|
|
3e2dc0 |
From bf88198555ce964377a56176de8e5e9b45e43e25 Mon Sep 17 00:00:00 2001
|
|
|
3e2dc0 |
From: Laszlo Ersek <lersek@redhat.com>
|
|
|
3e2dc0 |
Date: Sat, 6 Jun 2020 01:16:09 +0200
|
|
|
3e2dc0 |
Subject: OvmfPkg/X86QemuLoadImageLib: handle EFI_ACCESS_DENIED from
|
|
|
3e2dc0 |
LoadImage()
|
|
|
3e2dc0 |
MIME-Version: 1.0
|
|
|
3e2dc0 |
Content-Type: text/plain; charset=UTF-8
|
|
|
3e2dc0 |
Content-Transfer-Encoding: 8bit
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
Notes about the RHEL-8.2/20190904-37eef91017ad [edk2-stable201908] ->
|
|
|
3e2dc0 |
RHEL-8.3/20200603-ca407c7246bf [edk2-stable202005] rebase:
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
- new patch
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
- the patch is being upstreamed; it's not a backport because the rebase
|
|
|
3e2dc0 |
deadline is close
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
- upstream references:
|
|
|
3e2dc0 |
- https://bugzilla.tianocore.org/show_bug.cgi?id=2785
|
|
|
3e2dc0 |
- http://mid.mail-archive.com/20200605235242.32442-1-lersek@redhat.com
|
|
|
3e2dc0 |
- https://edk2.groups.io/g/devel/message/60825
|
|
|
3e2dc0 |
- https://www.redhat.com/archives/edk2-devel-archive/2020-June/msg00344.html
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
[downstream note ends, upstream commit message starts]
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
When an image fails Secure Boot validation, LoadImage() returns
|
|
|
3e2dc0 |
EFI_SECURITY_VIOLATION if the platform policy is
|
|
|
3e2dc0 |
DEFER_EXECUTE_ON_SECURITY_VIOLATION.
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
If the platform policy is DENY_EXECUTE_ON_SECURITY_VIOLATION, then
|
|
|
3e2dc0 |
LoadImage() returns EFI_ACCESS_DENIED (and the image does not remain
|
|
|
3e2dc0 |
loaded).
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
(Before <https://bugzilla.tianocore.org/show_bug.cgi?id=2129>, this
|
|
|
3e2dc0 |
difference would be masked, as DxeImageVerificationLib would incorrectly
|
|
|
3e2dc0 |
return EFI_SECURITY_VIOLATION for DENY_EXECUTE_ON_SECURITY_VIOLATION as
|
|
|
3e2dc0 |
well.)
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
In X86QemuLoadImageLib, proceed to the legacy Linux/x86 Boot Protocol upon
|
|
|
3e2dc0 |
seeing EFI_ACCESS_DENIED too.
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
|
|
|
3e2dc0 |
Cc: Jordan Justen <jordan.l.justen@intel.com>
|
|
|
3e2dc0 |
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
|
|
|
3e2dc0 |
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2785
|
|
|
3e2dc0 |
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
|
|
|
3e2dc0 |
---
|
|
|
3e2dc0 |
.../X86QemuLoadImageLib/X86QemuLoadImageLib.c | 14 ++++++++++----
|
|
|
3e2dc0 |
1 file changed, 10 insertions(+), 4 deletions(-)
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
diff --git a/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c b/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c
|
|
|
3e2dc0 |
index ef753be7ea..931553c0c1 100644
|
|
|
3e2dc0 |
--- a/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c
|
|
|
3e2dc0 |
+++ b/OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.c
|
|
|
3e2dc0 |
@@ -320,15 +320,21 @@ QemuLoadKernelImage (
|
|
|
3e2dc0 |
|
|
|
3e2dc0 |
case EFI_SECURITY_VIOLATION:
|
|
|
3e2dc0 |
//
|
|
|
3e2dc0 |
- // We are running with UEFI secure boot enabled, and the image failed to
|
|
|
3e2dc0 |
- // authenticate. For compatibility reasons, we fall back to the legacy
|
|
|
3e2dc0 |
- // loader in this case. Since the image has been loaded, we need to unload
|
|
|
3e2dc0 |
- // it before proceeding
|
|
|
3e2dc0 |
+ // Since the image has been loaded, we need to unload it before proceeding
|
|
|
3e2dc0 |
+ // to the EFI_ACCESS_DENIED case below.
|
|
|
3e2dc0 |
//
|
|
|
3e2dc0 |
gBS->UnloadImage (KernelImageHandle);
|
|
|
3e2dc0 |
//
|
|
|
3e2dc0 |
// Fall through
|
|
|
3e2dc0 |
//
|
|
|
3e2dc0 |
+ case EFI_ACCESS_DENIED:
|
|
|
3e2dc0 |
+ //
|
|
|
3e2dc0 |
+ // We are running with UEFI secure boot enabled, and the image failed to
|
|
|
3e2dc0 |
+ // authenticate. For compatibility reasons, we fall back to the legacy
|
|
|
3e2dc0 |
+ // loader in this case.
|
|
|
3e2dc0 |
+ //
|
|
|
3e2dc0 |
+ // Fall through
|
|
|
3e2dc0 |
+ //
|
|
|
3e2dc0 |
case EFI_UNSUPPORTED:
|
|
|
3e2dc0 |
//
|
|
|
3e2dc0 |
// The image is not natively supported or cross-type supported. Let's try
|
|
|
3e2dc0 |
--
|
|
|
3e2dc0 |
2.18.1
|
|
|
3e2dc0 |
|