2aacef
From 519625977d19b7842d9b2ded8be12ed0aecbaefc Mon Sep 17 00:00:00 2001
2aacef
From: Jan Janssen <medhefgo@web.de>
2aacef
Date: Tue, 15 Nov 2022 18:22:38 +0100
2aacef
Subject: [PATCH] boot: Rework security arch override
2aacef
2aacef
This simplifies the caller interface for security arch overrides by only
2aacef
having to pass a validator and an optional context.
2aacef
2aacef
(cherry picked from commit 5489c13bae119dc5f6e65be8d7f241aa7d54c023)
2aacef
2aacef
Related: #2138081
2aacef
---
2aacef
 src/boot/efi/linux.c       |  61 ++++++++-------------
2aacef
 src/boot/efi/secure-boot.c | 105 +++++++++++++++++++++++++++++--------
2aacef
 src/boot/efi/secure-boot.h |  28 +++-------
2aacef
 src/boot/efi/shim.c        | 104 +++++++++++-------------------------
2aacef
 4 files changed, 146 insertions(+), 152 deletions(-)
2aacef
2aacef
diff --git a/src/boot/efi/linux.c b/src/boot/efi/linux.c
2aacef
index 75b9507709..dd7eb48c8c 100644
2aacef
--- a/src/boot/efi/linux.c
2aacef
+++ b/src/boot/efi/linux.c
2aacef
@@ -20,35 +20,26 @@
2aacef
 #define STUB_PAYLOAD_GUID \
2aacef
         { 0x55c5d1f8, 0x04cd, 0x46b5, { 0x8a, 0x20, 0xe5, 0x6c, 0xbb, 0x30, 0x52, 0xd0 } }
2aacef
 
2aacef
-static EFIAPI EFI_STATUS security_hook(
2aacef
-                const SecurityOverride *this, uint32_t authentication_status, const EFI_DEVICE_PATH *file) {
2aacef
+typedef struct {
2aacef
+        const void *addr;
2aacef
+        size_t len;
2aacef
+        const EFI_DEVICE_PATH *device_path;
2aacef
+} ValidationContext;
2aacef
 
2aacef
-        assert(this);
2aacef
-        assert(this->hook == security_hook);
2aacef
+static bool validate_payload(
2aacef
+                const void *ctx, const EFI_DEVICE_PATH *device_path, const void *file_buffer, size_t file_size) {
2aacef
 
2aacef
-        if (file == this->payload_device_path)
2aacef
-                return EFI_SUCCESS;
2aacef
+        const ValidationContext *payload = ASSERT_PTR(ctx);
2aacef
 
2aacef
-        return this->original_security->FileAuthenticationState(
2aacef
-                        this->original_security, authentication_status, file);
2aacef
-}
2aacef
-
2aacef
-static EFIAPI EFI_STATUS security2_hook(
2aacef
-                const SecurityOverride *this,
2aacef
-                const EFI_DEVICE_PATH *device_path,
2aacef
-                void *file_buffer,
2aacef
-                size_t file_size,
2aacef
-                BOOLEAN boot_policy) {
2aacef
-
2aacef
-        assert(this);
2aacef
-        assert(this->hook == security2_hook);
2aacef
+        if (device_path != payload->device_path)
2aacef
+                return false;
2aacef
 
2aacef
-        if (file_buffer == this->payload && file_size == this->payload_len &&
2aacef
-            device_path == this->payload_device_path)
2aacef
-                return EFI_SUCCESS;
2aacef
+        /* Security arch (1) protocol does not provide a file buffer. Instead we are supposed to fetch the payload
2aacef
+         * ourselves, which is not needed as we already have everything in memory and the device paths match. */
2aacef
+        if (file_buffer && (file_buffer != payload->addr || file_size != payload->len))
2aacef
+                return false;
2aacef
 
2aacef
-        return this->original_security2->FileAuthentication(
2aacef
-                        this->original_security2, device_path, file_buffer, file_size, boot_policy);
2aacef
+        return true;
2aacef
 }
2aacef
 
2aacef
 static EFI_STATUS load_image(EFI_HANDLE parent, const void *source, size_t len, EFI_HANDLE *ret_image) {
2aacef
@@ -79,19 +70,13 @@ static EFI_STATUS load_image(EFI_HANDLE parent, const void *source, size_t len,
2aacef
 
2aacef
         /* We want to support unsigned kernel images as payload, which is safe to do under secure boot
2aacef
          * because it is embedded in this stub loader (and since it is already running it must be trusted). */
2aacef
-        SecurityOverride security_override = {
2aacef
-                .hook = security_hook,
2aacef
-                .payload = source,
2aacef
-                .payload_len = len,
2aacef
-                .payload_device_path = &payload_device_path.payload.Header,
2aacef
-        }, security2_override = {
2aacef
-                .hook = security2_hook,
2aacef
-                .payload = source,
2aacef
-                .payload_len = len,
2aacef
-                .payload_device_path = &payload_device_path.payload.Header,
2aacef
-        };
2aacef
-
2aacef
-        install_security_override(&security_override, &security2_override);
2aacef
+        install_security_override(
2aacef
+                        validate_payload,
2aacef
+                        &(ValidationContext) {
2aacef
+                                .addr = source,
2aacef
+                                .len = len,
2aacef
+                                .device_path = &payload_device_path.payload.Header,
2aacef
+                        });
2aacef
 
2aacef
         EFI_STATUS ret = BS->LoadImage(
2aacef
                         /*BootPolicy=*/false,
2aacef
@@ -101,7 +86,7 @@ static EFI_STATUS load_image(EFI_HANDLE parent, const void *source, size_t len,
2aacef
                         len,
2aacef
                         ret_image);
2aacef
 
2aacef
-        uninstall_security_override(&security_override, &security2_override);
2aacef
+        uninstall_security_override();
2aacef
 
2aacef
         return ret;
2aacef
 }
2aacef
diff --git a/src/boot/efi/secure-boot.c b/src/boot/efi/secure-boot.c
2aacef
index 171b2c96b3..0e615c55e0 100644
2aacef
--- a/src/boot/efi/secure-boot.c
2aacef
+++ b/src/boot/efi/secure-boot.c
2aacef
@@ -127,10 +127,60 @@ out_deallocate:
2aacef
         return err;
2aacef
 }
2aacef
 
2aacef
-static EFI_STATUS install_security_override_one(EFI_GUID guid, SecurityOverride *override) {
2aacef
+static struct SecurityOverride {
2aacef
+        /* Our own security arch instances that we register onto original_handle, thereby replacing the
2aacef
+         * firmware provided instances. */
2aacef
+        EFI_SECURITY_ARCH_PROTOCOL override;
2aacef
+        EFI_SECURITY2_ARCH_PROTOCOL override2;
2aacef
+
2aacef
+        /* These are saved so we can uninstall our own instance later. */
2aacef
+        EFI_HANDLE original_handle, original_handle2;
2aacef
+        EFI_SECURITY_ARCH_PROTOCOL *original_security;
2aacef
+        EFI_SECURITY2_ARCH_PROTOCOL *original_security2;
2aacef
+
2aacef
+        security_validator_t validator;
2aacef
+        const void *validator_ctx;
2aacef
+} security_override;
2aacef
+
2aacef
+static EFIAPI EFI_STATUS security_hook(
2aacef
+                const EFI_SECURITY_ARCH_PROTOCOL *this,
2aacef
+                uint32_t authentication_status,
2aacef
+                const EFI_DEVICE_PATH *file) {
2aacef
+
2aacef
+        assert(security_override.validator);
2aacef
+        assert(security_override.original_security);
2aacef
+
2aacef
+        if (security_override.validator(security_override.validator_ctx, file, NULL, 0))
2aacef
+                return EFI_SUCCESS;
2aacef
+
2aacef
+        return security_override.original_security->FileAuthenticationState(
2aacef
+                        security_override.original_security, authentication_status, file);
2aacef
+}
2aacef
+
2aacef
+static EFIAPI EFI_STATUS security2_hook(
2aacef
+                const EFI_SECURITY2_ARCH_PROTOCOL *this,
2aacef
+                const EFI_DEVICE_PATH *device_path,
2aacef
+                void *file_buffer,
2aacef
+                size_t file_size,
2aacef
+                BOOLEAN boot_policy) {
2aacef
+
2aacef
+        assert(security_override.validator);
2aacef
+        assert(security_override.original_security2);
2aacef
+
2aacef
+        if (security_override.validator(security_override.validator_ctx, device_path, file_buffer, file_size))
2aacef
+                return EFI_SUCCESS;
2aacef
+
2aacef
+        return security_override.original_security2->FileAuthentication(
2aacef
+                        security_override.original_security2, device_path, file_buffer, file_size, boot_policy);
2aacef
+}
2aacef
+
2aacef
+static EFI_STATUS install_security_override_one(
2aacef
+                EFI_GUID guid, void *override, EFI_HANDLE *ret_original_handle, void **ret_original_security) {
2aacef
         EFI_STATUS err;
2aacef
 
2aacef
         assert(override);
2aacef
+        assert(ret_original_handle);
2aacef
+        assert(ret_original_security);
2aacef
 
2aacef
         _cleanup_free_ EFI_HANDLE *handles = NULL;
2aacef
         size_t n_handles = 0;
2aacef
@@ -152,8 +202,8 @@ static EFI_STATUS install_security_override_one(EFI_GUID guid, SecurityOverride
2aacef
         if (err != EFI_SUCCESS)
2aacef
                 return log_error_status_stall(err, u"Error overriding security arch protocol: %r", err);
2aacef
 
2aacef
-        override->original = security;
2aacef
-        override->original_handle = handles[0];
2aacef
+        *ret_original_security = security;
2aacef
+        *ret_original_handle = handles[0];
2aacef
         return EFI_SUCCESS;
2aacef
 }
2aacef
 
2aacef
@@ -161,35 +211,46 @@ static EFI_STATUS install_security_override_one(EFI_GUID guid, SecurityOverride
2aacef
  * Specification) with the provided override instances. If not running in secure boot or the protocols are
2aacef
  * not available nothing happens. The override instances are provided with the necessary info to undo this
2aacef
  * in uninstall_security_override(). */
2aacef
-void install_security_override(SecurityOverride *override, SecurityOverride *override2) {
2aacef
-        assert(override);
2aacef
-        assert(override2);
2aacef
+void install_security_override(security_validator_t validator, const void *validator_ctx) {
2aacef
+        assert(validator);
2aacef
 
2aacef
         if (!secure_boot_enabled())
2aacef
                 return;
2aacef
 
2aacef
-        (void) install_security_override_one((EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID, override);
2aacef
-        (void) install_security_override_one((EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID, override2);
2aacef
-}
2aacef
+        security_override = (struct SecurityOverride) {
2aacef
+                { .FileAuthenticationState = security_hook, },
2aacef
+                { .FileAuthentication = security2_hook, },
2aacef
+                .validator = validator,
2aacef
+                .validator_ctx = validator_ctx,
2aacef
+        };
2aacef
 
2aacef
-void uninstall_security_override(SecurityOverride *override, SecurityOverride *override2) {
2aacef
-        assert(override);
2aacef
-        assert(override2);
2aacef
+        (void) install_security_override_one(
2aacef
+                        (EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
2aacef
+                        &security_override.override,
2aacef
+                        &security_override.original_handle,
2aacef
+                        (void **) &security_override.original_security);
2aacef
+        (void) install_security_override_one(
2aacef
+                        (EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
2aacef
+                        &security_override.override2,
2aacef
+                        &security_override.original_handle2,
2aacef
+                        (void **) &security_override.original_security2);
2aacef
+}
2aacef
 
2aacef
+void uninstall_security_override(void) {
2aacef
         /* We use assert_se here to guarantee the system is not in a weird state in the unlikely case of an
2aacef
          * error restoring the original protocols. */
2aacef
 
2aacef
-        if (override->original_handle)
2aacef
+        if (security_override.original_handle)
2aacef
                 assert_se(BS->ReinstallProtocolInterface(
2aacef
-                                          override->original_handle,
2aacef
-                                          &(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
2aacef
-                                          override,
2aacef
-                                          override->original) == EFI_SUCCESS);
2aacef
+                                security_override.original_handle,
2aacef
+                                &(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID,
2aacef
+                                &security_override.override,
2aacef
+                                security_override.original_security) == EFI_SUCCESS);
2aacef
 
2aacef
-        if (override2->original_handle)
2aacef
+        if (security_override.original_handle2)
2aacef
                 assert_se(BS->ReinstallProtocolInterface(
2aacef
-                                          override2->original_handle,
2aacef
-                                          &(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
2aacef
-                                          override2,
2aacef
-                                          override2->original) == EFI_SUCCESS);
2aacef
+                                security_override.original_handle2,
2aacef
+                                &(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID,
2aacef
+                                &security_override.override2,
2aacef
+                                security_override.original_security2) == EFI_SUCCESS);
2aacef
 }
2aacef
diff --git a/src/boot/efi/secure-boot.h b/src/boot/efi/secure-boot.h
2aacef
index 91b6770edb..e98de81c2a 100644
2aacef
--- a/src/boot/efi/secure-boot.h
2aacef
+++ b/src/boot/efi/secure-boot.h
2aacef
@@ -17,23 +17,11 @@ SecureBootMode secure_boot_mode(void);
2aacef
 
2aacef
 EFI_STATUS secure_boot_enroll_at(EFI_FILE *root_dir, const char16_t *path);
2aacef
 
2aacef
-typedef struct {
2aacef
-        void *hook;
2aacef
-
2aacef
-        /* End of EFI_SECURITY_ARCH(2)_PROTOCOL. The rest is our own protocol instance data. */
2aacef
-
2aacef
-        EFI_HANDLE original_handle;
2aacef
-        union {
2aacef
-                void *original;
2aacef
-                EFI_SECURITY_ARCH_PROTOCOL *original_security;
2aacef
-                EFI_SECURITY2_ARCH_PROTOCOL *original_security2;
2aacef
-        };
2aacef
-
2aacef
-        /* Used by the stub to identify the embedded image. */
2aacef
-        const void *payload;
2aacef
-        size_t payload_len;
2aacef
-        const EFI_DEVICE_PATH *payload_device_path;
2aacef
-} SecurityOverride;
2aacef
-
2aacef
-void install_security_override(SecurityOverride *override, SecurityOverride *override2);
2aacef
-void uninstall_security_override(SecurityOverride *override, SecurityOverride *override2);
2aacef
+typedef bool (*security_validator_t)(
2aacef
+                const void *ctx,
2aacef
+                const EFI_DEVICE_PATH *device_path,
2aacef
+                const void *file_buffer,
2aacef
+                size_t file_size);
2aacef
+
2aacef
+void install_security_override(security_validator_t validator, const void *validator_ctx);
2aacef
+void uninstall_security_override(void);
2aacef
diff --git a/src/boot/efi/shim.c b/src/boot/efi/shim.c
2aacef
index 3ae058cb84..ac224336bc 100644
2aacef
--- a/src/boot/efi/shim.c
2aacef
+++ b/src/boot/efi/shim.c
2aacef
@@ -23,7 +23,7 @@
2aacef
 #endif
2aacef
 
2aacef
 struct ShimLock {
2aacef
-        EFI_STATUS __sysv_abi__ (*shim_verify) (void *buffer, uint32_t size);
2aacef
+        EFI_STATUS __sysv_abi__ (*shim_verify) (const void *buffer, uint32_t size);
2aacef
 
2aacef
         /* context is actually a struct for the PE header, but it isn't needed so void is sufficient just do define the interface
2aacef
          * see shim.c/shim.h and PeHeader.h in the github shim repo */
2aacef
@@ -41,79 +41,45 @@ bool shim_loaded(void) {
2aacef
         return BS->LocateProtocol((EFI_GUID*) SHIM_LOCK_GUID, NULL, (void**) &shim_lock) == EFI_SUCCESS;
2aacef
 }
2aacef
 
2aacef
-static bool shim_validate(void *data, uint32_t size) {
2aacef
-        struct ShimLock *shim_lock;
2aacef
-
2aacef
-        if (!data)
2aacef
-                return false;
2aacef
-
2aacef
-        if (BS->LocateProtocol((EFI_GUID*) SHIM_LOCK_GUID, NULL, (void**) &shim_lock) != EFI_SUCCESS)
2aacef
-                return false;
2aacef
-
2aacef
-        if (!shim_lock)
2aacef
-                return false;
2aacef
-
2aacef
-        return shim_lock->shim_verify(data, size) == EFI_SUCCESS;
2aacef
-}
2aacef
-
2aacef
-static EFIAPI EFI_STATUS security2_hook(
2aacef
-                const SecurityOverride *this,
2aacef
-                const EFI_DEVICE_PATH *device_path,
2aacef
-                void *file_buffer,
2aacef
-                UINTN file_size,
2aacef
-                BOOLEAN boot_policy) {
2aacef
-
2aacef
-        assert(this);
2aacef
-        assert(this->hook == security2_hook);
2aacef
-
2aacef
-        if (shim_validate(file_buffer, file_size))
2aacef
-                return EFI_SUCCESS;
2aacef
-
2aacef
-        return this->original_security2->FileAuthentication(
2aacef
-                        this->original_security2, device_path, file_buffer, file_size, boot_policy);
2aacef
-}
2aacef
-
2aacef
-static EFIAPI EFI_STATUS security_hook(
2aacef
-                const SecurityOverride *this,
2aacef
-                uint32_t authentication_status,
2aacef
-                const EFI_DEVICE_PATH *device_path) {
2aacef
+static bool shim_validate(
2aacef
+                const void *ctx, const EFI_DEVICE_PATH *device_path, const void *file_buffer, size_t file_size) {
2aacef
 
2aacef
         EFI_STATUS err;
2aacef
+        _cleanup_free_ char *file_buffer_owned = NULL;
2aacef
 
2aacef
-        assert(this);
2aacef
-        assert(this->hook == security_hook);
2aacef
+        if (!file_buffer) {
2aacef
+                if (!device_path)
2aacef
+                        return false;
2aacef
 
2aacef
-        if (!device_path)
2aacef
-                return this->original_security->FileAuthenticationState(
2aacef
-                                this->original_security, authentication_status, device_path);
2aacef
+                EFI_HANDLE device_handle;
2aacef
+                EFI_DEVICE_PATH *file_dp = (EFI_DEVICE_PATH *) device_path;
2aacef
+                err = BS->LocateDevicePath(&FileSystemProtocol, &file_dp, &device_handle);
2aacef
+                if (err != EFI_SUCCESS)
2aacef
+                        return false;
2aacef
 
2aacef
-        EFI_HANDLE device_handle;
2aacef
-        EFI_DEVICE_PATH *dp = (EFI_DEVICE_PATH *) device_path;
2aacef
-        err = BS->LocateDevicePath(&FileSystemProtocol, &dp, &device_handle);
2aacef
-        if (err != EFI_SUCCESS)
2aacef
-                return err;
2aacef
+                _cleanup_(file_closep) EFI_FILE *root = NULL;
2aacef
+                err = open_volume(device_handle, &root);
2aacef
+                if (err != EFI_SUCCESS)
2aacef
+                        return false;
2aacef
 
2aacef
-        _cleanup_(file_closep) EFI_FILE *root = NULL;
2aacef
-        err = open_volume(device_handle, &root);
2aacef
-        if (err != EFI_SUCCESS)
2aacef
-                return err;
2aacef
+                _cleanup_free_ char16_t *dp_str = NULL;
2aacef
+                err = device_path_to_str(file_dp, &dp_str);
2aacef
+                if (err != EFI_SUCCESS)
2aacef
+                        return false;
2aacef
 
2aacef
-        _cleanup_free_ char16_t *dp_str = NULL;
2aacef
-        err = device_path_to_str(dp, &dp_str);
2aacef
-        if (err != EFI_SUCCESS)
2aacef
-                return err;
2aacef
+                err = file_read(root, dp_str, 0, 0, &file_buffer_owned, &file_size);
2aacef
+                if (err != EFI_SUCCESS)
2aacef
+                        return false;
2aacef
 
2aacef
-        char *file_buffer;
2aacef
-        size_t file_size;
2aacef
-        err = file_read(root, dp_str, 0, 0, &file_buffer, &file_size);
2aacef
-        if (err != EFI_SUCCESS)
2aacef
-                return err;
2aacef
+                file_buffer = file_buffer_owned;
2aacef
+        }
2aacef
 
2aacef
-        if (shim_validate(file_buffer, file_size))
2aacef
-                return EFI_SUCCESS;
2aacef
+        struct ShimLock *shim_lock;
2aacef
+        err = BS->LocateProtocol((EFI_GUID *) SHIM_LOCK_GUID, NULL, (void **) &shim_lock);
2aacef
+        if (err != EFI_SUCCESS)
2aacef
+                return false;
2aacef
 
2aacef
-        return this->original_security->FileAuthenticationState(
2aacef
-                        this->original_security, authentication_status, device_path);
2aacef
+        return shim_lock->shim_verify(file_buffer, file_size) == EFI_SUCCESS;
2aacef
 }
2aacef
 
2aacef
 EFI_STATUS shim_load_image(EFI_HANDLE parent, const EFI_DEVICE_PATH *device_path, EFI_HANDLE *ret_image) {
2aacef
@@ -122,20 +88,14 @@ EFI_STATUS shim_load_image(EFI_HANDLE parent, const EFI_DEVICE_PATH *device_path
2aacef
 
2aacef
         bool have_shim = shim_loaded();
2aacef
 
2aacef
-        SecurityOverride security_override = {
2aacef
-                .hook = security_hook,
2aacef
-        }, security2_override = {
2aacef
-                .hook = security2_hook,
2aacef
-        };
2aacef
-
2aacef
         if (have_shim)
2aacef
-                install_security_override(&security_override, &security2_override);
2aacef
+                install_security_override(shim_validate, NULL);
2aacef
 
2aacef
         EFI_STATUS ret = BS->LoadImage(
2aacef
                         /*BootPolicy=*/false, parent, (EFI_DEVICE_PATH *) device_path, NULL, 0, ret_image);
2aacef
 
2aacef
         if (have_shim)
2aacef
-                uninstall_security_override(&security_override, &security2_override);
2aacef
+                uninstall_security_override();
2aacef
 
2aacef
         return ret;
2aacef
 }