mk b/include/test.mk -index e965c60..c0e2409 100644 ---- a/include/test.mk -+++ b/include/test.mk -@@ -92,7 +92,7 @@ test-mock-variables: CFLAGS+=-DHAVE_SHIM_LOCK_GUID - test-mok-mirror_FILES = mok.c globals.c tpm.c lib/guid.c lib/variables.c mock-variables.c - test-mok-mirror: CFLAGS+=-DHAVE_START_IMAGE -DHAVE_SHIM_LOCK_GUID - --test-sbat_FILES = csv.c lib/variables.c lib/guid.c -+test-sbat_FILES = csv.c lib/variables.c lib/guid.c sbat_var.S - test-sbat :: CFLAGS+=-DHAVE_GET_VARIABLE -DHAVE_GET_VARIABLE_ATTR -DHAVE_SHIM_LOCK_GUID - - test-str_FILES = lib/string.c -diff --git a/sbat.c b/sbat.c -index f1d6e98..a08c5b2 100644 ---- a/sbat.c -+++ b/sbat.c -@@ -5,6 +5,11 @@ - - #include "shim.h" - -+extern struct { -+ UINT32 previous_offset; -+ UINT32 latest_offset; -+} sbat_var_payload_header; -+ - EFI_STATUS - parse_sbat_section(char *section_base, size_t section_size, - size_t *n_entries, -@@ -399,6 +404,9 @@ set_sbat_uefi_variable(void) - EFI_STATUS efi_status = EFI_SUCCESS; - UINT32 attributes = 0; - -+ char *sbat_var_previous; -+ char *sbat_var_latest; -+ - UINT8 *sbat = NULL; - UINT8 *sbat_policy = NULL; - UINTN sbatsize = 0; -@@ -407,27 +415,30 @@ set_sbat_uefi_variable(void) - char *sbat_var = NULL; - bool reset_sbat = false; - -+ sbat_var_previous = (char *)&sbat_var_payload_header + sbat_var_payload_header.previous_offset; -+ sbat_var_latest = (char *)&sbat_var_payload_header + sbat_var_payload_header.latest_offset; -+ - efi_status = get_variable_attr(SBAT_POLICY, &sbat_policy, - &sbat_policysize, SHIM_LOCK_GUID, - &attributes); - if (EFI_ERROR(efi_status)) { - dprint("Default sbat policy: previous\n"); -- sbat_var = SBAT_VAR_PREVIOUS; -+ sbat_var = sbat_var_previous; - } else { - switch (*sbat_policy) { - case SBAT_POLICY_LATEST: - dprint("Custom sbat policy: latest\n"); -- sbat_var = SBAT_VAR_LATEST; -+ sbat_var = sbat_var_latest; - clear_sbat_policy(); - break; - case SBAT_POLICY_PREVIOUS: - dprint("Custom sbat policy: previous\n"); -- sbat_var = SBAT_VAR_PREVIOUS; -+ sbat_var = sbat_var_previous; - break; - case SBAT_POLICY_RESET: - if (secure_mode()) { - console_print(L"Cannot reset SBAT policy: Secure Boot is enabled.\n"); -- sbat_var = SBAT_VAR_PREVIOUS; -+ sbat_var = sbat_var_previous; - } else { - dprint(L"Custom SBAT policy: reset OK\n"); - reset_sbat = true; -@@ -438,7 +449,7 @@ set_sbat_uefi_variable(void) - default: - console_error(L"SBAT policy state %llu is invalid", - EFI_INVALID_PARAMETER); -- sbat_var = SBAT_VAR_PREVIOUS; -+ sbat_var = sbat_var_previous; - clear_sbat_policy(); - break; - } -diff --git a/sbat_var.S b/sbat_var.S -new file mode 100644 -index 0000000..a115077 ---- /dev/null -+++ b/sbat_var.S -@@ -0,0 +1,20 @@ -+// SPDX-License-Identifier: BSD-2-Clause-Patent -+ -+#include "include/sbat_var_defs.h" -+ -+ .section .sbatlevel, "a", %progbits -+ .balignl 4, 0 -+ .4byte 0 /* format version for external parsers */ -+ .globl sbat_var_payload_header -+ .type sbat_var_payload_header, %object -+ .size sbat_var_payload_header, .Lsbat_var_payload_header_end - sbat_var_payload_header -+sbat_var_payload_header: -+ .4byte .Lsbat_var_previous - sbat_var_payload_header -+ .4byte .Lsbat_var_latest - sbat_var_payload_header -+.Lsbat_var_payload_header_end: -+ .balign 1, 0 -+.Lsbat_var_previous: -+ .asciz SBAT_VAR_PREVIOUS -+ .balign 1, 0 -+.Lsbat_var_latest: -+ .asciz SBAT_VAR_LATEST -diff --git a/shim.h b/shim.h -index b5272b9..7e9d10e 100644 ---- a/shim.h -+++ b/shim.h -@@ -179,6 +179,7 @@ - #include "include/pe.h" - #include "include/replacements.h" - #include "include/sbat.h" -+#include "include/sbat_var_defs.h" - #if defined(OVERRIDE_SECURITY_POLICY) - #include "include/security_policy.h" - #endif --- -2.35.3 - - -From 092c2b2bbed950727e41cf450b61c794881c33e7 Mon Sep 17 00:00:00 2001 -From: Eric Snowberg -Date: Fri, 17 Jun 2022 12:37:28 -0400 -Subject: [PATCH 02/12] Reference MokListRT instead of MokList - -When calling back into shim from grub, the MokListRT may contain additional -entries not available in the original MokList, an example being the certs -included via user_cert. Use the MokListRT instead when calling check_db_cert -and check_db_hash. - -Signed-off-by: Eric Snowberg ---- - shim.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/shim.c b/shim.c -index fdd205e..27b74ce 100644 ---- a/shim.c -+++ b/shim.c -@@ -397,22 +397,22 @@ static EFI_STATUS check_allowlist (WIN_CERTIFICATE_EFI_PKCS *cert, - } - #endif - -- if (check_db_hash(L"MokList", SHIM_LOCK_GUID, sha256hash, -+ if (check_db_hash(L"MokListRT", SHIM_LOCK_GUID, sha256hash, - SHA256_DIGEST_SIZE, EFI_CERT_SHA256_GUID) - == DATA_FOUND) { - verification_method = VERIFIED_BY_HASH; - update_verification_method(VERIFIED_BY_HASH); - return EFI_SUCCESS; - } else { -- LogError(L"check_db_hash(MokList, sha256hash) != DATA_FOUND\n"); -+ LogError(L"check_db_hash(MokListRT, sha256hash) != DATA_FOUND\n"); - } -- if (cert && check_db_cert(L"MokList", SHIM_LOCK_GUID, cert, sha256hash) -+ if (cert && check_db_cert(L"MokListRT", SHIM_LOCK_GUID, cert, sha256hash) - == DATA_FOUND) { - verification_method = VERIFIED_BY_CERT; - update_verification_method(VERIFIED_BY_CERT); - return EFI_SUCCESS; - } else if (cert) { -- LogError(L"check_db_cert(MokList, sha256hash) != DATA_FOUND\n"); -+ LogError(L"check_db_cert(MokListRT, sha256hash) != DATA_FOUND\n"); - } - - update_verification_method(VERIFIED_BY_NOTHING); --- -2.35.3 - - -From 14d63398298c8de23036a4cf61594108b7345863 Mon Sep 17 00:00:00 2001 -From: Robbie Harwood -Date: Tue, 23 Aug 2022 12:07:16 -0400 -Subject: [PATCH 05/12] Discard load-options that start with a NUL - -In 6c8d08c0af4768c715b79c8ec25141d56e34f8b4 ("shim: Ignore UEFI -LoadOptions that are just NUL characters."), a check was added to -discard load options that are entirely NUL. We now see some firmwares -that start LoadOptions with a NUL, and then follow it with garbage (path -to directory containing loaders). Widen the check to just discard -anything that starts with a NUL. - -Resolves: #490 -Related: #95 -See-also: https://bugzilla.redhat.com/show_bug.cgi?id=2113005 -Signed-off-by: Robbie Harwood ---- - include/ucs2.h | 18 ------------------ - load-options.c | 7 ++++++- - 2 files changed, 6 insertions(+), 19 deletions(-) - -diff --git a/include/ucs2.h b/include/ucs2.h -index ee038ce..87eab32 100644 ---- a/include/ucs2.h -+++ b/include/ucs2.h -@@ -63,22 +63,4 @@ StrCSpn(const CHAR16 *s, const CHAR16 *reject) - return ret; - } - --/* -- * Test if an entire buffer is nothing but NUL characters. This -- * implementation "gracefully" ignores the difference between the -- * UTF-8/ASCII 1-byte NUL and the UCS-2 2-byte NUL. -- */ --static inline bool --__attribute__((__unused__)) --is_all_nuls(UINT8 *data, UINTN data_size) --{ -- UINTN i; -- -- for (i = 0; i < data_size; i++) { -- if (data[i] != 0) -- return false; -- } -- return true; --} -- - #endif /* SHIM_UCS2_H */ -diff --git a/load-options.c b/load-options.c -index c6bb742..a8c6e1a 100644 ---- a/load-options.c -+++ b/load-options.c -@@ -404,8 +404,13 @@ parse_load_options(EFI_LOADED_IMAGE *li) - - /* - * Apparently sometimes we get L"\0\0"? Which isn't useful at all. -+ * -+ * Possibly related, but some boards have additional data before the -+ * size which is garbage (it's a weird path to the directory -+ * containing the loaders). Known boards that do this: Kontron VX3040 -+ * (AMI), ASUS B85M-E, and at least one "older Dell laptop". - */ -- if (is_all_nuls(li->LoadOptions, li->LoadOptionsSize)) -+ if (((CHAR16 *)li->LoadOptions)[0] == 0) - return EFI_SUCCESS; - - /* --- -2.35.3 - - -From 5c537b3d0cf8c393dad2e61d49aade68f3af1401 Mon Sep 17 00:00:00 2001 -From: dann frazier -Date: Tue, 6 Sep 2022 09:28:22 -0600 -Subject: [PATCH 06/12] shim: Flush the memory region from i-cache before - execution - -We've seen crashes in early GRUB code on an ARM Cortex-A72-based -platform that point at seemingly harmless instructions. Flushing -the i-cache of those instructions prior to executing has been -shown to avoid the problem, which has parallels with this story: - https://www.mail-archive.com/osv-dev@googlegroups.com/msg06203.html - -Add a cache flushing utility function and provide an implementation -using a GCC intrinsic. This will need to be extended to support other -compilers. Note that this intrinsic is a no-op for x86 platforms. - -This fixes issue #498. - -Signed-off-by: dann frazier ---- - include/compiler.h | 6 ++++++ - pe.c | 3 +++ - 2 files changed, 9 insertions(+) - -diff --git a/include/compiler.h b/include/compiler.h -index b4bf103..b0d595f 100644 ---- a/include/compiler.h -+++ b/include/compiler.h -@@ -192,5 +192,11 @@ - */ - #define unreachable() __builtin_unreachable() - -+#if defined(__GNUC__) -+#define cache_invalidate(begin, end) __builtin___clear_cache(begin, end) -+#else /* __GNUC__ */ -+#error shim has no cache_invalidate() implementation for this compiler -+#endif /* __GNUC__ */ -+ - #endif /* !COMPILER_H_ */ - // vim:fenc=utf-8:tw=75:et -diff --git a/pe.c b/pe.c -index ba3e2bb..f94530a 100644 ---- a/pe.c -+++ b/pe.c -@@ -1196,6 +1196,9 @@ handle_image (void *data, unsigned int datasize, - - CopyMem(buffer, data, context.SizeOfHeaders); - -+ /* Flush the instruction cache for the region holding the image */ -+ cache_invalidate(buffer, buffer + context.ImageSize); -+ - *entry_point = ImageAddress(buffer, context.ImageSize, context.EntryPoint); - if (!*entry_point) { - perror(L"Entry point is invalid\n"); --- -2.35.3 - - -From 2d4ebb5a798aafd3b06d2c3cb9c9840c1caa41ef Mon Sep 17 00:00:00 2001 -From: Eric Snowberg -Date: Wed, 2 Nov 2022 10:39:43 -0600 -Subject: [PATCH 07/12] load_cert_file: Fix stack issue - -0214cd9cef5a fixes a NULL pointer dereference problem, it introduces two -new problems. First it incorrectly assumes li.FilePath is a string. -Second, it puts EFI_LOADED_IMAGE li on the stack. It has been found -that not all archectures can handle this being on the stack. - -The shim_li variable will be setup properly from the read_image -call. Use the global shim_li variable instead when calling -verify_image. - -Signed-off-by: Eric Snowberg ---- - shim.c | 6 +----- - 1 file changed, 1 insertion(+), 5 deletions(-) - -diff --git a/shim.c b/shim.c -index 27b74ce..0d919ce 100644 ---- a/shim.c -+++ b/shim.c -@@ -1395,7 +1395,6 @@ EFI_STATUS - load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename, CHAR16 *PathName) - { - EFI_STATUS efi_status; -- EFI_LOADED_IMAGE li; - PE_COFF_LOADER_IMAGE_CONTEXT context; - EFI_IMAGE_SECTION_HEADER *Section; - EFI_SIGNATURE_LIST *certlist; -@@ -1410,10 +1409,7 @@ load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename, CHAR16 *PathName) - if (EFI_ERROR(efi_status)) - return efi_status; - -- memset(&li, 0, sizeof(li)); -- memcpy(&li.FilePath[0], filename, MIN(StrSize(filename), sizeof(li.FilePath))); -- -- efi_status = verify_image(data, datasize, &li, &context); -+ efi_status = verify_image(data, datasize, shim_li, &context); - if (EFI_ERROR(efi_status)) - return efi_status; - --- -2.35.3 - - -From ea4911c2f3ce8f8f703a1476febac86bb16b00fd Mon Sep 17 00:00:00 2001 -From: Eric Snowberg -Date: Wed, 2 Nov 2022 10:45:23 -0600 -Subject: [PATCH 08/12] load_cert_file: Use EFI RT memory function - -Use the EFI RT memory function CopyMem instead of memcpy in load_cert_file. - -Signed-off-by: Eric Snowberg ---- - shim.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/shim.c b/shim.c -index 0d919ce..4437898 100644 ---- a/shim.c -+++ b/shim.c -@@ -1429,8 +1429,8 @@ load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename, CHAR16 *PathName) - user_cert_size += certlist->SignatureListSize;; - user_cert = ReallocatePool(user_cert, original, - user_cert_size); -- memcpy(user_cert + original, pointer, -- certlist->SignatureListSize); -+ CopyMem(user_cert + original, pointer, -+ certlist->SignatureListSize); - } - } - FreePool(data); --- -2.35.3 - - -From 0cf43ac6d78c6f47f8b91210639ac1aa63665f0b Mon Sep 17 00:00:00 2001 -From: Nicholas Bishop -Date: Thu, 6 Oct 2022 16:08:56 -0400 -Subject: [PATCH 09/12] Add -malign-double to IA32 compiler flags - -This changes the alignment of UINT64 data to 8 bytes on IA32, which -matches EDK2's understanding of alignment. In particular this change -affects the offset where shim writes `EFI_LOADED_IMAGE.ImageSize`. - -Fixes https://github.com/rhboot/shim/issues/515 - -Signed-off-by: Nicholas Bishop ---- - Make.defaults | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Make.defaults b/Make.defaults -index dfed9c4..c46164a 100644 ---- a/Make.defaults -+++ b/Make.defaults -@@ -71,7 +71,7 @@ ifeq ($(ARCH),x86_64) - endif - ifeq ($(ARCH),ia32) - ARCH_CFLAGS ?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \ -- $(CLANG_BUGS) -m32 \ -+ $(CLANG_BUGS) -m32 -malign-double \ - -DMDE_CPU_IA32 -DPAGE_SIZE=4096 - ARCH_GNUEFI ?= ia32 - ARCH_SUFFIX ?= ia32 --- -2.35.3 - - -From aa1b289a1a16774afc3143b8948d97261f0872d0 Mon Sep 17 00:00:00 2001 -From: Arthur Gautier -Date: Fri, 21 Oct 2022 13:20:45 -0700 -Subject: [PATCH 12/12] mok: remove MokListTrusted from PCR 7 - -MokListTrusted was added by mistake to PCR 7 in 4e513405. The value of -MokListTrusted does not alter the behavior of secure boot so, as per -https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v23_pub.pdf#page=36 -(section 3.3.4 PCR usage) so it should not be factored in the value of -PCR 7. - -See: - https://github.com/rhboot/shim/pull/423 - https://github.com/rhboot/shim/commit/4e513405b4f1641710115780d19dcec130c5208f - -Fixes https://github.com/rhboot/shim/issues/484 -Fixes https://github.com/rhboot/shim/issues/492 - -Signed-off-by: Arthur Gautier ---- - mok.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/mok.c b/mok.c -index 63ddfca..9811b35 100644 ---- a/mok.c -+++ b/mok.c -@@ -178,7 +178,6 @@ struct mok_state_variable mok_state_variable_data[] = { - EFI_VARIABLE_NON_VOLATILE, - .no_attr = EFI_VARIABLE_RUNTIME_ACCESS, - .flags = MOK_MIRROR_DELETE_FIRST | -- MOK_VARIABLE_MEASURE | - MOK_VARIABLE_INVERSE | - MOK_VARIABLE_LOG, - .pcr = 14, --- -2.35.3 - diff --git a/shim.changes b/shim.changes index 6c5139f..a342299 100644 --- a/shim.changes +++ b/shim.changes @@ -1,3 +1,66 @@ +------------------------------------------------------------------- +Fri Nov 18 03:17:46 UTC 2022 - Joey Lee + +- Drop upstreamed patch: + - shim-Enable-TDX-measurement-to-RTMR-register.patch + - Enable TDX measurement to RTMR register (jsc#PED-1273) + - 4fd484e4c2 15.7 + +------------------------------------------------------------------- +Thu Nov 17 05:17:34 UTC 2022 - Joey Lee + +- Update to 15.7 (bsc#1198458)(jsc#PED-127) + - Patches (git log --oneline --reverse 15.6..15.7) + 0eb07e1 Make SBAT variable payload introspectable + 092c2b2 Reference MokListRT instead of MokList + 8b59b69 Add a link to the test plan in the readme. + 4fd484e Enable TDX measurement to RTMR register + 14d6339 Discard load-options that start with a NUL + 5c537b3 shim: Flush the memory region from i-cache before execution + 2d4ebb5 load_cert_file: Fix stack issue + ea4911c load_cert_file: Use EFI RT memory function + 0cf43ac Add -malign-double to IA32 compiler flags + 17f0233 pe: Fix image section entry-point validation + 5169769 make-archive: Build reproducible tarball + aa1b289 mok: remove MokListTrusted from PCR 7 + 53509ea CryptoPkg/BaseCryptLib: fix NULL dereference + 616c566 More coverity modeling + ea0d0a5 Update shim's .sbat to sbat,3 + dd8be98 Bump grub's sbat requirement to grub,3 + 1149161 (HEAD -> main, tag: 15.7, origin/main, origin/HEAD) Update version to 15.7 + - 15.7 release note https://github.com/rhboot/shim/releases + Make SBAT variable payload introspectable by @chrisccoulson in #483 + Reference MokListRT instead of MokList by @esnowberg in #488 + Add a link to the test plan in the readme. by @vathpela in #494 + [V3] Enable TDX measurement to RTMR register by @kenplusplus in #485 + Discard load-options that start with a NUL by @frozencemetery in #505 + load_cert_file bugs by @esnowberg in #523 + Add -malign-double to IA32 compiler flags by @nicholasbishop in #516 + pe: Fix image section entry-point validation by @iokomin in #518 + make-archive: Build reproducible tarball by @julian-klode in #527 + mok: remove MokListTrusted from PCR 7 by @baloo in #519 + - Drop upstreamed patch: + - shim-bsc1177789-fix-null-pointer-deref-AuthenticodeVerify.patch + - Cryptlib/CryptAuthenticode: fix NULL pointer dereference in AuthenticodeVerify() + - 53509eaf22 15.7 + - shim-jscPED-127-upgrade-shim-in-SLE15-SP5.patch + - For backporting the following patches between 15.6 with aa1b289a1a (jsc#PED-127) + - The following patches are merged to 15.7 + aa1b289a1a mok: remove MokListTrusted from PCR 7 + 0cf43ac6d7 Add -malign-double to IA32 compiler flags + ea4911c2f3 load_cert_file: Use EFI RT memory function + 2d4ebb5a79 load_cert_file: Fix stack issue + 5c537b3d0c shim: Flush the memory region from i-cache before execution + 14d6339829 Discard load-options that start with a NUL + 092c2b2bbe Reference MokListRT instead of MokList + 0eb07e11b2 Make SBAT variable payload introspectable + +------------------------------------------------------------------- +Thu Nov 17 05:08:49 UTC 2022 - Joey Lee + +- Update shim.changes, added missed shim 15.6-rc1 and 15.6 changelog to + the item in Update to 15.6. (bsc#1198458) + ------------------------------------------------------------------- Tue Nov 15 08:06:24 UTC 2022 - Joey Lee @@ -157,6 +220,52 @@ Tue Jun 28 04:03:45 UTC 2022 - Joey Lee Allocate mokvar table in runtime memory. by @vathpela in #447 Remove post-process-pe on 'make clean' by @vathpela in #448 pe: missing perror argument by @xypron in #443 + - 15.6-rc1 release note https://github.com/rhboot/shim/releases + MokManager: removed Locate graphic output protocol fail error message by @joeyli in #441 + shim: implement SBAT verification for the shim_lock protocol by @chrisccoulson in #456 + post-process-pe: Fix a missing return code check by @vathpela in #462 + Update github actions matrix to be more useful by @frozencemetery in #469 + Add f36 and centos9 CI builds by @vathpela in #470 + post-process-pe: Fix format string warnings on 32-bit platforms by @steve-mcintyre in #464 + tests: also look for system headers in multi-arch directories by @steve-mcintyre in #466 + tests: fix gcc warnings by @akodanev in #463 + Allow MokListTrusted to be enabled by default by @esnowberg in #455 + Add code of conduct by @frozencemetery in #427 + Re-add ARM AArch64 support by @vathpela in #468 + Use ASCII as fallback if Unicode Box Drawing characters fail by @vathpela in #428 + make: don't treat cert.S specially by @vathpela in #475 + shim: use SHIM_DEVEL_VERBOSE when built in devel mode by @vathpela in #474 + Break out of the inner sbat loop if we find the entry. by @vathpela in #476 + Support loading additional certificates by @esnowberg in #446 + Add support for NX (W^X) mitigations. by @vathpela in #459 + Misc fixups from scan-build. by @vathpela in #477 + Fix preserve_sbat_uefi_variable() logic by @jsetje in #478 + - 15.6 release note https://github.com/rhboot/shim/releases + MokManager: removed Locate graphic output protocol fail error message by @joeyli in #441 + shim: implement SBAT verification for the shim_lock protocol by @chrisccoulson in #456 + post-process-pe: Fix a missing return code check by @vathpela in #462 + Update github actions matrix to be more useful by @frozencemetery in #469 + Add f36 and centos9 CI builds by @vathpela in #470 + post-process-pe: Fix format string warnings on 32-bit platforms by @steve-mcintyre in #464 + tests: also look for system headers in multi-arch directories by @steve-mcintyre in #466 + tests: fix gcc warnings by @akodanev in #463 + Allow MokListTrusted to be enabled by default by @esnowberg in #455 + Add code of conduct by @frozencemetery in #427 + Re-add ARM AArch64 support by @vathpela in #468 + Use ASCII as fallback if Unicode Box Drawing characters fail by @vathpela in #428 + make: don't treat cert.S specially by @vathpela in #475 + shim: use SHIM_DEVEL_VERBOSE when built in devel mode by @vathpela in #474 + Break out of the inner sbat loop if we find the entry. by @vathpela in #476 + Support loading additional certificates by @esnowberg in #446 + Add support for NX (W^X) mitigations. by @vathpela in #459 + Misc fixups from scan-build. by @vathpela in #477 + Fix preserve_sbat_uefi_variable() logic by @jsetje in #478 + SBAT Policy latest should be a one-shot by @jsetje in #481 + pe: Fix a buffer overflow when SizeOfRawData > VirtualSize by @chriscoulson + pe: Perform image verification earlier when loading grub by @chriscoulson + Update advertised sbat generation number for shim by @jsetje + Update SBAT generation requirements for 05/24/22 by @jsetje + Also avoid CVE-2022-28737 in verify_image() by @vathpela - Drop upstreamed patch: - shim-bsc1184454-allocate-mok-config-table-BS.patch - Allocate MOK config table as BootServicesData to avoid the error message diff --git a/shim.spec b/shim.spec index f3622ef..2bc374c 100644 --- a/shim.spec +++ b/shim.spec @@ -36,7 +36,7 @@ %endif Name: shim -Version: 15.6 +Version: 15.7 Release: 0 Summary: UEFI shim loader License: BSD-2-Clause @@ -71,16 +71,10 @@ Patch1: shim-arch-independent-names.patch Patch2: shim-change-debug-file-path.patch # PATCH-FIX-SUSE shim-bsc1177315-verify-eku-codesign.patch bsc#1177315 glin@suse.com -- Verify CodeSign in the signer's EKU Patch3: shim-bsc1177315-verify-eku-codesign.patch -# PATCH-FIX-UPSTREAM shim-bsc1177789-fix-null-pointer-deref-AuthenticodeVerify.patch bsc#1177789 glin@suse.com -- Fix the NULL pointer dereference in AuthenticodeVerify() -Patch4: shim-bsc1177789-fix-null-pointer-deref-AuthenticodeVerify.patch # PATCH-FIX-SUSE remove_build_id.patch -- Remove the build ID to make the binary reproducible when building with AArch64 container -Patch5: remove_build_id.patch +Patch4: remove_build_id.patch # PATCH-FIX-SUSE shim-disable-export-vendor-dbx.patch bsc#1185261 glin@suse.com -- Disable exporting vendor-dbx to MokListXRT -Patch6: shim-disable-export-vendor-dbx.patch -# PATCH-FIX-UPSTREAM shim-Enable-TDX-measurement-to-RTMR-register.patch jsc#PED-1273 jlee@suse.com -- Impl: [TDX Guest] TDX: Enhance shim measurement to TD RTMR -Patch7: shim-Enable-TDX-measurement-to-RTMR-register.patch -# PATCH-FIX-UPSTREAM shim-jscPED-127-upgrade-shim-in-SLE15-SP5.patch jsc#PED-127 jlee@suse.com -- Impl: Upgrade shim in SLE 15-SP5 and openSUSE TW for some issues -Patch8: shim-jscPED-127-upgrade-shim-in-SLE15-SP5.patch +Patch5: shim-disable-export-vendor-dbx.patch # PATCH-FIX-OPENSUSE shim-bsc1198101-opensuse-cert-prompt.patch glin@suse.com -- Show the prompt to ask whether the user trusts openSUSE certificate or not Patch100: shim-bsc1198101-opensuse-cert-prompt.patch BuildRequires: dos2unix @@ -127,9 +121,6 @@ The source code of UEFI shim loader %patch3 -p1 %patch4 -p1 %patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 %if 0%{?is_opensuse} == 1 || 0%{?sle_version} == 0 %patch100 -p1 %endif