Releases: rhboot/shim
shim 14 - Important bug fix release
vathpela
Peter Jones
The shim EFI binary cannot have sections whose offset is not a multiple of the
file header offset, or else signtool.exe will generate an incorrect signature
that cannot be verified. Currently we generate a PLT section that is
incorrectly aligned, due to an error in rebasing OpenSSL to fix a different
issue. This version rectifies that error, as well as adding --no-undefined to
the final link, so that any such missing symbol will cause a build error. This
doesn't necessarily solve the file offset problem in all cases, but it does
solve it in all the cases we've actually seen so far.
shim 13
vathpela
Peter Jones
- OpenSSL reverted to 1.0.2k to make the cert chaining of existing deployments stay working
- Better PCR usage for TPM
- TPM documentation in README.tpm
- More configurable build via make variables:
ENABLE_SHIM_CERT
ENABLE_SHIM_HASH
ENABLE_SBSIGN
LIBDIR
EFIDIR
VENDOR_CERT_FILE
VENDOR_DB_FILE - Better MoK documentation in MokVars.txt
- Better debuginfo generation
- Lots of minor bug fixes.
shim 12
shim version 11
vathpela
Peter Jones
- generate_hash(): fix the regression (Lans Zhang)
- Ignore BDS when it tells us we got our own path on the command line.
- Support ia32
- Handle various different load option implementation differences
- TPM 1 and TPM 2 support.
- Update to OpenSSL 1.0.2k
- GCC 7 support
If you need binaries signed by Microsoft, it is strongly recommended to use https://github.com/rhinstaller/shim/releases/12 instead due to #80 .
shim-0.9
vathpela
Peter Jones
Gary Ching-Pang Lin (19):
Add nostdinc to the CFLAGS for lib
Update Cryptlib and openssl
Make the build failed with objcopy < 2.24
Support MOK blacklist
MokManager: show the hash list properly
MokManager: delete the hash properly
MokManager: Match all hashes in the list
MokManager: Write the hash list properly
Copy the MOK blacklist to a RT variable
Verify the EFI images with MOK blacklist
Make shim to check MokXAuth for MOKX reset
MokManager: calculate the variable size correctly
MokManager: fix the hash list counting in delete
MokManager: Support SHA1 hash in MOK
MokManager: fix the return value and type
MokManager: Add more key list safe checks
MokManager: Support SHA224, SHA384, and SHA512
MokManager: Discard the list contains an invalid signature
MokManager: fix comparison between signed and unsigned integer
Laszlo Ersek (1):
Fix length of allocated buffer for boot option comparison.
Matthew Garrett (1):
Explicitly request sysv-style ELF hash sections
Peter Jones (17):
Align the sections we're loading, and check for validity /after/ discarding.
Don't install our protocols if we're not in secure mode.
Make lib/ build right with the cflags it should be using...
Make lib/ use the right CFLAGS.
gcc 5.0 changes some include bits, so copy what arm does on x86.
Only run MokManager if asked or a security violation occurs.
Don't leave in_protocol==1 when shim_verify() isn't enforcing.
Ensure that apps launched by shim get correct BS->Exit() behavior
Fix console_print_box*() parameters.
MokManager: Nerf SHA-1 again for actual hashes and signatures.
Don't print anything or delay when start_image() succeeds.
More incorrect unsigned vs signed fixups from yours truly.
Add a conditional point for a debugger to attach.
Only be verbose the first time secure_mode() is called.
Make sure our build-id notes wind up at a reasonable place.
Improve our debuginfo path print
0.9
Richard W.M. Jones (1):
fallback: Fix comparison between signed and unsigned in debugging code.
shim 0.8
vathpela
Peter Jones
- Various code cleanups
- 32-bit binary support
- Better dhcpv4 support
- Better device path generation in fallback.efi
- Re-use of existing entries when possible in fallback.efi
- Additional bounds checking of section sizes
- Working PE base relocations
- Avoid fallback.efi creating duplicates in BootOrder
- Update to OpenSSL 0.9.8zb
- ARM Aarch64 support
- Fix buffer overrun in ipv6 option parsing (CVE-2014-3675 and CVE-2014-3676)
- Fix out of bounds error on parsing MokNew (CVE-2014-3677)