starlingx/integ
Code Issues Proposed changes
integ/grub/grub-efi/debian/patches/secure-core/0008-efi-chainloader-implement-an-UEFI-Exit-service.patch
Li Zhou 8e6824ec91 grub2/grub-efi: fix CVE-2022-28736 
We add patches to fix CVEs for grub instead of upgrading because
grub2/grub-efi is ported from yocto for secure boot bringing up.

The patches for CVE-2022-28736 have conflicts with the patches for
secure boot. So refer to below link to fix this CVE:
(1) https://patchwork.yoctoproject.org/project/oe-core/patch/
20221207034254.58292-1-xiangyu.chen@eng.windriver.com/
(2)https://github.com/jiazhang0/meta-secure-core/pull/257

The special patches for grub-efi are from layers meta-lat and
meta-secure-core of yocto upstream, which are based on the patches
for grub-efi in oe-core layer (including CVE patches). We used to mix
all the patches together. Now we will move the patches from meta-lat
and meta-secure-core to the end of sequence for applying patches,
so that we can keep align with yocto upstream and make it easier
to maintain the grub here.
Since there are many patches involved here, we don't change the number
in patches' name in case confusion is caused if we rename many files.

Below commits are added for the CVE:
<loader/efi/chainloader: Simplify the loader state>
<commands/boot: Add API to pass context to loader>
<loader/efi/chainloader: Use grub_loader_set_ex()>

Below patches for secure boot are adapted for conflicts with above:
secure-core/0009 <efi: chainloader: port shim to grub>
secure-core/0010 <efi: chainloader: use shim to load and verify an image>
secure-core/0012 <efi: chainloader: take care of unload undershim>

All of them are aligned with upstream and no changes here.

Test plan:
 - PASS: build grub2/grub-efi.
 - PASS: build-image and install and boot up on lab/qemu.
 - PASS: check that the "stx.N" version number is right for both
         bios(grub2 ver) and uefi(grub-efi ver) boot.
 - PASS: the tests are done on lab with secure boot disabled and
         enabled.

Closes-Bug: #2034119

Signed-off-by: Li Zhou <li.zhou@windriver.com>
Change-Id: I9a37cd8b804b238407f8ac6528f087a2eb0cf2de
2023-09-07 02:00:19 -04:00

84 lines
2.7 KiB
Diff
Raw Blame History

From a210b02b15d68bfe38651295f35edb1a21cef475 Mon Sep 17 00:00:00 2001
From: Matt Fleming <matt.fleming@intel.com>
Date: Fri, 27 Mar 2015 08:11:19 -0700
Subject: [PATCH] efi: chainloader: implement an UEFI Exit service
Upstream-Status: Inappropriate [embedded specific]
Implement an UEFI Exit service for shim in grub.
When exiting, grub will call the UEFI boot-time service Exit. The
effect of this is that UEFI will jump to the entry point of the
UEFI started image. If we execute an image using shim within grub,
shim takes care of loading/parsing/relocating/executing the image.
Under this scenario, we also need to take care of the Exit call. Thus,
we need to reimplement the function to make sure we perform a jump
to the instruction after which shim executed the image.
Once we have taken care of the exit of the shim-executed image
the system Exit call is restored.
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
[lz: Adapt git shortlog.]
Signed-off-by: Li Zhou <li.zhou@windriver.com>
---
grub-core/kern/x86_64/efi/callwrap.S | 23 +++++++++++++++++++++++
include/grub/efi/api.h | 4 ++++
2 files changed, 27 insertions(+)
diff --git a/grub-core/kern/x86_64/efi/callwrap.S b/grub-core/kern/x86_64/efi/callwrap.S
index 1337fd9..b849c2c 100644
--- a/grub-core/kern/x86_64/efi/callwrap.S
+++ b/grub-core/kern/x86_64/efi/callwrap.S
@@ -48,6 +48,26 @@ FUNCTION(efi_wrap_1)
addq $40, %rsp
ret
+FUNCTION(efi_call_foo)
+ pushq %rbp
+ pushq %r12
+ pushq %r13
+ pushq %r14
+ pushq %r15
+ movq %rsp, saved_sp(%rip)
+ subq $48, %rsp
+ mov %rsi, %rcx
+ call *%rdi
+
+FUNCTION(efi_shim_exit)
+ movq saved_sp(%rip), %rsp
+ popq %r15
+ popq %r14
+ popq %r13
+ popq %r12
+ popq %rbp
+ ret
+
FUNCTION(efi_wrap_2)
subq $40, %rsp
mov %rsi, %rcx
@@ -127,3 +147,6 @@ FUNCTION(efi_wrap_10)
call *%rdi
addq $88, %rsp
ret
+
+ .data
+saved_sp: .quad 0
diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h
index f1a5221..de3bbbd 100644
--- a/include/grub/efi/api.h
+++ b/include/grub/efi/api.h
@@ -1776,6 +1776,10 @@ typedef struct grub_efi_rng_protocol grub_efi_rng_protocol_t;
grub_uint64_t EXPORT_FUNC(efi_wrap_0) (void *func);
grub_uint64_t EXPORT_FUNC(efi_wrap_1) (void *func, grub_uint64_t arg1);
+grub_efi_status_t EXPORT_FUNC(efi_shim_exit) (grub_efi_handle_t handle, grub_efi_status_t exit_status,
+ grub_efi_uintn_t exit_data_size, grub_efi_char16_t *exit_data) __attribute__((noreturn));
+grub_uint64_t EXPORT_FUNC(efi_call_foo) (void *func, grub_uint64_t arg1,
+ grub_uint64_t arg2);
grub_uint64_t EXPORT_FUNC(efi_wrap_2) (void *func, grub_uint64_t arg1,
grub_uint64_t arg2);
grub_uint64_t EXPORT_FUNC(efi_wrap_3) (void *func, grub_uint64_t arg1,
--
2.17.1
View Git Blame Copy Permalink