Version in base suite: 15.4-7 Version in overlay suite: 15.6-1~deb11u1 Base version: shim_15.6-1~deb11u1 Target version: shim_15.7-1~deb11u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/s/shim/shim_15.6-1~deb11u1.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/s/shim/shim_15.7-1~deb11u1.dsc Cryptlib/Pk/CryptAuthenticode.c | 4 Make.defaults | 2 Makefile | 9 README.md | 2 commit | 2 data/sbat.csv | 2 debian/changelog | 14 + debian/patches/Enable-NX.patch | 79 +++++++ debian/patches/Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch | 104 ++++++++++ debian/patches/aarch64-shim-old.patch | 9 debian/patches/block-grub-sbat3-debian.patch | 19 + debian/patches/series | 3 elf_aarch64_efi.lds | 4 elf_ia32_efi.lds | 4 elf_ia64_efi.lds | 4 elf_x86_64_efi.lds | 4 include/cc.h | 85 ++++++++ include/compiler.h | 6 include/guid.h | 1 include/sbat.h | 32 --- include/sbat_var_defs.h | 45 ++++ include/test.mk | 2 include/ucs2.h | 18 - lib/guid.c | 1 load-options.c | 7 make-archive | 4 model.c | 23 ++ mok.c | 1 pe.c | 5 sbat.c | 21 +- sbat_var.S | 20 + shim.c | 18 - shim.h | 2 tpm.c | 48 ++++ 34 files changed, 520 insertions(+), 84 deletions(-) diff -Nru shim-15.6/Cryptlib/Pk/CryptAuthenticode.c shim-15.7/Cryptlib/Pk/CryptAuthenticode.c --- shim-15.6/Cryptlib/Pk/CryptAuthenticode.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/Cryptlib/Pk/CryptAuthenticode.c 1970-01-01 00:00:00.000000000 +0000 @@ -9,7 +9,7 @@ AuthenticodeVerify() will get PE/COFF Authenticode and will do basic check for data structure. -Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -106,7 +106,7 @@ // // Check if it's PKCS#7 Signed Data (for Authenticode Scenario) // - if (!PKCS7_type_is_signed (Pkcs7)) { + if (!PKCS7_type_is_signed (Pkcs7) || PKCS7_get_detached (Pkcs7)) { goto _Exit; } diff -Nru shim-15.6/Make.defaults shim-15.7/Make.defaults --- shim-15.6/Make.defaults 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/Make.defaults 1970-01-01 00:00:00.000000000 +0000 @@ -71,7 +71,7 @@ endif ifeq ($(ARCH),ia32) ARCH_CFLAGS ?= -mno-mmx -mno-sse -mno-red-zone -nostdinc \ - $(CLANG_BUGS) -m32 \ + $(CLANG_BUGS) -m32 -malign-double \ -DMDE_CPU_IA32 -DPAGE_SIZE=4096 ARCH_GNUEFI ?= ia32 ARCH_SUFFIX ?= ia32 diff -Nru shim-15.6/Makefile shim-15.7/Makefile --- shim-15.6/Makefile 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/Makefile 1970-01-01 00:00:00.000000000 +0000 @@ -1,7 +1,7 @@ default : all NAME = shim -VERSION = 15.6 +VERSION = 15.7 ifneq ($(origin RELEASE),undefined) DASHRELEASE ?= -$(RELEASE) else @@ -38,9 +38,9 @@ else TARGETS += $(MMNAME) $(FBNAME) endif -OBJS = shim.o globals.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o pe.o httpboot.o csv.o load-options.o +OBJS = shim.o globals.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o sbat_var.o pe.o httpboot.o csv.o load-options.o KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer -ORIG_SOURCES = shim.c globals.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h) cert.S +ORIG_SOURCES = shim.c globals.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h) cert.S sbat_var.S MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o errlog.o sbat_data.o globals.o ORIG_MOK_SOURCES = MokManager.c PasswordCrypt.c crypt_blowfish.c shim.h $(wildcard include/*.h) FALLBACK_OBJS = fallback.o tpm.o errlog.o sbat_data.o globals.o @@ -253,7 +253,7 @@ $(OBJCOPY) -D -j .text -j .sdata -j .data -j .data.ident \ -j .dynamic -j .rodata -j .rel* \ -j .rela* -j .dyn -j .reloc -j .eh_frame \ - -j .vendor_cert -j .sbat \ + -j .vendor_cert -j .sbat -j .sbatlevel \ $(FORMAT) $< $@ ./post-process-pe -vv $@ @@ -269,6 +269,7 @@ $(OBJCOPY) -D -j .text -j .sdata -j .data \ -j .dynamic -j .rodata -j .rel* \ -j .rela* -j .dyn -j .reloc -j .eh_frame -j .sbat \ + -j .sbatlevel \ -j .debug_info -j .debug_abbrev -j .debug_aranges \ -j .debug_line -j .debug_str -j .debug_ranges \ -j .note.gnu.build-id \ diff -Nru shim-15.6/README.md shim-15.7/README.md --- shim-15.6/README.md 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/README.md 1970-01-01 00:00:00.000000000 +0000 @@ -23,3 +23,5 @@ There are a couple of build options, and a couple of ways to customize the build, described in [BUILDING](BUILDING). + +See the [test plan](testplan.txt), and file a ticket if anything fails! diff -Nru shim-15.6/commit shim-15.7/commit --- shim-15.6/commit 2022-06-01 18:27:14.000000000 +0000 +++ shim-15.7/commit 1970-01-01 00:00:00.000000000 +0000 @@ -1 +1 @@ -505cdb678b319fcf9a7fdee77c0f091b4147cbe5 \ No newline at end of file +11491619f4336fef41c3519877ba242161763580 \ No newline at end of file diff -Nru shim-15.6/data/sbat.csv shim-15.7/data/sbat.csv --- shim-15.6/data/sbat.csv 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/data/sbat.csv 1970-01-01 00:00:00.000000000 +0000 @@ -1,2 +1,2 @@ sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md -shim,2,UEFI shim,shim,1,https://github.com/rhboot/shim +shim,3,UEFI shim,shim,1,https://github.com/rhboot/shim diff -Nru shim-15.6/debian/changelog shim-15.7/debian/changelog --- shim-15.6/debian/changelog 2022-07-28 07:22:35.000000000 +0000 +++ shim-15.7/debian/changelog 2023-01-31 09:41:03.000000000 +0000 @@ -1,3 +1,17 @@ +shim (15.7-1~deb11u1) bullseye; urgency=medium + + * New upstream release fixing more bugs + * Add further patches from upstream: + + Make sbat_var.S parse right with buggy gcc/binutils + + Enable NX support at build time, as required by policy for signing + new shim binaries. + * Block Debian grub binaries with sbat < 4 (see #1024617) + * Rebuild for bullseye + + Add patches reverting arm64 build system changes so we can + build using older binutils. + + -- Steve McIntyre <93sam@debian.org> Tue, 31 Jan 2023 10:41:03 +0100 + shim (15.6-1~deb11u1) bullseye; urgency=medium * New upstream release fixing more bugs diff -Nru shim-15.6/debian/patches/Enable-NX.patch shim-15.7/debian/patches/Enable-NX.patch --- shim-15.6/debian/patches/Enable-NX.patch 1970-01-01 00:00:00.000000000 +0000 +++ shim-15.7/debian/patches/Enable-NX.patch 2023-01-31 09:41:03.000000000 +0000 @@ -0,0 +1,79 @@ +commit 7c7642530fab73facaf3eac233cfbce29e10b0ef +Author: Peter Jones +Date: Thu Nov 17 12:31:31 2022 -0500 + + Enable the NX compatibility flag by default. + + Currently by default, when we build shim we do not set the PE + NX-compatibility DLL Characteristic flag. This signifies to the + firmware that shim (including the components it loads) is not prepared + for several related firmware changes: + + - non-executable stack + - non-executable pages from AllocatePages()/AllocatePool()/etc. + - non-writable 0 page (not strictly related but some firmware will be + transitioning at the same time) + - the need to use the UEFI 2.10 Memory Attribute Protocol to set page + permissions. + + This patch changes that default to be enabled by default. Distributors + of shim will need to ensure that either their builds disable this bit + (using "post-process-pe -N"), or that the bootloaders and kernels you + support loading are all compliant with this change. A new make + variable, POST_PROCESS_PE_FLAGS, has been added to simplify doing so. + + Signed-off-by: Peter Jones + +diff --git a/BUILDING b/BUILDING +index 3b2e85d3..17cd98d3 100644 +--- a/BUILDING ++++ b/BUILDING +@@ -78,6 +78,9 @@ Variables you could set to customize the build: + - OSLABEL + This is the label that will be put in BOOT$(EFI_ARCH).CSV for your OS. + By default this is the same value as EFIDIR . ++- POST_PROCESS_PE_FLAGS ++ This allows you to add flags to the invocation of "post-process-pe", for ++ example to disable the NX compatibility flag. + + Vendor SBAT data: + It will sometimes be requested by reviewers that a build includes extra +diff --git a/Make.defaults b/Make.defaults +index c46164a3..9af89f4e 100644 +--- a/Make.defaults ++++ b/Make.defaults +@@ -139,6 +139,8 @@ CFLAGS = $(FEATUREFLAGS) \ + $(INCLUDES) \ + $(DEFINES) + ++POST_PROCESS_PE_FLAGS = ++ + ifneq ($(origin OVERRIDE_SECURITY_POLICY), undefined) + DEFINES += -DOVERRIDE_SECURITY_POLICY + endif +diff --git a/Makefile b/Makefile +index a9202f46..f0f53f8f 100644 +--- a/Makefile ++++ b/Makefile +@@ -255,7 +255,7 @@ endif + -j .rela* -j .dyn -j .reloc -j .eh_frame \ + -j .vendor_cert -j .sbat -j .sbatlevel \ + $(FORMAT) $< $@ +- ./post-process-pe -vv $@ ++ ./post-process-pe -vv $(POST_PROCESS_PE_FLAGS) $@ + + ifneq ($(origin ENABLE_SHIM_HASH),undefined) + %.hash : %.efi +diff --git a/post-process-pe.c b/post-process-pe.c +index de8f4a38..f39fdddf 100644 +--- a/post-process-pe.c ++++ b/post-process-pe.c +@@ -42,7 +42,7 @@ static int verbosity; + 0; \ + }) + +-static bool set_nx_compat = false; ++static bool set_nx_compat = true; + + typedef uint8_t UINT8; + typedef uint16_t UINT16; diff -Nru shim-15.6/debian/patches/Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch shim-15.7/debian/patches/Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch --- shim-15.6/debian/patches/Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch 1970-01-01 00:00:00.000000000 +0000 +++ shim-15.7/debian/patches/Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch 2023-01-31 09:41:03.000000000 +0000 @@ -0,0 +1,104 @@ +From 657b2483ca6e9fcf2ad8ac7ee577ff546d24c3aa Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Mon, 5 Dec 2022 17:57:36 -0500 +Subject: [PATCH] Make sbat_var.S parse right with buggy gcc/binutils + +In https://github.com/rhboot/shim/issues/533 , iokomin noticed that +gas in binutils before 2.36 appears to be incorrectly concatenating +string literals in '.asciz' directives, including an extra NUL character +in between the strings, and this will cause us to incorrectly parse the +.sbatlevel section in shim binaries. + +This patch adds test cases that will cause the build to fail if this has +happened, as well as changing sbat_var.S to to use '.ascii' and '.byte' +to construct the data, rather than using '.asciz'. + +Signed-off-by: Peter Jones +--- + include/test.mk | 2 +- + sbat_var.S | 6 ++++-- + test-sbat.c | 32 ++++++++++++++++++++++++++++++++ + 3 files changed, 37 insertions(+), 3 deletions(-) + +diff --git a/include/test.mk b/include/test.mk +index c0e24095..c37b8446 100644 +--- a/include/test.mk ++++ b/include/test.mk +@@ -92,7 +92,7 @@ test-mock-variables: CFLAGS+=-DHAVE_SHIM_LOCK_GUID + test-mok-mirror_FILES = mok.c globals.c tpm.c lib/guid.c lib/variables.c mock-variables.c + test-mok-mirror: CFLAGS+=-DHAVE_START_IMAGE -DHAVE_SHIM_LOCK_GUID + +-test-sbat_FILES = csv.c lib/variables.c lib/guid.c sbat_var.S ++test-sbat_FILES = csv.c lib/variables.c lib/guid.c sbat_var.S mock-variables.c + test-sbat :: CFLAGS+=-DHAVE_GET_VARIABLE -DHAVE_GET_VARIABLE_ATTR -DHAVE_SHIM_LOCK_GUID + + test-str_FILES = lib/string.c +diff --git a/sbat_var.S b/sbat_var.S +index a115077a..2a813a40 100644 +--- a/sbat_var.S ++++ b/sbat_var.S +@@ -14,7 +14,9 @@ sbat_var_payload_header: + .Lsbat_var_payload_header_end: + .balign 1, 0 + .Lsbat_var_previous: +- .asciz SBAT_VAR_PREVIOUS ++ .ascii SBAT_VAR_PREVIOUS ++ .byte 0 + .balign 1, 0 + .Lsbat_var_latest: +- .asciz SBAT_VAR_LATEST ++ .ascii SBAT_VAR_LATEST ++ .byte 0 +diff --git a/test-sbat.c b/test-sbat.c +index 72bebe7a..65bc6a84 100644 +--- a/test-sbat.c ++++ b/test-sbat.c +@@ -1107,6 +1107,36 @@ test_preserve_sbat_uefi_variable_bad_short(void) + return 0; + } + ++static int ++test_sbat_var_asciz(void) ++{ ++ EFI_STATUS status; ++ char buf[1024] = ""; ++ UINT32 attrs = 0; ++ UINTN size = sizeof(buf); ++ char expected[] = SBAT_VAR_PREVIOUS; ++ ++ status = set_sbat_uefi_variable(); ++ if (status != EFI_SUCCESS) ++ return -1; ++ ++ status = RT->GetVariable(SBAT_VAR_NAME, &SHIM_LOCK_GUID, &attrs, &size, buf); ++ if (status != EFI_SUCCESS) ++ return -1; ++ ++ /* ++ * this should be enough to get past "sbat,", which handles the ++ * first error. ++ */ ++ if (size < (strlen(SBAT_VAR_SIG) + 2) || size != strlen(expected)) ++ return -1; ++ ++ if (strncmp(expected, buf, size) != 0) ++ return -1; ++ ++ return 0; ++} ++ + int + main(void) + { +@@ -1155,6 +1185,8 @@ main(void) + test(test_preserve_sbat_uefi_variable_version_older); + test(test_preserve_sbat_uefi_variable_version_olderlonger); + ++ test(test_sbat_var_asciz); ++ + return 0; + } + +-- +2.30.2 + diff -Nru shim-15.6/debian/patches/aarch64-shim-old.patch shim-15.7/debian/patches/aarch64-shim-old.patch --- shim-15.6/debian/patches/aarch64-shim-old.patch 2022-07-28 07:10:35.000000000 +0000 +++ shim-15.7/debian/patches/aarch64-shim-old.patch 2023-01-31 09:41:03.000000000 +0000 @@ -20,10 +20,10 @@ endif ifeq ($(ARCH),arm) diff --git a/elf_aarch64_efi.lds b/elf_aarch64_efi.lds -index 60c55ba5..42825fd9 100644 +index 0861f5e8..3837b98b 100644 --- a/elf_aarch64_efi.lds +++ b/elf_aarch64_efi.lds -@@ -3,94 +3,109 @@ OUTPUT_ARCH(aarch64) +@@ -3,98 +3,110 @@ OUTPUT_ARCH(aarch64) ENTRY(_start) SECTIONS { @@ -57,6 +57,10 @@ - . = ALIGN(4096); - .data.ident : { - *(.data.ident) +- } +- . = ALIGN(4096); +- .sbatlevel : { +- *(.sbatlevel) + .text 0x0 : { + _text = .; + *(.text.head) @@ -138,6 +142,7 @@ + . = ALIGN(4096); + *(.vendor_cert) + *(.data.ident) ++ *(.sbatlevel) + . = ALIGN(4096); + } . = ALIGN(4096); diff -Nru shim-15.6/debian/patches/block-grub-sbat3-debian.patch shim-15.7/debian/patches/block-grub-sbat3-debian.patch --- shim-15.6/debian/patches/block-grub-sbat3-debian.patch 1970-01-01 00:00:00.000000000 +0000 +++ shim-15.7/debian/patches/block-grub-sbat3-debian.patch 2023-01-31 09:41:03.000000000 +0000 @@ -0,0 +1,19 @@ +diff --git a/include/sbat_var_defs.h b/include/sbat_var_defs.h +index 6b01573e..5b1a764f 100644 +--- a/include/sbat_var_defs.h ++++ b/include/sbat_var_defs.h +@@ -35,8 +35,12 @@ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ + SBAT_VAR_PREVIOUS_REVOCATIONS + +-#define SBAT_VAR_LATEST_DATE "2022111500" +-#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,3\n" ++/* ++ * Debian's grub.3 update was broken - some binaries included the SBAT ++ * data update but not the security patches :-( ++ */ ++#define SBAT_VAR_LATEST_DATE "2023012900" ++#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,3\ngrub.debian,4\n" + #define SBAT_VAR_LATEST \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ + SBAT_VAR_LATEST_REVOCATIONS diff -Nru shim-15.6/debian/patches/series shim-15.7/debian/patches/series --- shim-15.6/debian/patches/series 2022-07-28 07:10:35.000000000 +0000 +++ shim-15.7/debian/patches/series 2023-01-31 09:41:03.000000000 +0000 @@ -1,2 +1,5 @@ aarch64-gnuefi-old.patch aarch64-shim-old.patch +Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch +Enable-NX.patch +block-grub-sbat3-debian.patch diff -Nru shim-15.6/elf_aarch64_efi.lds shim-15.7/elf_aarch64_efi.lds --- shim-15.6/elf_aarch64_efi.lds 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/elf_aarch64_efi.lds 1970-01-01 00:00:00.000000000 +0000 @@ -34,6 +34,10 @@ .data.ident : { *(.data.ident) } + . = ALIGN(4096); + .sbatlevel : { + *(.sbatlevel) + } . = ALIGN(4096); .data : diff -Nru shim-15.6/elf_ia32_efi.lds shim-15.7/elf_ia32_efi.lds --- shim-15.6/elf_ia32_efi.lds 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/elf_ia32_efi.lds 1970-01-01 00:00:00.000000000 +0000 @@ -28,6 +28,10 @@ .data.ident : { *(.data.ident) } + . = ALIGN(4096); + .sbatlevel : { + *(.sbatlevel) + } . = ALIGN(4096); .data : diff -Nru shim-15.6/elf_ia64_efi.lds shim-15.7/elf_ia64_efi.lds --- shim-15.6/elf_ia64_efi.lds 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/elf_ia64_efi.lds 1970-01-01 00:00:00.000000000 +0000 @@ -34,6 +34,10 @@ .data.ident : { *(.data.ident) } + . = ALIGN(4096); + .sbatlevel : { + *(.sbatlevel) + } . = ALIGN(4096); .data : diff -Nru shim-15.6/elf_x86_64_efi.lds shim-15.7/elf_x86_64_efi.lds --- shim-15.6/elf_x86_64_efi.lds 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/elf_x86_64_efi.lds 1970-01-01 00:00:00.000000000 +0000 @@ -35,6 +35,10 @@ .data.ident : { *(.data.ident) } + . = ALIGN(4096); + .sbatlevel : { + *(.sbatlevel) + } . = ALIGN(4096); .data : diff -Nru shim-15.6/include/cc.h shim-15.7/include/cc.h --- shim-15.6/include/cc.h 1970-01-01 00:00:00.000000000 +0000 +++ shim-15.7/include/cc.h 1970-01-01 00:00:00.000000000 +0000 @@ -0,0 +1,85 @@ +// SPDX-License-Identifier: BSD-2-Clause-Patent + +#ifndef SHIM_CC_H +#define SHIM_CC_H + +typedef struct { + uint8_t Major; + uint8_t Minor; +} EFI_CC_VERSION; + +#define EFI_CC_TYPE_NONE 0 +#define EFI_CC_TYPE_SEV 1 +#define EFI_CC_TYPE_TDX 2 + +typedef struct { + uint8_t Type; + uint8_t SubType; +} EFI_CC_TYPE; + +typedef uint32_t EFI_CC_EVENT_LOG_BITMAP; +typedef uint32_t EFI_CC_EVENT_LOG_FORMAT; +typedef uint32_t EFI_CC_EVENT_ALGORITHM_BITMAP; +typedef uint32_t EFI_CC_MR_INDEX; + +#define TDX_MR_INDEX_MRTD 0 +#define TDX_MR_INDEX_RTMR0 1 +#define TDX_MR_INDEX_RTMR1 2 +#define TDX_MR_INDEX_RTMR2 3 +#define TDX_MR_INDEX_RTMR3 4 + +#define EFI_CC_EVENT_LOG_FORMAT_TCG_2 0x00000002 +#define EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004 +#define EFI_CC_EVENT_HEADER_VERSION 1 + +typedef struct tdEFI_CC_EVENT_HEADER { + uint32_t HeaderSize; + uint16_t HeaderVersion; + EFI_CC_MR_INDEX MrIndex; + uint32_t EventType; +} __attribute__((packed)) EFI_CC_EVENT_HEADER; + +typedef struct tdEFI_CC_EVENT { + uint32_t Size; + EFI_CC_EVENT_HEADER Header; + uint8_t Event[1]; +} __attribute__((packed)) EFI_CC_EVENT; + +typedef struct tdEFI_CC_BOOT_SERVICE_CAPABILITY { + uint8_t Size; + EFI_CC_VERSION StructureVersion; + EFI_CC_VERSION ProtocolVersion; + EFI_CC_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap; + EFI_CC_EVENT_LOG_BITMAP SupportedEventLogs; + EFI_CC_TYPE CcType; +} EFI_CC_BOOT_SERVICE_CAPABILITY; + +struct efi_cc_protocol +{ + EFI_STATUS (EFIAPI *get_capability) ( + struct efi_cc_protocol *this, + EFI_CC_BOOT_SERVICE_CAPABILITY *ProtocolCapability); + EFI_STATUS (EFIAPI *get_event_log) ( + struct efi_cc_protocol *this, + EFI_CC_EVENT_LOG_FORMAT EventLogFormat, + EFI_PHYSICAL_ADDRESS *EventLogLocation, + EFI_PHYSICAL_ADDRESS *EventLogLastEntry, + BOOLEAN *EventLogTruncated); + EFI_STATUS (EFIAPI *hash_log_extend_event) ( + struct efi_cc_protocol *this, + uint64_t Flags, + EFI_PHYSICAL_ADDRESS DataToHash, + uint64_t DataToHashLen, + EFI_CC_EVENT *EfiCcEvent); + EFI_STATUS (EFIAPI *map_pcr_to_mr_index) ( + struct efi_cc_protocol *this, + uint32_t PcrIndex, + EFI_CC_MR_INDEX *MrIndex); +}; + +typedef struct efi_cc_protocol efi_cc_protocol_t; + +#define EFI_CC_FLAG_PE_COFF_IMAGE 0x0000000000000010 + +#endif /* SHIM_CC_H */ +// vim:fenc=utf-8:tw=75 diff -Nru shim-15.6/include/compiler.h shim-15.7/include/compiler.h --- shim-15.6/include/compiler.h 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/include/compiler.h 1970-01-01 00:00:00.000000000 +0000 @@ -192,5 +192,11 @@ */ #define unreachable() __builtin_unreachable() +#if defined(__GNUC__) +#define cache_invalidate(begin, end) __builtin___clear_cache(begin, end) +#else /* __GNUC__ */ +#error shim has no cache_invalidate() implementation for this compiler +#endif /* __GNUC__ */ + #endif /* !COMPILER_H_ */ // vim:fenc=utf-8:tw=75:et diff -Nru shim-15.6/include/guid.h shim-15.7/include/guid.h --- shim-15.6/include/guid.h 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/include/guid.h 1970-01-01 00:00:00.000000000 +0000 @@ -29,6 +29,7 @@ extern EFI_GUID EFI_LOADED_IMAGE_GUID; extern EFI_GUID EFI_TPM_GUID; extern EFI_GUID EFI_TPM2_GUID; +extern EFI_GUID EFI_CC_MEASUREMENT_PROTOCOL_GUID; extern EFI_GUID EFI_SECURE_BOOT_DB_GUID; extern EFI_GUID EFI_SIMPLE_FILE_SYSTEM_GUID; extern EFI_GUID SECURITY_PROTOCOL_GUID; diff -Nru shim-15.6/include/sbat.h shim-15.7/include/sbat.h --- shim-15.6/include/sbat.h 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/include/sbat.h 1970-01-01 00:00:00.000000000 +0000 @@ -6,38 +6,6 @@ #ifndef SBAT_H_ #define SBAT_H_ -#define SBAT_VAR_SIG "sbat," -#define SBAT_VAR_VERSION "1," -#define SBAT_VAR_ORIGINAL_DATE "2021030218" -#define SBAT_VAR_ORIGINAL \ - SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_ORIGINAL_DATE "\n" - -#if defined(ENABLE_SHIM_DEVEL) -#define SBAT_VAR_PREVIOUS_DATE "2022020101" -#define SBAT_VAR_PREVIOUS_REVOCATIONS "component,2\n" -#define SBAT_VAR_PREVIOUS \ - SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ - SBAT_VAR_PREVIOUS_REVOCATIONS - -#define SBAT_VAR_LATEST_DATE "2022050100" -#define SBAT_VAR_LATEST_REVOCATIONS "component,2\nothercomponent,2\n" -#define SBAT_VAR_LATEST \ - SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ - SBAT_VAR_LATEST_REVOCATIONS -#else /* !ENABLE_SHIM_DEVEL */ -#define SBAT_VAR_PREVIOUS_DATE SBAT_VAR_ORIGINAL_DATE -#define SBAT_VAR_PREVIOUS_REVOCATIONS -#define SBAT_VAR_PREVIOUS \ - SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ - SBAT_VAR_PREVIOUS_REVOCATIONS - -#define SBAT_VAR_LATEST_DATE "2022052400" -#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,2\n" -#define SBAT_VAR_LATEST \ - SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ - SBAT_VAR_LATEST_REVOCATIONS -#endif /* ENABLE_SHIM_DEVEL */ - #define UEFI_VAR_NV_BS \ (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS) #define UEFI_VAR_NV_BS_RT \ diff -Nru shim-15.6/include/sbat_var_defs.h shim-15.7/include/sbat_var_defs.h --- shim-15.6/include/sbat_var_defs.h 1970-01-01 00:00:00.000000000 +0000 +++ shim-15.7/include/sbat_var_defs.h 1970-01-01 00:00:00.000000000 +0000 @@ -0,0 +1,45 @@ +// SPDX-License-Identifier: BSD-2-Clause-Patent + +#ifndef SBAT_VAR_DEFS_H_ +#define SBAT_VAR_DEFS_H_ + +/* + * This is the entry for the sbat data format + */ +#define SBAT_VAR_SIG "sbat," +#define SBAT_VAR_VERSION "1," +#define SBAT_VAR_ORIGINAL_DATE "2021030218" +#define SBAT_VAR_ORIGINAL \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_ORIGINAL_DATE "\n" + +#if defined(ENABLE_SHIM_DEVEL) +#define SBAT_VAR_PREVIOUS_DATE "2022020101" +#define SBAT_VAR_PREVIOUS_REVOCATIONS "component,2\n" +#define SBAT_VAR_PREVIOUS \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ + SBAT_VAR_PREVIOUS_REVOCATIONS + +#define SBAT_VAR_LATEST_DATE "2022050100" +#define SBAT_VAR_LATEST_REVOCATIONS "component,2\nothercomponent,2\n" +#define SBAT_VAR_LATEST \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ + SBAT_VAR_LATEST_REVOCATIONS +#else /* !ENABLE_SHIM_DEVEL */ +/* + * As of 2022-11-16, most folks (including Ubuntu, SUSE, openSUSE) don't have + * a "shim,2" yet, so adding that here would end up unbootable. + */ +#define SBAT_VAR_PREVIOUS_DATE "2022052400" +#define SBAT_VAR_PREVIOUS_REVOCATIONS "grub,2\n" +#define SBAT_VAR_PREVIOUS \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \ + SBAT_VAR_PREVIOUS_REVOCATIONS + +#define SBAT_VAR_LATEST_DATE "2022111500" +#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,3\n" +#define SBAT_VAR_LATEST \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \ + SBAT_VAR_LATEST_REVOCATIONS +#endif /* ENABLE_SHIM_DEVEL */ + +#endif /* !SBAT_VAR_DEFS_H_ */ diff -Nru shim-15.6/include/test.mk shim-15.7/include/test.mk --- shim-15.6/include/test.mk 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/include/test.mk 1970-01-01 00:00:00.000000000 +0000 @@ -92,7 +92,7 @@ test-mok-mirror_FILES = mok.c globals.c tpm.c lib/guid.c lib/variables.c mock-variables.c test-mok-mirror: CFLAGS+=-DHAVE_START_IMAGE -DHAVE_SHIM_LOCK_GUID -test-sbat_FILES = csv.c lib/variables.c lib/guid.c +test-sbat_FILES = csv.c lib/variables.c lib/guid.c sbat_var.S test-sbat :: CFLAGS+=-DHAVE_GET_VARIABLE -DHAVE_GET_VARIABLE_ATTR -DHAVE_SHIM_LOCK_GUID test-str_FILES = lib/string.c diff -Nru shim-15.6/include/ucs2.h shim-15.7/include/ucs2.h --- shim-15.6/include/ucs2.h 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/include/ucs2.h 1970-01-01 00:00:00.000000000 +0000 @@ -63,22 +63,4 @@ return ret; } -/* - * Test if an entire buffer is nothing but NUL characters. This - * implementation "gracefully" ignores the difference between the - * UTF-8/ASCII 1-byte NUL and the UCS-2 2-byte NUL. - */ -static inline bool -__attribute__((__unused__)) -is_all_nuls(UINT8 *data, UINTN data_size) -{ - UINTN i; - - for (i = 0; i < data_size; i++) { - if (data[i] != 0) - return false; - } - return true; -} - #endif /* SHIM_UCS2_H */ diff -Nru shim-15.6/lib/guid.c shim-15.7/lib/guid.c --- shim-15.6/lib/guid.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/lib/guid.c 1970-01-01 00:00:00.000000000 +0000 @@ -28,6 +28,7 @@ EFI_GUID EFI_LOADED_IMAGE_GUID = EFI_LOADED_IMAGE_PROTOCOL_GUID; EFI_GUID EFI_TPM_GUID = { 0xf541796d, 0xa62e, 0x4954, {0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd } }; EFI_GUID EFI_TPM2_GUID = { 0x607f766c, 0x7455, 0x42be, {0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f } }; +EFI_GUID EFI_CC_MEASUREMENT_PROTOCOL_GUID = { 0x96751a3d, 0x72f4, 0x41a6, {0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b } }; EFI_GUID EFI_SECURE_BOOT_DB_GUID = { 0xd719b2cb, 0x3d3a, 0x4596, { 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f } }; EFI_GUID EFI_SIMPLE_FILE_SYSTEM_GUID = SIMPLE_FILE_SYSTEM_PROTOCOL; EFI_GUID SECURITY_PROTOCOL_GUID = { 0xA46423E3, 0x4617, 0x49f1, {0xB9, 0xFF, 0xD1, 0xBF, 0xA9, 0x11, 0x58, 0x39 } }; diff -Nru shim-15.6/load-options.c shim-15.7/load-options.c --- shim-15.6/load-options.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/load-options.c 1970-01-01 00:00:00.000000000 +0000 @@ -404,8 +404,13 @@ /* * Apparently sometimes we get L"\0\0"? Which isn't useful at all. + * + * Possibly related, but some boards have additional data before the + * size which is garbage (it's a weird path to the directory + * containing the loaders). Known boards that do this: Kontron VX3040 + * (AMI), ASUS B85M-E, and at least one "older Dell laptop". */ - if (is_all_nuls(li->LoadOptions, li->LoadOptionsSize)) + if (((CHAR16 *)li->LoadOptions)[0] == 0) return EFI_SUCCESS; /* diff -Nru shim-15.6/make-archive shim-15.7/make-archive --- shim-15.6/make-archive 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/make-archive 1970-01-01 00:00:00.000000000 +0000 @@ -86,14 +86,16 @@ cd .. if [ "x" = "x${SHIM_GIT_TAG}" ] ; then git archive --format=tar "$(git log -1 --pretty=format:%h)" | ( cd "${ARCHIVE_DIR}/shim-${VERSION}" ; tar x ) + TIMESTAMP=0 else # ORIGIN doesn't yet have this tag git archive --format=tar "${SHIM_GIT_TAG}" | ( cd "${ARCHIVE_DIR}/shim-${VERSION}" ; tar x ) + TIMESTAMP=$(git log -1 --pretty=%ct "${SHIM_GIT_TAG}") fi git log -1 --pretty=format:%H > "${ARCHIVE_DIR}/shim-${VERSION}/commit" DIR="$PWD" cd "${ARCHIVE_DIR}" - tar -c --bzip2 -f "${DIR}/shim-${VERSION}.tar.bz2" "shim-${VERSION}" + tar -c --sort=name --mtime="@${TIMESTAMP}" --owner=0 --group=0 --numeric-owner --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime --bzip2 -f "${DIR}/shim-${VERSION}.tar.bz2" "shim-${VERSION}" rm -rf "${ARCHIVE_DIR}" echo "The archive is in shim-${VERSION}.tar.bz2" exit 0 diff -Nru shim-15.6/model.c shim-15.7/model.c --- shim-15.6/model.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/model.c 1970-01-01 00:00:00.000000000 +0000 @@ -8,16 +8,18 @@ /* This is so vim's Syntastic checker won't yell about all these. */ extern void __coverity_string_size_sanitize__(int); extern void __coverity_negative_sink__(int); -extern void __coverity_alloc_nosize__(void); +extern void *__coverity_alloc_nosize__(void); +extern void __coverity_writeall0__(void *); extern void *__coverity_alloc__(int); extern void __coverity_sleep__(); extern void __coverity_tainted_data_sanitize__(void *); +extern void __coverity_free__(void *); #endif void * OBJ_dup(void *o) { - __coverity_alloc_nosize__(); + return __coverity_alloc_nosize__(); } int @@ -133,4 +135,21 @@ return EFI_OUT_OF_RESOURCES; } +void * +AllocateZeroPool(int sz) +{ + void *ptr; + + __coverity_negative_sink__(sz); + ptr = __coverity_alloc__(sz); + __coverity_writeall0__(ptr); + return ptr; +} + +void +FreePool(void *ptr) +{ + __coverity_free__(ptr); +} + // vim:fenc=utf-8:tw=75 diff -Nru shim-15.6/mok.c shim-15.7/mok.c --- shim-15.6/mok.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/mok.c 1970-01-01 00:00:00.000000000 +0000 @@ -178,7 +178,6 @@ EFI_VARIABLE_NON_VOLATILE, .no_attr = EFI_VARIABLE_RUNTIME_ACCESS, .flags = MOK_MIRROR_DELETE_FIRST | - MOK_VARIABLE_MEASURE | MOK_VARIABLE_INVERSE | MOK_VARIABLE_LOG, .pcr = 14, diff -Nru shim-15.6/pe.c shim-15.7/pe.c --- shim-15.6/pe.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/pe.c 1970-01-01 00:00:00.000000000 +0000 @@ -1196,6 +1196,9 @@ CopyMem(buffer, data, context.SizeOfHeaders); + /* Flush the instruction cache for the region holding the image */ + cache_invalidate(buffer, buffer + context.ImageSize); + *entry_point = ImageAddress(buffer, context.ImageSize, context.EntryPoint); if (!*entry_point) { perror(L"Entry point is invalid\n"); @@ -1256,7 +1259,7 @@ } if (Section->VirtualAddress <= context.EntryPoint && - (Section->VirtualAddress + Section->SizeOfRawData - 1) + (Section->VirtualAddress + Section->Misc.VirtualSize - 1) > context.EntryPoint) found_entry_point++; diff -Nru shim-15.6/sbat.c shim-15.7/sbat.c --- shim-15.6/sbat.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/sbat.c 1970-01-01 00:00:00.000000000 +0000 @@ -5,6 +5,11 @@ #include "shim.h" +extern struct { + UINT32 previous_offset; + UINT32 latest_offset; +} sbat_var_payload_header; + EFI_STATUS parse_sbat_section(char *section_base, size_t section_size, size_t *n_entries, @@ -399,6 +404,9 @@ EFI_STATUS efi_status = EFI_SUCCESS; UINT32 attributes = 0; + char *sbat_var_previous; + char *sbat_var_latest; + UINT8 *sbat = NULL; UINT8 *sbat_policy = NULL; UINTN sbatsize = 0; @@ -407,27 +415,30 @@ char *sbat_var = NULL; bool reset_sbat = false; + sbat_var_previous = (char *)&sbat_var_payload_header + sbat_var_payload_header.previous_offset; + sbat_var_latest = (char *)&sbat_var_payload_header + sbat_var_payload_header.latest_offset; + efi_status = get_variable_attr(SBAT_POLICY, &sbat_policy, &sbat_policysize, SHIM_LOCK_GUID, &attributes); if (EFI_ERROR(efi_status)) { dprint("Default sbat policy: previous\n"); - sbat_var = SBAT_VAR_PREVIOUS; + sbat_var = sbat_var_previous; } else { switch (*sbat_policy) { case SBAT_POLICY_LATEST: dprint("Custom sbat policy: latest\n"); - sbat_var = SBAT_VAR_LATEST; + sbat_var = sbat_var_latest; clear_sbat_policy(); break; case SBAT_POLICY_PREVIOUS: dprint("Custom sbat policy: previous\n"); - sbat_var = SBAT_VAR_PREVIOUS; + sbat_var = sbat_var_previous; break; case SBAT_POLICY_RESET: if (secure_mode()) { console_print(L"Cannot reset SBAT policy: Secure Boot is enabled.\n"); - sbat_var = SBAT_VAR_PREVIOUS; + sbat_var = sbat_var_previous; } else { dprint(L"Custom SBAT policy: reset OK\n"); reset_sbat = true; @@ -438,7 +449,7 @@ default: console_error(L"SBAT policy state %llu is invalid", EFI_INVALID_PARAMETER); - sbat_var = SBAT_VAR_PREVIOUS; + sbat_var = sbat_var_previous; clear_sbat_policy(); break; } diff -Nru shim-15.6/sbat_var.S shim-15.7/sbat_var.S --- shim-15.6/sbat_var.S 1970-01-01 00:00:00.000000000 +0000 +++ shim-15.7/sbat_var.S 1970-01-01 00:00:00.000000000 +0000 @@ -0,0 +1,20 @@ +// SPDX-License-Identifier: BSD-2-Clause-Patent + +#include "include/sbat_var_defs.h" + + .section .sbatlevel, "a", %progbits + .balignl 4, 0 + .4byte 0 /* format version for external parsers */ + .globl sbat_var_payload_header + .type sbat_var_payload_header, %object + .size sbat_var_payload_header, .Lsbat_var_payload_header_end - sbat_var_payload_header +sbat_var_payload_header: + .4byte .Lsbat_var_previous - sbat_var_payload_header + .4byte .Lsbat_var_latest - sbat_var_payload_header +.Lsbat_var_payload_header_end: + .balign 1, 0 +.Lsbat_var_previous: + .asciz SBAT_VAR_PREVIOUS + .balign 1, 0 +.Lsbat_var_latest: + .asciz SBAT_VAR_LATEST diff -Nru shim-15.6/shim.c shim-15.7/shim.c --- shim-15.6/shim.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/shim.c 1970-01-01 00:00:00.000000000 +0000 @@ -397,22 +397,22 @@ } #endif - if (check_db_hash(L"MokList", SHIM_LOCK_GUID, sha256hash, + if (check_db_hash(L"MokListRT", SHIM_LOCK_GUID, sha256hash, SHA256_DIGEST_SIZE, EFI_CERT_SHA256_GUID) == DATA_FOUND) { verification_method = VERIFIED_BY_HASH; update_verification_method(VERIFIED_BY_HASH); return EFI_SUCCESS; } else { - LogError(L"check_db_hash(MokList, sha256hash) != DATA_FOUND\n"); + LogError(L"check_db_hash(MokListRT, sha256hash) != DATA_FOUND\n"); } - if (cert && check_db_cert(L"MokList", SHIM_LOCK_GUID, cert, sha256hash) + if (cert && check_db_cert(L"MokListRT", SHIM_LOCK_GUID, cert, sha256hash) == DATA_FOUND) { verification_method = VERIFIED_BY_CERT; update_verification_method(VERIFIED_BY_CERT); return EFI_SUCCESS; } else if (cert) { - LogError(L"check_db_cert(MokList, sha256hash) != DATA_FOUND\n"); + LogError(L"check_db_cert(MokListRT, sha256hash) != DATA_FOUND\n"); } update_verification_method(VERIFIED_BY_NOTHING); @@ -1395,7 +1395,6 @@ load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename, CHAR16 *PathName) { EFI_STATUS efi_status; - EFI_LOADED_IMAGE li; PE_COFF_LOADER_IMAGE_CONTEXT context; EFI_IMAGE_SECTION_HEADER *Section; EFI_SIGNATURE_LIST *certlist; @@ -1410,10 +1409,7 @@ if (EFI_ERROR(efi_status)) return efi_status; - memset(&li, 0, sizeof(li)); - memcpy(&li.FilePath[0], filename, MIN(StrSize(filename), sizeof(li.FilePath))); - - efi_status = verify_image(data, datasize, &li, &context); + efi_status = verify_image(data, datasize, shim_li, &context); if (EFI_ERROR(efi_status)) return efi_status; @@ -1433,8 +1429,8 @@ user_cert_size += certlist->SignatureListSize;; user_cert = ReallocatePool(user_cert, original, user_cert_size); - memcpy(user_cert + original, pointer, - certlist->SignatureListSize); + CopyMem(user_cert + original, pointer, + certlist->SignatureListSize); } } FreePool(data); diff -Nru shim-15.6/shim.h shim-15.7/shim.h --- shim-15.6/shim.h 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/shim.h 1970-01-01 00:00:00.000000000 +0000 @@ -179,12 +179,14 @@ #include "include/pe.h" #include "include/replacements.h" #include "include/sbat.h" +#include "include/sbat_var_defs.h" #if defined(OVERRIDE_SECURITY_POLICY) #include "include/security_policy.h" #endif #include "include/simple_file.h" #include "include/str.h" #include "include/tpm.h" +#include "include/cc.h" #include "include/ucs2.h" #include "include/variables.h" #include "include/hexdump.h" diff -Nru shim-15.6/tpm.c shim-15.7/tpm.c --- shim-15.6/tpm.c 2022-06-01 18:25:48.000000000 +0000 +++ shim-15.7/tpm.c 1970-01-01 00:00:00.000000000 +0000 @@ -108,6 +108,45 @@ return EFI_NOT_FOUND; } +static EFI_STATUS cc_log_event_raw(EFI_PHYSICAL_ADDRESS buf, UINTN size, + UINT8 pcr, const CHAR8 *log, UINTN logsize, + UINT32 type, BOOLEAN is_pe_image) +{ + EFI_STATUS efi_status; + EFI_CC_EVENT *event; + efi_cc_protocol_t *cc; + EFI_CC_MR_INDEX mr; + uint64_t flags = is_pe_image ? EFI_CC_FLAG_PE_COFF_IMAGE : 0; + + efi_status = LibLocateProtocol(&EFI_CC_MEASUREMENT_PROTOCOL_GUID, + (VOID **)&cc); + if (EFI_ERROR(efi_status) || !cc) + return EFI_SUCCESS; + + efi_status = cc->map_pcr_to_mr_index(cc, pcr, &mr); + if (EFI_ERROR(efi_status)) + return EFI_NOT_FOUND; + + UINTN event_size = sizeof(*event) - sizeof(event->Event) + logsize; + + event = AllocatePool(event_size); + if (!event) { + perror(L"Unable to allocate event structure\n"); + return EFI_OUT_OF_RESOURCES; + } + + event->Header.HeaderSize = sizeof(EFI_CC_EVENT_HEADER); + event->Header.HeaderVersion = EFI_CC_EVENT_HEADER_VERSION; + event->Header.MrIndex = mr; + event->Header.EventType = type; + event->Size = event_size; + CopyMem(event->Event, (VOID *)log, logsize); + efi_status = cc->hash_log_extend_event(cc, flags, buf, (UINT64)size, + event); + FreePool(event); + return efi_status; +} + static EFI_STATUS tpm_log_event_raw(EFI_PHYSICAL_ADDRESS buf, UINTN size, UINT8 pcr, const CHAR8 *log, UINTN logsize, UINT32 type, CHAR8 *hash) @@ -118,6 +157,15 @@ BOOLEAN old_caps; EFI_TCG2_BOOT_SERVICE_CAPABILITY caps; + /* CC guest like TDX or SEV will measure the buffer and log the event, + extend the result into a specific CC MR like TCG's PCR. It could + coexists with TCG's TPM 1.2 and TPM 2. + */ + efi_status = cc_log_event_raw(buf, size, pcr, log, logsize, type, + (hash != NULL)); + if (EFI_ERROR(efi_status)) + return efi_status; + efi_status = tpm_locate_protocol(&tpm, &tpm2, &old_caps, &caps); if (EFI_ERROR(efi_status)) { #ifdef REQUIRE_TPM