From nobody Tue Sep 9 21:28:43 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=cloud.com ARC-Seal: i=1; a=rsa-sha256; t=1757066768; cv=none; d=zohomail.com; s=zohoarc; b=eyqWNyBN+kUMzhumdKyceYR4gUuvcUnCoUxjlyP1AfEWYo80LgZXCdq2O5Bql2Jys7h5dRXIbaRu1m29K6cyEGU6ByDiP2re583PKHDr05Eu2NUOO2J/Y+Y1Xe5EvNk9rcQqYk6wHi87X7AKCwdYyKXTQ0CF1en4gFrFqoeIXSc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1757066768; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=nvL7dCg6gz41KLkkd+Vk+H26Dav9pYh+JfZNG4PSTr0=; b=fMKFQka0cN24wEm3cfRelRgrDmfMcayeHh3Fv5uvSTtq8QSY+fG2fmxyEOxQj6f30//4QD7Tf79HKCQt8ovN55BScKcW1NkhkkoK2edEptVnSjx0XCuuOdHLtuOs0ntv6Stq8fPVkB0WpFkOKxkErQkUpuVOqtIH68IrRpy+tQs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1757066768756920.7474740644205; Fri, 5 Sep 2025 03:06:08 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1111582.1460245 (Exim 4.92) (envelope-from ) id 1uuTKN-00082p-Qk; Fri, 05 Sep 2025 10:05:55 +0000 Received: by outflank-mailman (output) from mailman id 1111582.1460245; Fri, 05 Sep 2025 10:05:55 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uuTKN-00082g-NO; Fri, 05 Sep 2025 10:05:55 +0000 Received: by outflank-mailman (input) for mailman id 1111582; Fri, 05 Sep 2025 10:05:53 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uuTKL-0007UD-SO for xen-devel@lists.xenproject.org; Fri, 05 Sep 2025 10:05:53 +0000 Received: from mail-ej1-x62b.google.com (mail-ej1-x62b.google.com [2a00:1450:4864:20::62b]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id e815086c-8a3f-11f0-9d12-b5c5bf9af7f9; Fri, 05 Sep 2025 12:05:53 +0200 (CEST) Received: by mail-ej1-x62b.google.com with SMTP id a640c23a62f3a-afeec747e60so354193166b.0 for ; Fri, 05 Sep 2025 03:05:53 -0700 (PDT) Received: from eddie5.eng.citrite.net ([185.25.67.249]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-b046aa92242sm589136366b.59.2025.09.05.03.05.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Sep 2025 03:05:51 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: e815086c-8a3f-11f0-9d12-b5c5bf9af7f9 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloud.com; s=cloud; t=1757066752; x=1757671552; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=nvL7dCg6gz41KLkkd+Vk+H26Dav9pYh+JfZNG4PSTr0=; b=gUycLGnAA+6cGM73AS2MVGb5JJXjiPq4uJRmbFMCavHi0AXqUB9TONaPSNlGdpQ5Xk Yc4hwhUZ0EqZ/5qnjQ23truSthRd0qOPcKAn2vIa2/aFpD2f7yvtJfHn5ezmIdfYY6Yg GstCt+EKyC7XoLnC8G+tmJOoh3f03eIoA4tFg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1757066752; x=1757671552; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nvL7dCg6gz41KLkkd+Vk+H26Dav9pYh+JfZNG4PSTr0=; b=vlzqIXliilw+94z3olcKROrGlSGA/ziSm2uuoGT995O4EhSoJshreZYgs4c/Gp0nIF d1HcZhrqHLvk86PT1o2URzOgR5hTV3YC0ner2sBWeXo1FMQV87kqem98P99SLHjHuciF 29EBAxOMoQ34Gm3pYIVUM/ybdE+rheIJwFaFCheCNTpqGIQo7VMrsqAQs5MF0Ai3lyzJ uf5dHSfW9sokNKKji5xkY4ZajRPohiW67mgF7DxbLy9FeRVo+S/ZE6H0xYELaSC5PyeF Q5Fsdq2zhdQYRgq7Iyw14lLdeyfABWJTrtATXlbAdS3//21qckpuYKXPWVG6FYC6Af2k uofQ== X-Gm-Message-State: AOJu0Yx7Vvu9xMoSSrx4IVTeh/r9iwb4W1mL1uZNeZfh+/aLvQw8rBB+ S0Tu47EgB9e13wE1j7+9Z6jagbT1Lfuypp5tsAWA7p4YsJIa8V9c39rGxWBR7J/e5A9kJUXa08l NYFRc33g= X-Gm-Gg: ASbGncvZ0fFxXK8J0KwUBAqRt6/s8cmOzPb5zsV94tkGj1riosx+bLiPkYABsJzPU6G 7Noyo9nB46L2/F+kIddhOBWPmy7zbKw893BaX6jMc9+/gKBiViBeLbu2BBbmdcp7Fk6MCKu6AD/ 4+mGsbQvv7iOXO3S+iRcBXA/ICgoITUDT3T+zo9AnIyeeIfAdKCSOFOOgtImaIck+FbKaep6LVe esfJcc6Qv2pX9OWAjqgeSaDUYBAm1o4pOYXE0wWNbKSe8yHR2u87DFcB8rwMFgElUgKTIrA7JgZ Th3qJESnnErGHpae29dlhVASgrNjuACzj8omfrXa21XY3YnGIFV7syNb1FC0GfLNMgv2+zwpJAa /tB6xyxMgtMq0B7hwufUtzb9szeak/0Y9PMTdKK4570/1cXYB0fykm4Xs X-Google-Smtp-Source: AGHT+IHxVphbpBuI4g2ZTf16WcGhGFm1UvYvPW/G3/Q2xyoOu6/oo/ZQyapkcieYrWlN1utMsOAxJQ== X-Received: by 2002:a17:907:9406:b0:b04:4aa9:eec8 with SMTP id a640c23a62f3a-b044aaa4b0cmr1412828666b.17.1757066752259; Fri, 05 Sep 2025 03:05:52 -0700 (PDT) From: Gerald Elder-Vass To: Xen-devel Cc: Ross Lagerwall , Gerald Elder-Vass , =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= , "Daniel P. Smith" , Jan Beulich , Andrew Cooper , Anthony PERARD , Michal Orzel , Julien Grall , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Stefano Stabellini Subject: [PATCH v3 1/2] efi: Add a function to check if Secure Boot mode is enabled Date: Fri, 5 Sep 2025 10:05:31 +0000 Message-ID: <12c18a6d0c3cbbe17cee19f9fb4501d614c23ec3.1757066332.git.gerald.elder-vass@cloud.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @cloud.com) X-ZM-MESSAGEID: 1757066769495116600 From: Ross Lagerwall Also cache it to avoid needing to repeatedly ask the firmware. Signed-off-by: Ross Lagerwall Signed-off-by: Gerald Elder-Vass --- CC: Marek Marczykowski-G=C3=B3recki CC: "Daniel P. Smith" CC: Jan Beulich CC: Andrew Cooper CC: Anthony PERARD CC: Michal Orzel CC: Julien Grall CC: "Roger Pau Monn=C3=A9" CC: Stefano Stabellini v3: - Fix build on ARM --- xen/common/efi/boot.c | 24 ++++++++++++++++++++++++ xen/common/efi/runtime.c | 1 + xen/include/xen/efi.h | 2 ++ 3 files changed, 27 insertions(+) diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c index e12fa1a7ec04..e7e3dffa7ddc 100644 --- a/xen/common/efi/boot.c +++ b/xen/common/efi/boot.c @@ -901,6 +901,28 @@ static void __init pre_parse(const struct file *file) " last line will be ignored.\r\n"); } =20 +static void __init init_secure_boot_mode(void) +{ + static EFI_GUID __initdata gv_uuid =3D EFI_GLOBAL_VARIABLE; + EFI_STATUS status; + uint8_t data =3D 0; + UINTN size =3D sizeof(data); + UINT32 attr =3D 0; + + status =3D efi_rs->GetVariable((CHAR16 *)L"SecureBoot", &gv_uuid, &att= r, + &size, &data); + + if ( status =3D=3D EFI_NOT_FOUND || + (status =3D=3D EFI_SUCCESS && + attr =3D=3D (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNT= IME_ACCESS) && + size =3D=3D 1 && data =3D=3D 0) ) + /* Platform does not support Secure Boot or it's disabled. */ + efi_secure_boot =3D false; + else + /* Everything else play it safe and assume enabled. */ + efi_secure_boot =3D true; +} + static void __init efi_init(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *Syst= emTable) { efi_ih =3D ImageHandle; @@ -915,6 +937,8 @@ static void __init efi_init(EFI_HANDLE ImageHandle, EFI= _SYSTEM_TABLE *SystemTabl =20 StdOut =3D SystemTable->ConOut; StdErr =3D SystemTable->StdErr ?: StdOut; + + init_secure_boot_mode(); } =20 static void __init efi_console_set_mode(void) diff --git a/xen/common/efi/runtime.c b/xen/common/efi/runtime.c index 42386c6bde42..30d649ca5c1b 100644 --- a/xen/common/efi/runtime.c +++ b/xen/common/efi/runtime.c @@ -41,6 +41,7 @@ void efi_rs_leave(struct efi_rs_state *state); unsigned int __read_mostly efi_num_ct; const EFI_CONFIGURATION_TABLE *__read_mostly efi_ct; =20 +bool __ro_after_init efi_secure_boot; unsigned int __read_mostly efi_version; unsigned int __read_mostly efi_fw_revision; const CHAR16 *__read_mostly efi_fw_vendor; diff --git a/xen/include/xen/efi.h b/xen/include/xen/efi.h index 623ed2ccdf31..723cb8085270 100644 --- a/xen/include/xen/efi.h +++ b/xen/include/xen/efi.h @@ -36,6 +36,8 @@ static inline bool efi_enabled(unsigned int feature) } #endif =20 +extern bool efi_secure_boot; + void efi_init_memory(void); bool efi_boot_mem_unused(unsigned long *start, unsigned long *end); bool efi_rs_using_pgtables(void); --=20 2.47.3 From nobody Tue Sep 9 21:28:43 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=cloud.com ARC-Seal: i=1; a=rsa-sha256; t=1757066769; cv=none; d=zohomail.com; s=zohoarc; b=QpaNZM71ixVMhUNEO99wB/KP7FyxkbcaPPO6857S/rpm7uO52zCLplM37qqYDiHdH31dkhxxoeSC9EKmvGRQAvbpdIEh5D3lNkGbu+H24U3s52Kwfq7vBssmADlHwbcjeA9IoNKBYITAzom5WxZH6zQRt8TF/DlG4UzNC/r4O6A= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1757066769; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=jFZPIyv8H4QpNXncD0fLMakmtwdcF6geMMtEdUBtCi0=; b=FcBjt4LL50y496OuefpFQBcYTfWAZsKne1a9TOOGu1VUE2jEFpLAL8AhTAI2wR9wYg7Z3ly4dj3vIWduHxwCqkJ5A8Cmf6w1nwtPIv+H26OXx7naTHluxFQTatsEqiBc32Y/e+gENQ/3UdhmkQM13qeSVOLpSRQjURUBj3lXgsQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1757066769737784.3692596426828; Fri, 5 Sep 2025 03:06:09 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1111583.1460255 (Exim 4.92) (envelope-from ) id 1uuTKP-0008Jg-7q; Fri, 05 Sep 2025 10:05:57 +0000 Received: by outflank-mailman (output) from mailman id 1111583.1460255; Fri, 05 Sep 2025 10:05:57 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uuTKP-0008JX-4D; Fri, 05 Sep 2025 10:05:57 +0000 Received: by outflank-mailman (input) for mailman id 1111583; Fri, 05 Sep 2025 10:05:56 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1uuTKN-0007UC-Ul for xen-devel@lists.xenproject.org; Fri, 05 Sep 2025 10:05:55 +0000 Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [2a00:1450:4864:20::62f]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id e8b27d3d-8a3f-11f0-9809-7dc792cee155; Fri, 05 Sep 2025 12:05:54 +0200 (CEST) Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-b042cc39551so350006966b.0 for ; Fri, 05 Sep 2025 03:05:54 -0700 (PDT) Received: from eddie5.eng.citrite.net ([185.25.67.249]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-b046aa92242sm589136366b.59.2025.09.05.03.05.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 05 Sep 2025 03:05:52 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: e8b27d3d-8a3f-11f0-9809-7dc792cee155 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloud.com; s=cloud; t=1757066753; x=1757671553; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jFZPIyv8H4QpNXncD0fLMakmtwdcF6geMMtEdUBtCi0=; b=iqnWYmtZM9StToG99kxQA8XvqSwssKTkX0YqXbHor56a+6SalalQkwyOo3RoBJBglC Q8EOEU4SmAq42XLbKjbssUt31o9Q8BSmGJ3he1Nwq75rcbnp1fmm6ymaVhQs0pTJfhqF CA08cBRRkjsBjijk1mfS2vabRWgoAtsE1YC/o= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1757066753; x=1757671553; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jFZPIyv8H4QpNXncD0fLMakmtwdcF6geMMtEdUBtCi0=; b=qtSJhGUhRcwTIJtFmH5ncL/w09VeoaVe8LnrykoJqhTwgKx6FEMsQKf9ZECL2CJ6Bb ZIC62kKQfxSuKzlM0qSJVuGfT6wbRDc0n973Y5btNzYeZEMDwBDJi0EUKs5gkP3uEcHm qCcb9we9qNSI3OkKYx8t0PIEVYYh9XfUu2Os8OAt8MVN/JdgJJzIM9sz5MPzSL48mwcL Ripb/brPQfTbCGJBew/BnJCBCXHLxmWEKEte7BPC46dwPUzj8Ou/gLKbYqHIyjV36uOt XWAVj9C/YT9gJj7J/tMgzvXFnLr9XyFoivCT7UZXAlPBSaLxqxVeR6Px8dGLOkAjbqJG BI6w== X-Gm-Message-State: AOJu0YxGHWiiC507u4kTFS8O/YyCSGR4liwj60qDtM4582oDKzeRLPsp NKL5o2w14onjmzRuRZWml6Gfyeni2DeyuLXCB5/NWLgelcf+9i/dK26XQEPisr7raezmh/43FUs 13B6OjrE= X-Gm-Gg: ASbGncuavkKWpM1PPkW1Lmuc+Q636NFmzzJoAOzkagbgGq2yFxiJ5rhRwny0kw1vYO7 UykTxBNTehhkAUIW5AL9R4o7W5FzvFYFpzxKw1hIu5izqZwo/SseVKXtP7ouTxkG/yC5dYzk7zx VW3J5VcAUhhc5WA1IBBmA9EvdF8M+fVeoHJIRq6oRxGJsaP6EW6NX8C1ZXpMOPejDuqkoM4Uw9x BjbRD/ZYcmyvXSOOC3pgytQbSD3aMcz6HifI+vUxXiWMD6amFOh4oE0/KXJepzsLyxIm3LxulRn HVQuGfIJ+ov2VnwIpFIz0ki5eFu1umREBh86SlPlShjNWd5M1cj0/kgP/AvKNUCf8zNrk3wWE5S SNIUXFPKuHZNJpooJI8vkNS9O9N5LmCjvHbDo+JhS48I8lleeIiW3xQw4 X-Google-Smtp-Source: AGHT+IH1uJXgc+Og0UAYVQaB/CKdTRswzWM/Ns9vG0UwIwswegVos1qeIoJ7Tku7FNeKt/rXmG0zfA== X-Received: by 2002:a17:907:720d:b0:b04:5a68:8686 with SMTP id a640c23a62f3a-b045a688d92mr1293084266b.4.1757066753266; Fri, 05 Sep 2025 03:05:53 -0700 (PDT) From: Gerald Elder-Vass To: Xen-devel Cc: Gerald Elder-Vass , Kevin Lampis , =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= , "Daniel P. Smith" , Jan Beulich , Andrew Cooper , Anthony PERARD , Michal Orzel , Julien Grall , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Stefano Stabellini Subject: [PATCH v3 2/2] efi: Support using Shim's LoadImage protocol Date: Fri, 5 Sep 2025 10:05:32 +0000 Message-ID: <7f4a47d5dacf5b2db2ddd2ac72c5e0f236f9be46.1757066332.git.gerald.elder-vass@cloud.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @cloud.com) X-ZM-MESSAGEID: 1757066775501116600 The existing Verify functionality of the Shim lock protocol is deprecated and will be removed, the alternative it to use the LoadImage interface to perform the verification. When the loading is successful we won't be using the newly loaded image (as of yet) so we must then immediately unload the image to clean up. If the LoadImage protocol isn't available then fall back to the Shim Lock (Verify) interface. Log when the kernel is not verified and fail if this occurs when secure boot mode is enabled. Signed-off-by: Gerald Elder-Vass Signed-off-by: Kevin Lampis --- CC: Marek Marczykowski-G=C3=B3recki CC: "Daniel P. Smith" CC: Jan Beulich CC: Andrew Cooper CC: Anthony PERARD CC: Michal Orzel CC: Julien Grall CC: "Roger Pau Monn=C3=A9" CC: Stefano Stabellini v3: - Use Shim Image by default, fall back to Shim Lock --- xen/common/efi/boot.c | 59 +++++++++++++++++++++++++++++++++++++------ 1 file changed, 51 insertions(+), 8 deletions(-) diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c index e7e3dffa7ddc..1f63473d264d 100644 --- a/xen/common/efi/boot.c +++ b/xen/common/efi/boot.c @@ -38,6 +38,8 @@ { 0xf2fd1544U, 0x9794, 0x4a2c, {0x99, 0x2e, 0xe5, 0xbb, 0xcf, 0x20, 0xe3= , 0x94} } #define SHIM_LOCK_PROTOCOL_GUID \ { 0x605dab50U, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b= , 0x23} } +#define SHIM_IMAGE_LOADER_GUID \ + { 0x1f492041U, 0xfadb, 0x4e59, {0x9e, 0x57, 0x7c, 0xaf, 0xe7, 0x3a, 0x55= , 0xab} } #define APPLE_PROPERTIES_PROTOCOL_GUID \ { 0x91bd12feU, 0xf6c3, 0x44fb, {0xa5, 0xb7, 0x51, 0x22, 0xab, 0x30, 0x3a= , 0xe0} } #define EFI_SYSTEM_RESOURCE_TABLE_GUID \ @@ -70,6 +72,13 @@ typedef struct { EFI_SHIM_LOCK_VERIFY Verify; } EFI_SHIM_LOCK_PROTOCOL; =20 +typedef struct _SHIM_IMAGE_LOADER { + EFI_IMAGE_LOAD LoadImage; + EFI_IMAGE_START StartImage; + EFI_EXIT Exit; + EFI_IMAGE_UNLOAD UnloadImage; +} SHIM_IMAGE_LOADER; + struct _EFI_APPLE_PROPERTIES; =20 typedef EFI_STATUS @@ -1047,6 +1056,46 @@ static UINTN __init efi_find_gop_mode(EFI_GRAPHICS_O= UTPUT_PROTOCOL *gop, return gop_mode; } =20 +static void __init efi_verify_kernel(EFI_HANDLE ImageHandle) +{ + static EFI_GUID __initdata shim_image_guid =3D SHIM_IMAGE_LOADER_GUID; + static EFI_GUID __initdata shim_lock_guid =3D SHIM_LOCK_PROTOCOL_GUID; + SHIM_IMAGE_LOADER *shim_loader; + EFI_HANDLE loaded_kernel; + EFI_SHIM_LOCK_PROTOCOL *shim_lock; + EFI_STATUS status; + bool verified =3D false; + + /* Look for LoadImage first */ + if ( !EFI_ERROR(efi_bs->LocateProtocol(&shim_image_guid, NULL, + (void **)&shim_loader)) ) + { + status =3D shim_loader->LoadImage(false, ImageHandle, NULL, + (void *)kernel.ptr, kernel.size, + &loaded_kernel); + if ( !EFI_ERROR(status) ) + verified =3D true; + + /* LoadImage performed verification, now clean up with UnloadImage= */ + shim_loader->UnloadImage(loaded_kernel); + } + + /* else fall back to Shim Lock */ + if ( !verified && + !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL, + (void **)&shim_lock)) && + !EFI_ERROR(shim_lock->Verify(kernel.ptr, kernel.size)) ) + verified =3D true; + + if ( !verified ) + { + PrintStr(L"Kernel was not verified\n"); + + if ( efi_secure_boot ) + blexit(L"Failed to verify kernel"); + } +} + static void __init efi_tables(void) { unsigned int i; @@ -1334,13 +1383,11 @@ void EFIAPI __init noreturn efi_start(EFI_HANDLE Im= ageHandle, EFI_SYSTEM_TABLE *SystemTable) { static EFI_GUID __initdata loaded_image_guid =3D LOADED_IMAGE_PROTOCOL; - static EFI_GUID __initdata shim_lock_guid =3D SHIM_LOCK_PROTOCOL_GUID; EFI_LOADED_IMAGE *loaded_image; EFI_STATUS status; unsigned int i; CHAR16 *file_name, *cfg_file_name =3D NULL, *options =3D NULL; UINTN gop_mode =3D ~0; - EFI_SHIM_LOCK_PROTOCOL *shim_lock; EFI_GRAPHICS_OUTPUT_PROTOCOL *gop =3D NULL; union string section =3D { NULL }, name; bool base_video =3D false; @@ -1591,12 +1638,8 @@ void EFIAPI __init noreturn efi_start(EFI_HANDLE Ima= geHandle, * device tree through the efi_check_dt_boot function, in this stage * verify it. */ - if ( kernel.ptr && - !kernel_verified && - !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL, - (void **)&shim_lock)) && - (status =3D shim_lock->Verify(kernel.ptr, kernel.size)) !=3D EFI_= SUCCESS ) - PrintErrMesg(L"Dom0 kernel image could not be verified", status); + if ( kernel.ptr && !kernel_verified ) + efi_verify_kernel(ImageHandle); =20 efi_arch_edd(); =20 --=20 2.47.3