|
 |
00e791 |
From 818a0dbd247f7c83d844febfa0a037b396d22701 Mon Sep 17 00:00:00 2001
|
|
|
00e791 |
From: Javier Martinez Canillas <javierm@redhat.com>
|
|
|
00e791 |
Date: Fri, 7 Sep 2018 15:10:51 +0200
|
|
|
00e791 |
Subject: [PATCH 14/62] shim: Prevent shim to set itself as a second stage
|
|
|
00e791 |
loader
|
|
|
00e791 |
|
|
|
00e791 |
When shim is invoked from a relative path (e.g: from the UEFI shell), the
|
|
|
00e791 |
Loaded Image handle LoadOptions can be set to the binary relative path.
|
|
|
00e791 |
|
|
|
00e791 |
But the is_our_path() function only checks if LoadOptions is set to the
|
|
|
00e791 |
absolute path of shim to ignore it. So if a relative path is there, shim
|
|
|
00e791 |
would set itself as the secondary loader and invoke itself in a loop.
|
|
|
00e791 |
|
|
|
00e791 |
To prevent that, use the path in LoadOptions to calculate the absolute
|
|
|
00e791 |
path and compare it with the one in the Loader Image handle FilePath.
|
|
|
00e791 |
|
|
|
00e791 |
Resolves: bz#1622485
|
|
|
00e791 |
|
|
|
00e791 |
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
|
|
|
00e791 |
Reviewed-by: Maran Wilson maran.wilson@oracle.com
|
|
|
00e791 |
Tested-by: Maran Wilson maran.wilson@oracle.com
|
|
|
00e791 |
Upstream-commit-id: e563bc3dcd1
|
|
|
00e791 |
---
|
|
|
00e791 |
shim.c | 17 ++++++++++++++---
|
|
|
00e791 |
1 file changed, 14 insertions(+), 3 deletions(-)
|
|
|
00e791 |
|
|
|
00e791 |
diff --git a/shim.c b/shim.c
|
|
|
00e791 |
index 5ab23d03db4..ae03da7eddf 100644
|
|
|
00e791 |
--- a/shim.c
|
|
|
00e791 |
+++ b/shim.c
|
|
|
00e791 |
@@ -2086,21 +2086,32 @@ get_load_option_optional_data(UINT8 *data, UINTN data_size,
|
|
|
00e791 |
return EFI_SUCCESS;
|
|
|
00e791 |
}
|
|
|
00e791 |
|
|
|
00e791 |
-static int is_our_path(EFI_LOADED_IMAGE *li, CHAR16 *path, UINTN len)
|
|
|
00e791 |
+static int is_our_path(EFI_LOADED_IMAGE *li, CHAR16 *path)
|
|
|
00e791 |
{
|
|
|
00e791 |
CHAR16 *dppath = NULL;
|
|
|
00e791 |
+ CHAR16 *PathName = NULL;
|
|
|
00e791 |
+ EFI_STATUS efi_status;
|
|
|
00e791 |
int ret = 1;
|
|
|
00e791 |
|
|
|
00e791 |
dppath = DevicePathToStr(li->FilePath);
|
|
|
00e791 |
if (!dppath)
|
|
|
00e791 |
return 0;
|
|
|
00e791 |
|
|
|
00e791 |
+ efi_status = generate_path_from_image_path(li, path, &PathName);
|
|
|
00e791 |
+ if (EFI_ERROR(efi_status)) {
|
|
|
00e791 |
+ perror(L"Unable to generate path %s: %r\n", path,
|
|
|
00e791 |
+ efi_status);
|
|
|
00e791 |
+ goto done;
|
|
|
00e791 |
+ }
|
|
|
00e791 |
+
|
|
|
00e791 |
dprint(L"dppath: %s\n", dppath);
|
|
|
00e791 |
dprint(L"path: %s\n", path);
|
|
|
00e791 |
- if (StrnCaseCmp(dppath, path, len))
|
|
|
00e791 |
+ if (StrnCaseCmp(dppath, PathName, strlen(dppath)))
|
|
|
00e791 |
ret = 0;
|
|
|
00e791 |
|
|
|
00e791 |
+done:
|
|
|
00e791 |
FreePool(dppath);
|
|
|
00e791 |
+ FreePool(PathName);
|
|
|
00e791 |
return ret;
|
|
|
00e791 |
}
|
|
|
00e791 |
|
|
|
00e791 |
@@ -2289,7 +2300,7 @@ EFI_STATUS set_second_stage (EFI_HANDLE image_handle)
|
|
|
00e791 |
|
|
|
00e791 |
* which is just cruel... So yeah, just don't use it.
|
|
|
00e791 |
*/
|
|
|
00e791 |
- if (strings == 1 && is_our_path(li, start, loader_len))
|
|
|
00e791 |
+ if (strings == 1 && is_our_path(li, start))
|
|
|
00e791 |
return EFI_SUCCESS;
|
|
|
00e791 |
|
|
|
00e791 |
/*
|
|
|
00e791 |
--
|
|
|
00e791 |
2.26.2
|
|
|
00e791 |
|