1. 10 Jun, 2013 5 commits
    • Peter Jones's avatar
      add a .gitignore · 63bdfd85
      Peter Jones authored
      Signed-off-by: default avatarPeter Jones <pjones@redhat.com>
      63bdfd85
    • Peter Jones's avatar
      Move embedded certificates to their own section. · c682b514
      Peter Jones authored
      With this change, the embedded certificate and dbx lists (vendor_cert,
      vendor_cert_size, vendor_dbx, and vendor_dbx_size) wind up being in a
      section named .vendor_cert, and so will look something like:
      ------
      fenchurch:~/devel/github.com/shim$ objdump -h shim.efi
      
      shim.efi:     file format pei-x86-64
      
      Sections:
      Idx Name          Size      VMA               LMA               File off  Algn
        0 .eh_frame     000174a8  0000000000005000  0000000000005000  00000400  2**3
                        CONTENTS, ALLOC, LOAD, READONLY, DATA
        1 .text         000aa7e1  000000000001d000  000000000001d000  00017a00  2**4
                        CONTENTS, ALLOC, LOAD, READONLY, CODE
        2 .reloc        0000000a  00000000000c8000  00000000000c8000  000c2200  2**0
                        CONTENTS, ALLOC, LOAD, READONLY, DATA
        3 .data         00031228  00000000000c9000  00000000000c9000  000c2400  2**5
                        CONTENTS, ALLOC, LOAD, DATA
        4 .vendor_cert  00000375  00000000000fb000  00000000000fb000  000f3800  2**0
                        CONTENTS, READONLY
        5 .dynamic      000000f0  00000000000fc000  00000000000fc000  000f3c00  2**3
                        CONTENTS, ALLOC, LOAD, DATA
        6 .rela         0002afa8  00000000000fd000  00000000000fd000  000f3e00  2**3
                        CONTENTS, ALLOC, LOAD, READONLY, DATA
        7 .dynsym       0000f1f8  0000000000128000  0000000000128000  0011ee00  2**3
                        CONTENTS, ALLOC, LOAD, READONLY, DATA
      ------
      
      This simplifies a security audit, because it means that different
      versions of shim with substantially the same code with different keys
      will be more easily comperable, and therefore logic differences may be
      more easily identified.
      
      This also means that if there's a trusted build you want to use, you can
      remove the certificates, implant new ones, and have it signed, and the
      code sections won't change.
      Signed-off-by: default avatarPeter Jones <pjones@redhat.com>
      c682b514
    • Peter Jones's avatar
      vendor_cert_size's size in the binary should be 4, not -4. · 6b4255de
      Peter Jones authored
      The thing about subtraction is that the minuend needs to be before the
      subtrahend in the text.
      Signed-off-by: default avatarPeter Jones <pjones@redhat.com>
      6b4255de
    • Peter Jones's avatar
      Remove FALLBACK_OBJS during clean as well. · 1de10962
      Peter Jones authored
      Signed-off-by: default avatarPeter Jones <pjones@redhat.com>
      1de10962
    • Peter Jones's avatar
  2. 31 May, 2013 2 commits
  3. 16 May, 2013 2 commits
  4. 15 May, 2013 4 commits
  5. 14 May, 2013 1 commit
  6. 02 May, 2013 1 commit
  7. 30 Apr, 2013 10 commits
  8. 26 Apr, 2013 3 commits
  9. 03 Jan, 2013 2 commits
  10. 27 Dec, 2012 3 commits
  11. 20 Dec, 2012 1 commit
  12. 10 Dec, 2012 1 commit
    • Gary Ching-Pang Lin's avatar
      Get the second stage loader from the Load Options · 09e2c939
      Gary Ching-Pang Lin authored
      This commit replaces the 2nd stage loader path with the first
      argument in the Load Options and moves the rest arguments (if any)
      to the Load Options for the 2nd stage loader.
      
      For example, to make shim to load elilo.efi, just create a new
      boot entry with efibootmgr:
      
       # efibootmgr -c -L "shim elilo" -l "efi\\shim.efi" -u "elilo.efi"
      09e2c939
  13. 28 Nov, 2012 1 commit
    • Matthew Garrett's avatar
      Remove debug code · 8d311bc7
      Matthew Garrett authored
      secure_mode() was altered to always return true for debug purposes, and this
      accidentally got committed to mainline. Fix that.
      8d311bc7
  14. 26 Nov, 2012 1 commit
    • Matthew Garrett's avatar
      Sign MokManager with a locally-generated key · ef8c9962
      Matthew Garrett authored
      shim needs to verify that MokManager hasn't been modified, but we want to
      be able to support configurations where shim is shipped without a vendor
      certificate. This patch adds support for generating a certificate at build
      time, incorporating the public half into shim and signing MokManager with
      the private half. It uses pesign and nss, but still requires openssl for
      key generation. Anyone using sbsign will need to figure this out for
      themselves.
      ef8c9962
  15. 01 Nov, 2012 3 commits