Hello community, here is the log from the commit of package shim for openSUSE:13.1 checked in at 2013-10-02 13:33:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1/shim (Old) and /work/SRC/openSUSE:13.1/.shim.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "shim" Changes: -------- --- /work/SRC/openSUSE:13.1/shim/shim.changes 2013-09-25 17:20:35.000000000 +0200 +++ /work/SRC/openSUSE:13.1/.shim.new/shim.changes 2013-10-02 13:33:59.000000000 +0200 @@ -1,0 +2,9 @@ +Tue Oct 1 04:29:29 UTC 2013 - g...@suse.com + +- Add shim-netboot-fixes.patch to include upstream netboot fixes +- Add shim-mokmanager-disable-gfx-console.patch to disable the + graphics console to avoid system hang on some machines +- Add shim-bnc841426-silence-shim-protocols.patch to silence the + shim protocols (bnc#841426) + +------------------------------------------------------------------- New: ---- shim-bnc841426-silence-shim-protocols.patch shim-mokmanager-disable-gfx-console.patch shim-netboot-fixes.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ shim.spec ++++++ --- /var/tmp/diff_new_pack.X64pLu/_old 2013-10-02 13:33:59.000000000 +0200 +++ /var/tmp/diff_new_pack.X64pLu/_new 2013-10-02 13:33:59.000000000 +0200 @@ -58,6 +58,12 @@ Patch8: shim-bnc808106-correct-certcount.patch # PATCH-FIX-UPSTREAM shim-mokmanager-ui-revamp.patch g...@suse.com -- Revamp the MokManager UI Patch9: shim-mokmanager-ui-revamp.patch +# PATCH-FIX-UPSTREAM shim-netboot-fixes.patch g...@suse.com -- Upstream netboot fixes +Patch10: shim-netboot-fixes.patch +# PATCH-FIX-UPSTREAM shim-mokmanager-disable-gfx-console.patch g...@suse.com -- Disable graphics console to avoid system hang on some machines +Patch11: shim-mokmanager-disable-gfx-console.patch +# PATCH-FIX-UPSTREAM shim-bnc841426-silence-shim-protocols.patch bnc#841426 g...@suse.com -- Silence the shim protocols to avoid system hang +Patch12: shim-bnc841426-silence-shim-protocols.patch BuildRequires: gnu-efi >= 3.0t BuildRequires: mozilla-nss-tools BuildRequires: openssl >= 0.9.8 @@ -90,6 +96,9 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 %build chmod +x "make-certs" ++++++ shim-bnc841426-silence-shim-protocols.patch ++++++ ++++ 789 lines (skipped) ++++++ shim-mokmanager-disable-gfx-console.patch ++++++ >From c19cef4b4a61c82ba9a2c323659a20ec5d1d7ba2 Mon Sep 17 00:00:00 2001 From: Peter Jones <pjo...@redhat.com> Date: Thu, 26 Sep 2013 09:44:50 -0400 Subject: [PATCH] MokManager needs to disable the graphics console. Without this patch, on some machines we never see MokManager's UI. This protocol has never (I think?) been officially published, and yet I still have new hardware that needs it. If you're looking for a reference, look at: EdkCompatibilityPkg/Foundation/Protocol/ConsoleControl/ConsoleControl.c in the edk2 tree from Tiano. Signed-off-by: Peter Jones <pjo...@redhat.com> --- Makefile | 2 +- MokManager.c | 32 ++++++++++++++++++++++++++++++++ console_control.h | 44 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 77 insertions(+), 1 deletion(-) create mode 100644 console_control.h diff --git a/Makefile b/Makefile index 77f3e52..1e4aed8 100644 --- a/Makefile +++ b/Makefile @@ -37,7 +37,7 @@ OBJS = shim.o netboot.o cert.o dbx.o KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key SOURCES = shim.c shim.h netboot.c signature.h PeImage.h MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o -MOK_SOURCES = MokManager.c shim.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h +MOK_SOURCES = MokManager.c shim.h console_control.h PasswordCrypt.c PasswordCrypt.h crypt_blowfish.c crypt_blowfish.h FALLBACK_OBJS = fallback.o FALLBACK_SRCS = fallback.c diff --git a/MokManager.c b/MokManager.c index 604129f..01362f2 100644 --- a/MokManager.c +++ b/MokManager.c @@ -6,6 +6,7 @@ #include "signature.h" #include "PeImage.h" #include "PasswordCrypt.h" +#include "console_control.h" #include "include/console.h" #include "include/simple_file.h" @@ -1741,6 +1742,34 @@ static EFI_STATUS check_mok_request(EFI_HANDLE image_handle) return EFI_SUCCESS; } +static VOID setup_console (int text) +{ + EFI_STATUS status; + EFI_GUID console_control_guid = EFI_CONSOLE_CONTROL_PROTOCOL_GUID; + EFI_CONSOLE_CONTROL_PROTOCOL *concon; + static EFI_CONSOLE_CONTROL_SCREEN_MODE mode = + EfiConsoleControlScreenGraphics; + EFI_CONSOLE_CONTROL_SCREEN_MODE new_mode; + + status = LibLocateProtocol(&console_control_guid, (VOID **)&concon); + if (status != EFI_SUCCESS) + return; + + if (text) { + new_mode = EfiConsoleControlScreenText; + + status = uefi_call_wrapper(concon->GetMode, 4, concon, &mode, + 0, 0); + /* If that didn't work, assume it's graphics */ + if (status != EFI_SUCCESS) + mode = EfiConsoleControlScreenGraphics; + } else { + new_mode = mode; + } + + uefi_call_wrapper(concon->SetMode, 2, concon, new_mode); +} + static EFI_STATUS setup_rand (void) { EFI_TIME time; @@ -1772,9 +1801,12 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *systab) InitializeLib(image_handle, systab); + setup_console(1); + setup_rand(); efi_status = check_mok_request(image_handle); + setup_console(0); return efi_status; } diff --git a/console_control.h b/console_control.h new file mode 100644 index 0000000..5fb8a4a --- /dev/null +++ b/console_control.h @@ -0,0 +1,44 @@ +#ifndef _SHIM_CONSOLE_CONTROL_H +#define _SHIM_CONSOLE_CONTROL_H 1 + +#define EFI_CONSOLE_CONTROL_PROTOCOL_GUID \ + { 0xf42f7782, 0x12e, 0x4c12, {0x99, 0x56, 0x49, 0xf9, 0x43, 0x4, 0xf7, 0x21} } + +typedef struct _EFI_CONSOLE_CONTROL_PROTOCOL EFI_CONSOLE_CONTROL_PROTOCOL; + +typedef enum { + EfiConsoleControlScreenText, + EfiConsoleControlScreenGraphics, + EfiConsoleControlScreenMaxValue +} EFI_CONSOLE_CONTROL_SCREEN_MODE; + +typedef +EFI_STATUS +(EFIAPI *EFI_CONSOLE_CONTROL_PROTOCOL_GET_MODE) ( + IN EFI_CONSOLE_CONTROL_PROTOCOL *This, + OUT EFI_CONSOLE_CONTROL_SCREEN_MODE *Mode, + OUT BOOLEAN *GopUgaExists, OPTIONAL + OUT BOOLEAN *StdInLocked OPTIONAL + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_CONSOLE_CONTROL_PROTOCOL_SET_MODE) ( + IN EFI_CONSOLE_CONTROL_PROTOCOL *This, + IN EFI_CONSOLE_CONTROL_SCREEN_MODE Mode + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_CONSOLE_CONTROL_PROTOCOL_LOCK_STD_IN) ( + IN EFI_CONSOLE_CONTROL_PROTOCOL *This, + IN CHAR16 *Password + ); + +struct _EFI_CONSOLE_CONTROL_PROTOCOL { + EFI_CONSOLE_CONTROL_PROTOCOL_GET_MODE GetMode; + EFI_CONSOLE_CONTROL_PROTOCOL_SET_MODE SetMode; + EFI_CONSOLE_CONTROL_PROTOCOL_LOCK_STD_IN LockStdIn; +}; + +#endif /* _SHIM_CONSOLE_CONTROL_H */ -- 1.8.1.4 ++++++ shim-netboot-fixes.patch ++++++ >From 6bd858269e91b3966c569f5d18a6fd3932b65112 Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langa...@canonical.com> Date: Fri, 20 Sep 2013 11:29:23 -0500 Subject: [PATCH 1/7] Pass the right arguments to EFI_PXE_BASE_CODE_TFTP_READ_FILE A wrong pointer was being passed to EFI_PXE_BASE_CODE_TFTP_READ_FILE, preventing us from getting the file size back from the tftp call, ensuring that we don't have enough information to properly secureboot-validate the retrieved image. --- netboot.c | 4 ++-- shim.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/netboot.c b/netboot.c index d569048..f7a6a1a 100644 --- a/netboot.c +++ b/netboot.c @@ -328,7 +328,7 @@ EFI_STATUS parseNetbootinfo(EFI_HANDLE image_handle) return rc; } -EFI_STATUS FetchNetbootimage(EFI_HANDLE image_handle, VOID **buffer, UINTN *bufsiz) +EFI_STATUS FetchNetbootimage(EFI_HANDLE image_handle, VOID **buffer, UINT64 *bufsiz) { EFI_STATUS rc; EFI_PXE_BASE_CODE_TFTP_OPCODE read = EFI_PXE_BASE_CODE_TFTP_READ_FILE; @@ -346,7 +346,7 @@ EFI_STATUS FetchNetbootimage(EFI_HANDLE image_handle, VOID **buffer, UINTN *bufs try_again: rc = uefi_call_wrapper(pxe->Mtftp, 10, pxe, read, *buffer, overwrite, - &bufsiz, &blksz, &tftp_addr, full_path, NULL, nobuffer); + bufsiz, &blksz, &tftp_addr, full_path, NULL, nobuffer); if (rc == EFI_BUFFER_TOO_SMALL) { /* try again, doubling buf size */ diff --git a/shim.c b/shim.c index 47e3812..c1bb85f 100644 --- a/shim.c +++ b/shim.c @@ -1193,7 +1193,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath) EFI_DEVICE_PATH *path; CHAR16 *PathName = NULL; void *sourcebuffer = NULL; - UINTN sourcesize = 0; + UINT64 sourcesize = 0; void *data = NULL; int datasize; -- 1.8.1.4 >From b1fa932c45038fbe280420b88f0103610fff48aa Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langa...@canonical.com> Date: Fri, 20 Sep 2013 13:03:57 -0500 Subject: [PATCH 2/7] Fix nul termination errors in filenames passed to tftp Fix various errors in the tftp string handling, to ensure we always have properly nul-terminated strings. --- netboot.c | 39 ++++++++++++++++----------------------- 1 file changed, 16 insertions(+), 23 deletions(-) diff --git a/netboot.c b/netboot.c index f7a6a1a..b31e71c 100644 --- a/netboot.c +++ b/netboot.c @@ -54,7 +54,7 @@ static inline unsigned short int __swap16(unsigned short int x) static EFI_PXE_BASE_CODE *pxe; static EFI_IP_ADDRESS tftp_addr; -static char *full_path; +static UINT8 *full_path; typedef struct { @@ -112,7 +112,7 @@ try_again: for (i=0; i < (bs / sizeof(EFI_HANDLE)); i++) { status = uefi_call_wrapper(BS->OpenProtocol, 6, hbuf[i], &pxe_base_code_protocol, - &pxe, image_handle, NULL, + (void **)&pxe, image_handle, NULL, EFI_OPEN_PROTOCOL_GET_PROTOCOL); if (status != EFI_SUCCESS) { @@ -228,15 +228,15 @@ static UINT8 *str2ip6(char *str) static BOOLEAN extract_tftp_info(char *url) { - char *start, *end; + CHAR8 *start, *end; char ip6str[128]; - char *template = DEFAULT_LOADER; + CHAR8 *template = (CHAR8 *)DEFAULT_LOADER; if (strncmp((UINT8 *)url, (UINT8 *)"tftp://", 7)) { Print(L"URLS MUST START WITH tftp://\n"); return FALSE; } - start = url + 7; + start = (CHAR8 *)url + 7; if (*start != '[') { Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); return FALSE; @@ -251,21 +251,19 @@ static BOOLEAN extract_tftp_info(char *url) Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); return FALSE; } - *end = '\0'; memset(ip6str, 0, 128); - memcpy(ip6str, start, strlen((UINT8 *)start)); - *end = ']'; + memcpy(ip6str, start, end + 1 - start); end++; memcpy(&tftp_addr.v6, str2ip6(ip6str), 16); - full_path = AllocatePool(strlen((UINT8 *)end)+strlen((UINT8 *)template)+1); + full_path = AllocateZeroPool(strlen(end)+strlen(template)+1); if (!full_path) return FALSE; - memset(full_path, 0, strlen((UINT8 *)end)+strlen((UINT8 *)template)); - memcpy(full_path, end, strlen((UINT8 *)end)); - end = strrchr(full_path, '/'); + memcpy(full_path, end, strlen(end)); + end = (CHAR8 *)strrchr((char *)full_path, '/'); if (!end) - end = full_path; - memcpy(end, template, strlen((UINT8 *)template)); + end = (CHAR8 *)full_path; + memcpy(end, template, strlen(template)); + end[strlen(template)] = '\0'; return TRUE; } @@ -286,20 +284,15 @@ static EFI_STATUS parseDhcp6() static EFI_STATUS parseDhcp4() { - char *template = DEFAULT_LOADER; - char *tmp; - int len = strlen((CHAR8 *)template); + CHAR8 *template = (CHAR8 *)DEFAULT_LOADER; + full_path = AllocateZeroPool(strlen(template)+1); - tmp = AllocatePool(len+1); - - if (!tmp) + if (!full_path) return EFI_OUT_OF_RESOURCES; - memcpy(&tftp_addr.v4, pxe->Mode->DhcpAck.Dhcpv4.BootpSiAddr, 4); - memcpy(tmp, template, len+1); - full_path = tmp; + memcpy(full_path, template, strlen(template)); /* Note we don't capture the filename option here because we know its shim.efi * We instead assume the filename at the end of the path is going to be grubx64.efi -- 1.8.1.4 >From a68d8233dcc76094813e5c235a80fb6c7ec6ad7c Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langa...@canonical.com> Date: Fri, 20 Sep 2013 17:06:33 -0500 Subject: [PATCH 3/7] Fix an off-by-one error We don't need to add one because our end pointer is already off the end of the string we want to copy. --- netboot.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netboot.c b/netboot.c index b31e71c..15dbdf7 100644 --- a/netboot.c +++ b/netboot.c @@ -252,7 +252,7 @@ static BOOLEAN extract_tftp_info(char *url) return FALSE; } memset(ip6str, 0, 128); - memcpy(ip6str, start, end + 1 - start); + memcpy(ip6str, start, end - start); end++; memcpy(&tftp_addr.v6, str2ip6(ip6str), 16); full_path = AllocateZeroPool(strlen(end)+strlen(template)+1); -- 1.8.1.4 >From bbaa1df5dcc6570dc29544dbcc00353f925a1128 Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langa...@canonical.com> Date: Sun, 22 Sep 2013 22:21:49 -0700 Subject: [PATCH 4/7] Misc allocation cleanups --- netboot.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/netboot.c b/netboot.c index 15dbdf7..c81e28e 100644 --- a/netboot.c +++ b/netboot.c @@ -160,10 +160,9 @@ static char *get_v6_bootfile_url(EFI_PXE_BASE_CODE_DHCPV6_PACKET *pkt) if (ntohs(option->OpCode) == 59) { /* This is the bootfile url option */ urllen = ntohs(option->Length); - url = AllocatePool(urllen+2); + url = AllocateZeroPool(urllen+1); if (!url) return NULL; - memset(url, 0, urllen+2); memcpy(url, option->Data, urllen); return url; } @@ -275,10 +274,13 @@ static EFI_STATUS parseDhcp6() bootfile_url = get_v6_bootfile_url(packet); - if (extract_tftp_info(bootfile_url) == FALSE) - return EFI_NOT_FOUND; if (!bootfile_url) return EFI_NOT_FOUND; + if (extract_tftp_info(bootfile_url) == FALSE) { + FreePool(bootfile_url); + return EFI_NOT_FOUND; + } + FreePool(bootfile_url); return EFI_SUCCESS; } -- 1.8.1.4 >From 4b1e7425479a111553f1055757429249bc389d28 Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langa...@canonical.com> Date: Sun, 22 Sep 2013 22:25:47 -0700 Subject: [PATCH 5/7] More consistent types, fewer casts --- netboot.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/netboot.c b/netboot.c index c81e28e..dab1f5c 100644 --- a/netboot.c +++ b/netboot.c @@ -142,11 +142,11 @@ try_again: return rc; } -static char *get_v6_bootfile_url(EFI_PXE_BASE_CODE_DHCPV6_PACKET *pkt) +static CHAR8 *get_v6_bootfile_url(EFI_PXE_BASE_CODE_DHCPV6_PACKET *pkt) { void *optr; EFI_DHCP6_PACKET_OPTION *option; - char *url; + CHAR8 *url; UINT32 urllen; optr = pkt->DhcpOptions; @@ -225,7 +225,7 @@ static UINT8 *str2ip6(char *str) return (UINT8 *)ip; } -static BOOLEAN extract_tftp_info(char *url) +static BOOLEAN extract_tftp_info(CHAR8 *url) { CHAR8 *start, *end; char ip6str[128]; @@ -235,7 +235,7 @@ static BOOLEAN extract_tftp_info(char *url) Print(L"URLS MUST START WITH tftp://\n"); return FALSE; } - start = (CHAR8 *)url + 7; + start = url + 7; if (*start != '[') { Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); return FALSE; @@ -270,8 +270,7 @@ static BOOLEAN extract_tftp_info(char *url) static EFI_STATUS parseDhcp6() { EFI_PXE_BASE_CODE_DHCPV6_PACKET *packet = (EFI_PXE_BASE_CODE_DHCPV6_PACKET *)&pxe->Mode->DhcpAck.Raw; - char *bootfile_url; - + CHAR8 *bootfile_url; bootfile_url = get_v6_bootfile_url(packet); if (!bootfile_url) -- 1.8.1.4 >From 12cd90c232301efe7d262a33c471a6af1282ae03 Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langa...@canonical.com> Date: Sun, 22 Sep 2013 22:45:26 -0700 Subject: [PATCH 6/7] Correct limits on the length of ipv6 addresses The maximum length of a string representation of an ipv6 address is 39 characters (8 groups of 4 hex chars, with 7 colons in between). So don't allocate more room than this - and more importantly, don't blindly accept strings from the server that are longer than our buffer... --- netboot.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/netboot.c b/netboot.c index dab1f5c..61777a2 100644 --- a/netboot.c +++ b/netboot.c @@ -228,7 +228,7 @@ static UINT8 *str2ip6(char *str) static BOOLEAN extract_tftp_info(CHAR8 *url) { CHAR8 *start, *end; - char ip6str[128]; + char ip6str[40]; CHAR8 *template = (CHAR8 *)DEFAULT_LOADER; if (strncmp((UINT8 *)url, (UINT8 *)"tftp://", 7)) { @@ -245,12 +245,16 @@ static BOOLEAN extract_tftp_info(CHAR8 *url) end = start; while ((*end != '\0') && (*end != ']')) { end++; + if (end - start > 39) { + Print(L"TFTP URL includes malformed IPv6 address\n"); + return FALSE; + } } if (end == '\0') { Print(L"TFTP SERVER MUST BE ENCLOSED IN [..]\n"); return FALSE; } - memset(ip6str, 0, 128); + memset(ip6str, 0, 40); memcpy(ip6str, start, end - start); end++; memcpy(&tftp_addr.v6, str2ip6(ip6str), 16); -- 1.8.1.4 >From 0c3bd9d9ea5261cfdf5c1d6feb2f42d17ba4ca8a Mon Sep 17 00:00:00 2001 From: Steve Langasek <steve.langa...@canonical.com> Date: Sun, 22 Sep 2013 23:11:26 -0700 Subject: [PATCH 7/7] Fix a memory leak --- netboot.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/netboot.c b/netboot.c index 61777a2..927445d 100644 --- a/netboot.c +++ b/netboot.c @@ -356,6 +356,8 @@ try_again: goto try_again; } + if (rc != EFI_SUCCESS && *buffer) { + FreePool(*buffer); + } return rc; - } -- 1.8.1.4 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org