pool/shim
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 518613 from home:gary_lin:branches:devel:openSUSE:Factory

Browse Source 
- Add upstream fixes
- Remove the stderr mask while compiling MokManager.efi since the warnings in Cryptlib were fixed.

OBS-URL: https://build.opensuse.org/request/show/518613
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/shim?expand=0&rev=131
This commit is contained in:
Gary Ching-Pang Lin 2017-08-25 03:47:51 +00:00 committed by Git OBS Bridge
parent e7ea1a4caa
commit 5263d48333
6 changed files with 358 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

227
shim-fallback-workaround-masked-ami-variables.patch Normal file
View File

@ -0,0 +1,227 @@
From 40eef4450fd4d5ec9ea666a02c276bbe073300d3 Mon Sep 17 00:00:00 2001
From: Lans Zhang <jia.zhang@windriver.com>
Date: Fri, 11 Aug 2017 13:42:20 +0800
Subject: [PATCH 1/2] fallback: work around the issue of boot option creation
with AMI BIOS
AMI BIOS (e.g, Intel NUC5i3MYHE) may automatically hide and patch BootXXXX
variables with ami_masked_device_path_guid.
Initially, the normal boot option created by fallback looks like this:
00000000 01 00 00 00 5e 00 42 00 6f 00 6f 00 74 00 6c 00 |....^.B.o.o.t.l.|
00000010 6f 00 61 00 64 00 65 00 72 00 20 00 54 00 65 00 |o.a.d.e.r. .T.e.|
00000020 73 00 74 00 20 00 28 00 36 00 34 00 2d 00 62 00 |s.t. .(.6.4.-.b.|
00000030 69 00 74 00 29 00 00 00 04 01 2a 00 01 00 00 00 |i.t.).....*.....|
00000040 00 08 00 00 00 00 00 00 00 00 08 00 00 00 00 00 |................|
00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000060 01 01 04 04 30 00 5c 00 45 00 46 00 49 00 5c 00 |....0.\.E.F.I.\.|
00000070 42 00 4f 00 4f 00 54 00 5c 00 74 00 65 00 73 00 |B.O.O.T.\.t.e.s.|
00000080 74 00 78 00 36 00 34 00 2e 00 65 00 66 00 69 00 |t.x.6.4...e.f.i.|
00000090 00 00 7f ff 04 00 |......|
00000096
after reboot, fallback has to create a new one due to the previous boot
option is hidden and masked by AMI BIOS:
00000000 09 00 00 00 76 00 42 00 6f 00 6f 00 74 00 6c 00 |....v.B.o.o.t.l.|
00000010 6f 00 61 00 64 00 65 00 72 00 20 00 54 00 65 00 |o.a.d.e.r. .T.e.|
00000020 73 00 74 00 20 00 28 00 36 00 34 00 2d 00 62 00 |s.t. .(.6.4.-.b.|
00000030 69 00 74 00 29 00 00 00 01 04 14 00 e7 75 e2 99 |i.t.)........u..|
00000040 a0 75 37 4b a2 e6 c5 38 5e 6c 00 cb 7f ff 04 00 |.u7K...8^l......|
00000050 04 01 2a 00 01 00 00 00 00 08 00 00 00 00 00 00 |..*.............|
00000060 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000070 00 00 00 00 00 00 00 00 01 01 04 04 30 00 5c 00 |............0.\.|
00000080 45 00 46 00 49 00 5c 00 42 00 4f 00 4f 00 54 00 |E.F.I.\.B.O.O.T.|
00000090 5c 00 74 00 65 00 73 00 74 00 78 00 36 00 34 00 |\.t.e.s.t.x.6.4.|
000000a0 2e 00 65 00 66 00 69 00 00 00 7f ff 04 00 |..e.f.i.......|
000000ae
And after several reboot, fallback will have to create more boot options
because AMI BIOS corrupts the previous ones.
We can get the valid device path if just skipping the masked device path and
its next end path.
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
---
fallback.c | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 109 insertions(+), 5 deletions(-)
diff --git a/fallback.c b/fallback.c
index 0a7058b..7b58018 100644
--- a/fallback.c
+++ b/fallback.c
@@ -226,6 +226,105 @@ add_boot_option(EFI_DEVICE_PATH *hddp, EFI_DEVICE_PATH *fulldp,
return EFI_OUT_OF_RESOURCES;
}
+/*
+ * AMI BIOS (e.g, Intel NUC5i3MYHE) may automatically hide and patch BootXXXX
+ * variables with ami_masked_device_path_guid. We can get the valid device path
+ * if just skipping it and its next end path.
+ */
+
+static EFI_GUID ami_masked_device_path_guid = {
+ 0x99e275e7, 0x75a0, 0x4b37,
+ { 0xa2, 0xe6, 0xc5, 0x38, 0x5e, 0x6c, 0x0, 0xcb }
+};
+
+static unsigned int
+calc_masked_boot_option_size(unsigned int size)
+{
+ return size + sizeof(EFI_DEVICE_PATH) +
+ sizeof(ami_masked_device_path_guid) + sizeof(EFI_DEVICE_PATH);
+}
+
+static int
+check_masked_boot_option(CHAR8 *candidate, unsigned int candidate_size,
+ CHAR8 *data, unsigned int data_size)
+{
+ /*
+ * The patched BootXXXX variables contain a hardware device path and
+ * an end path, preceding the real device path.
+ */
+ if (calc_masked_boot_option_size(data_size) != candidate_size)
+ return 1;
+
+ CHAR8 *cursor = candidate;
+
+ /* Check whether the BootXXXX is patched */
+ cursor += sizeof(UINT32) + sizeof(UINT16);
+ cursor += StrSize((CHAR16 *)cursor);
+
+ unsigned int min_valid_size = cursor - candidate + sizeof(EFI_DEVICE_PATH);
+
+ if (candidate_size <= min_valid_size)
+ return 1;
+
+ EFI_DEVICE_PATH *dp = (EFI_DEVICE_PATH *)cursor;
+ unsigned int node_size = DevicePathNodeLength(dp) - sizeof(EFI_DEVICE_PATH);
+
+ min_valid_size += node_size;
+ if (candidate_size <= min_valid_size ||
+ DevicePathType(dp) != HARDWARE_DEVICE_PATH ||
+ DevicePathSubType(dp) != HW_VENDOR_DP ||
+ node_size != sizeof(ami_masked_device_path_guid) ||
+ CompareGuid((EFI_GUID *)(cursor + sizeof(EFI_DEVICE_PATH)),
+ &ami_masked_device_path_guid))
+ return 1;
+
+ /* Check whether the patched guid is followed by an end path */
+ min_valid_size += sizeof(EFI_DEVICE_PATH);
+ if (candidate_size <= min_valid_size)
+ return 1;
+
+ dp = NextDevicePathNode(dp);
+ if (!IsDevicePathEnd(dp))
+ return 1;
+
+ /*
+ * OK. We may really get a masked BootXXXX variable. The next
+ * step is to test whether it is hidden.
+ */
+ UINT32 attrs = *(UINT32 *)candidate;
+#ifndef LOAD_OPTION_HIDDEN
+# define LOAD_OPTION_HIDDEN 0x00000008
+#endif
+ if (!(attrs & LOAD_OPTION_HIDDEN))
+ return 1;
+
+ attrs &= ~LOAD_OPTION_HIDDEN;
+
+ /* Compare the field Attributes */
+ if (attrs != *(UINT32 *)data)
+ return 1;
+
+ /* Compare the field FilePathListLength */
+ data += sizeof(UINT32);
+ candidate += sizeof(UINT32);
+ if (calc_masked_boot_option_size(*(UINT16 *)data) !=
+ *(UINT16 *)candidate)
+ return 1;
+
+ /* Compare the field Description */
+ data += sizeof(UINT16);
+ candidate += sizeof(UINT16);
+ if (CompareMem(candidate, data, cursor - candidate))
+ return 1;
+
+ /* Compare the filed FilePathList */
+ cursor = (CHAR8 *)NextDevicePathNode(dp);
+ data += sizeof(UINT16);
+ data += StrSize((CHAR16 *)data);
+
+ return CompareMem(cursor, data, candidate_size - min_valid_size);
+}
+
EFI_STATUS
find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp,
CHAR16 *filename, CHAR16 *label, CHAR16 *arguments,
@@ -255,7 +354,8 @@ find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp,
EFI_GUID global = EFI_GLOBAL_VARIABLE;
EFI_STATUS rc;
- CHAR8 *candidate = AllocateZeroPool(size);
+ UINTN max_candidate_size = calc_masked_boot_option_size(size);
+ CHAR8 *candidate = AllocateZeroPool(max_candidate_size);
if (!candidate) {
FreePool(data);
return EFI_OUT_OF_RESOURCES;
@@ -267,17 +367,21 @@ find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp,
varname[6] = hexmap[(bootorder[i] & 0x00f0) >> 4];
varname[7] = hexmap[(bootorder[i] & 0x000f) >> 0];
- UINTN candidate_size = size;
+ UINTN candidate_size = max_candidate_size;
rc = uefi_call_wrapper(RT->GetVariable, 5, varname, &global,
NULL, &candidate_size, candidate);
if (EFI_ERROR(rc))
continue;
- if (candidate_size != size)
+ if (candidate_size != size) {
+ if (check_masked_boot_option(candidate, candidate_size,
+ data, size))
+ continue;
+ } else if (CompareMem(candidate, data, size))
continue;
- if (CompareMem(candidate, data, size))
- continue;
+ VerbosePrint(L"Found boot entry \"%s\" with label \"%s\" "
+ L"for file \"%s\"\n", varname, label, filename);
/* at this point, we have duplicate data. */
if (!first_new_option) {
--
2.14.0
From 5efee65f1cb7a04ea9434eedfc0d8a49b0305c83 Mon Sep 17 00:00:00 2001
From: Gary Lin <glin@suse.com>
Date: Wed, 23 Aug 2017 18:26:00 +0800
Subject: [PATCH 2/2] fallback: Remove VerbosePrint()
It's not available in shim 12.
Signed-off-by: Gary Lin <glin@suse.com>
---
fallback.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/fallback.c b/fallback.c
index 7b58018..701a1c4 100644
--- a/fallback.c
+++ b/fallback.c
@@ -380,9 +380,6 @@ find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp,
} else if (CompareMem(candidate, data, size))
continue;
- VerbosePrint(L"Found boot entry \"%s\" with label \"%s\" "
- L"for file \"%s\"\n", varname, label, filename);
-
/* at this point, we have duplicate data. */
if (!first_new_option) {
first_new_option = DuplicateDevicePath(fulldp);
--
2.14.0

35
shim-fix-fallback-double-free.patch Normal file
View File

@ -0,0 +1,35 @@
From 971c5225bea11b4193e4e69a939410030b420ed1 Mon Sep 17 00:00:00 2001
From: Lans Zhang <jia.zhang@windriver.com>
Date: Wed, 9 Aug 2017 16:10:14 +0800
Subject: [PATCH] fallback: fix double free of dp
If the boot option recorded in csv is not in a media device path, the
corresponding full device path will be referred for creating the boot
variable.
However, the current code logic always frees the full device path
(full_device_path) and the media device path (dp) separately. In order
to resolve this issue, always check whether dp equals to full_device_path
before freeing dp.
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
---
fallback.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fallback.c b/fallback.c
index c80652a..0a7058b 100644
--- a/fallback.c
+++ b/fallback.c
@@ -433,7 +433,7 @@ err:
FreePool(file);
if (full_device_path)
FreePool(full_device_path);
- if (dp)
+ if (dp && dp != full_device_path)
FreePool(dp);
if (fullpath)
FreePool(fullpath);
--
2.14.0

32
shim-fix-httpboot-crash.patch Normal file
View File

@ -0,0 +1,32 @@
From 1a83299ac5caca13be7ba69507f7623c99d9eef6 Mon Sep 17 00:00:00 2001
From: Lans Zhang <jia.zhang@windriver.com>
Date: Fri, 30 Jun 2017 15:50:24 +0800
Subject: [PATCH] httpboot: fix OVMF crash
This is a typical typo. The free operation should be done if uri
was allocated.
Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
---
httpboot.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/httpboot.c b/httpboot.c
index f8fbc73..e4657c1 100644
--- a/httpboot.c
+++ b/httpboot.c
@@ -110,8 +110,10 @@ find_httpboot (EFI_HANDLE device)
URI_DEVICE_PATH *UriNode;
UINTN uri_size;
- if (!uri)
+ if (uri) {
FreePool(uri);
+ uri = NULL;
+ }
devpath = DevicePathFromHandle(device);
if (!devpath) {
--
2.14.0

40
shim-fix-openssl-flags.patch Normal file
View File

@ -0,0 +1,40 @@
From a120ddd83d02f302c72baa1974691a1f677829f3 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 8 Aug 2017 17:48:59 -0400
Subject: [PATCH] Fix openssl compile flags for x86_64
Signed-off-by: Peter Jones <pjones@redhat.com>
---
Cryptlib/Makefile | 2 +-
Cryptlib/OpenSSL/Makefile | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/Cryptlib/Makefile b/Cryptlib/Makefile
index 77a5bd4..e99f009 100644
--- a/Cryptlib/Makefile
+++ b/Cryptlib/Makefile
@@ -8,7 +8,7 @@ CFLAGS = -ggdb -O0 -I. -fno-stack-protector -fno-strict-aliasing -fpic -fshort-
ifeq ($(ARCH),x86_64)
CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args \
-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI -DNO_BUILTIN_VA_FUNCS \
- -DMDE_CPU_IA64
+ -DMDE_CPU_X64
endif
ifeq ($(ARCH),ia32)
CFLAGS += -mno-mmx -mno-sse -mno-red-zone -nostdinc -maccumulate-outgoing-args -m32 \
diff --git a/Cryptlib/OpenSSL/Makefile b/Cryptlib/OpenSSL/Makefile
index 829fa5c..e54105b 100644
--- a/Cryptlib/OpenSSL/Makefile
+++ b/Cryptlib/OpenSSL/Makefile
@@ -8,7 +8,7 @@ CFLAGS = -ggdb -O0 -I. -I.. -I../Include/ -Icrypto -fno-stack-protector -fno-st
ifeq ($(ARCH),x86_64)
CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
-DEFI_FUNCTION_WRAPPER -DGNU_EFI_USE_MS_ABI \
- -UNO_BUILTIN_VA_FUNCS -DMDE_CPU_IA64
+ -UNO_BUILTIN_VA_FUNCS -DMDE_CPU_X64
endif
ifeq ($(ARCH),ia32)
CFLAGS += -mno-mmx -mno-sse -mno-red-zone -maccumulate-outgoing-args \
--
2.14.0

11
shim.changes
View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Wed Aug 23 10:28:44 UTC 2017 - glin@suse.com
- Add upstream fixes
+ shim-fix-httpboot-crash.patch
+ shim-fix-openssl-flags.patch
+ shim-fix-fallback-double-free.patch
+ shim-fallback-workaround-masked-ami-variables.patch
- Remove the stderr mask while compiling MokManager.efi since the
warnings in Cryptlib were fixed.
-------------------------------------------------------------------
Tue Aug 22 04:51:08 UTC 2017 - glin@suse.com

14
shim.spec
View File

@ -47,6 +47,14 @@ Source99: SIGNATURE_UPDATE.txt
Patch1: shim-only-os-name.patch
# PATCH-FIX-SUSE shim-only-os-name.patch glin@suse.com -- Use the Arch-independent names
Patch2: shim-arch-independent-names.patch
# PATCH-FIX-UPSTREAM shim-fix-httpboot-crash.patch glin@suse.com -- Fix HTTPBoot crash
Patch3: shim-fix-httpboot-crash.patch
# PATCH-FIX-UPSTREAM shim-fix-openssl-flags.patch glin@suse.com -- Fix the openssl compiler flags
Patch4: shim-fix-openssl-flags.patch
# PATCH-FIX-UPSTREAM shim-fix-fallback-double-free.patch glin@suse.com -- Fix double free in fallback.c
Patch5: shim-fix-fallback-double-free.patch
# PATCH-FIX-UPSTREAM shim-fallback-workaround-masked-ami-variables.patch glin@suse.com -- Work around the masked AMI variables
Patch6: shim-fallback-workaround-masked-ami-variables.patch
# PATCH-FIX-OPENSUSE shim-change-debug-file-path.patch glin@suse.com -- Change the default debug file path
Patch50: shim-change-debug-file-path.patch
# PATCH-FIX-OPENSUSE shim-opensuse-cert-prompt.patch glin@suse.com -- Show the prompt to ask whether the user trusts openSUSE certificate or not
@ -96,6 +104,10 @@ Authors:
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch50 -p1
%if 0%{?is_opensuse} == 1
%patch100 -p1
@ -103,7 +115,7 @@ Authors:
%build
# first, build MokManager and fallback as they don't depend on a
# specific certificate
make EFI_PATH=/usr/lib64 RELEASE=0 MokManager.efi fallback.efi 2>/dev/null
make EFI_PATH=/usr/lib64 RELEASE=0 MokManager.efi fallback.efi
# now build variants of shim that embed different certificates
default=''