1. 24 Jul, 2018 1 commit
  2. 13 Sep, 2017 1 commit
  3. 26 Jul, 2016 1 commit
  4. 11 Jun, 2015 1 commit
  5. 06 Oct, 2014 1 commit
  6. 27 Aug, 2014 1 commit
  7. 12 Aug, 2014 1 commit
  8. 14 Feb, 2014 1 commit
  9. 19 Nov, 2013 1 commit
  10. 04 Oct, 2013 1 commit
  11. 01 Oct, 2013 1 commit
    • Peter Jones's avatar
      Harden shim against non-participating bootloaders. · cbef697a
      Peter Jones authored
      It works like this: during startup of shim, we hook into the system's
      ExitBootServices() and StartImage().  If the system's StartImage() is
      called, we automatically unhook, because we're chainloading to something
      the system can verify.
      
      When shim's verify is called, we record what kind of certificate the
      image was verified against.  If the call /succeeds/, we remove our
      hooks.
      
      If ExitBootServices() is called, we check how the bootloader verified
      whatever it is loading.  If it was verified by its hash, we unhook
      everything and call the system's EBS().  If it was verified by
      certificate, we check if it has called shim_verify().  If it has, we
      unhook everything and call the system's EBS()
      
      If the bootloader has not verified anything, and is itself verified by
      a certificate, we display a security violation warning and halt the
      machine.
      cbef697a