All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step
@ 2017-09-20 20:57 Tamas K Lengyel
  2017-09-20 20:57 ` [PATCH 2/2] common/efi: give people some time to read messages when debugging Tamas K Lengyel
  2017-09-21 13:03 ` [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step Jan Beulich
  0 siblings, 2 replies; 5+ messages in thread
From: Tamas K Lengyel @ 2017-09-20 20:57 UTC (permalink / raw)
  To: xen-devel; +Cc: Jan Beulich, Tamas K Lengyel

From: Tamas K Lengyel <lengyelt@ainfosec.com>

If the shim protocol is located it is expected that the dom0 kernel image
will also pass the shim verification.

Signed-off-by: Tamas K Lengyel <lengyelt@ainfosec.com>
Cc: Jan Beulich <jbeulich@suse.com>
---
 xen/common/efi/boot.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c
index 01d33004e0..a3a439b838 100644
--- a/xen/common/efi/boot.c
+++ b/xen/common/efi/boot.c
@@ -1226,9 +1226,13 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
         efi_bs->FreePool(name.w);
 
         if ( !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL,
-                        (void **)&shim_lock)) &&
-             (status = shim_lock->Verify(kernel.ptr, kernel.size)) != EFI_SUCCESS )
-            PrintErrMesg(L"Dom0 kernel image could not be verified", status);
+                        (void **)&shim_lock)))
+        {
+            if  ( shim_lock->Verify(kernel.ptr, kernel.size) != EFI_SUCCESS )
+                blexit(L"Dom0 kernel image could not be verified by the shim.");
+
+            PrintStr(L"Dom0 kernel image was verified by the shim.\r\n");
+        }
 
         name.s = get_value(&cfg, section.s, "ramdisk");
         if ( name.s )
-- 
2.11.0


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply related	[flat|nested] 5+ messages in thread
* [PATCH 2/2] common/efi: give people some time to read messages when debugging
  2017-09-20 20:57 [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step Tamas K Lengyel
@ 2017-09-20 20:57 ` Tamas K Lengyel
  2017-09-21 13:04   ` Jan Beulich
  2017-09-21 13:03 ` [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step Jan Beulich
  1 sibling, 1 reply; 5+ messages in thread
From: Tamas K Lengyel @ 2017-09-20 20:57 UTC (permalink / raw)
  To: xen-devel; +Cc: Jan Beulich, Tamas K Lengyel

From: Tamas K Lengyel <lengyelt@ainfosec.com>

The EFI messages flash by so fast that it is impossible to catch them without
a serial debugger attached. Sometimes though we don't have that available so
having some time to read the messages off the screen is valuable.

Signed-off-by: Tamas K Lengyel <lengyelt@ainfosec.com>
Cc: Jan Beulich <jbeulich@suse.com>
---
 xen/common/efi/boot.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c
index a3a439b838..1bce148bd9 100644
--- a/xen/common/efi/boot.c
+++ b/xen/common/efi/boot.c
@@ -321,6 +321,11 @@ static void __init noreturn blexit(const CHAR16 *str)
         PrintStr((CHAR16 *)str);
     PrintStr(newline);
 
+#ifndef NDEBUG
+    if ( efi_bs )
+        efi_bs->Stall(5000000);
+#endif
+
     if ( !efi_bs )
         efi_arch_halt();
 
@@ -1300,6 +1305,10 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
     if ( gop )
         efi_set_gop_mode(gop, gop_mode);
 
+#ifndef NDEBUG
+    efi_bs->Stall(5000000);
+#endif
+
     efi_exit_boot(ImageHandle, SystemTable);
 
     efi_arch_post_exit_boot();
-- 
2.11.0


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply related	[flat|nested] 5+ messages in thread
* Re: [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step
  2017-09-20 20:57 [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step Tamas K Lengyel
  2017-09-20 20:57 ` [PATCH 2/2] common/efi: give people some time to read messages when debugging Tamas K Lengyel
@ 2017-09-21 13:03 ` Jan Beulich
  2017-09-21 15:07   ` Tamas K Lengyel
  1 sibling, 1 reply; 5+ messages in thread
From: Jan Beulich @ 2017-09-21 13:03 UTC (permalink / raw)
  To: Tamas K Lengyel; +Cc: xen-devel, Tamas K Lengyel

>>> On 20.09.17 at 22:57, <tamas@tklengyel.com> wrote:
> --- a/xen/common/efi/boot.c
> +++ b/xen/common/efi/boot.c
> @@ -1226,9 +1226,13 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
>          efi_bs->FreePool(name.w);
>  
>          if ( !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL,
> -                        (void **)&shim_lock)) &&
> -             (status = shim_lock->Verify(kernel.ptr, kernel.size)) != EFI_SUCCESS )
> -            PrintErrMesg(L"Dom0 kernel image could not be verified", status);
> +                        (void **)&shim_lock)))
> +        {
> +            if  ( shim_lock->Verify(kernel.ptr, kernel.size) != EFI_SUCCESS )
> +                blexit(L"Dom0 kernel image could not be verified by the shim.");
> +
> +            PrintStr(L"Dom0 kernel image was verified by the shim.\r\n");
> +        }

So what is the actual behavioral change you're trying to
accomplish? PrintErrMesg() already calls blexit(), and I hope
sure the purpose of the change is neither to open code
anything, nor to drop the printing of the error code. And I
don't see any value in the success case message - it'll be
visible for a very brief moment at best anyway.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH 2/2] common/efi: give people some time to read messages when debugging
  2017-09-20 20:57 ` [PATCH 2/2] common/efi: give people some time to read messages when debugging Tamas K Lengyel
@ 2017-09-21 13:04   ` Jan Beulich
  0 siblings, 0 replies; 5+ messages in thread
From: Jan Beulich @ 2017-09-21 13:04 UTC (permalink / raw)
  To: Tamas K Lengyel; +Cc: xen-devel, Tamas K Lengyel

>>> On 20.09.17 at 22:57, <tamas@tklengyel.com> wrote:
> From: Tamas K Lengyel <lengyelt@ainfosec.com>
> 
> The EFI messages flash by so fast that it is impossible to catch them without
> a serial debugger attached. Sometimes though we don't have that available so
> having some time to read the messages off the screen is valuable.
> 
> Signed-off-by: Tamas K Lengyel <lengyelt@ainfosec.com>

NAK: I don't want any unnecessary stalls, including on debug
builds. If you want such stalls for yourself, patch then in as
needed.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step
  2017-09-21 13:03 ` [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step Jan Beulich
@ 2017-09-21 15:07   ` Tamas K Lengyel
  0 siblings, 0 replies; 5+ messages in thread
From: Tamas K Lengyel @ 2017-09-21 15:07 UTC (permalink / raw)
  To: Jan Beulich; +Cc: Xen-devel, Tamas K Lengyel

On Thu, Sep 21, 2017 at 7:03 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 20.09.17 at 22:57, <tamas@tklengyel.com> wrote:
>> --- a/xen/common/efi/boot.c
>> +++ b/xen/common/efi/boot.c
>> @@ -1226,9 +1226,13 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable)
>>          efi_bs->FreePool(name.w);
>>
>>          if ( !EFI_ERROR(efi_bs->LocateProtocol(&shim_lock_guid, NULL,
>> -                        (void **)&shim_lock)) &&
>> -             (status = shim_lock->Verify(kernel.ptr, kernel.size)) != EFI_SUCCESS )
>> -            PrintErrMesg(L"Dom0 kernel image could not be verified", status);
>> +                        (void **)&shim_lock)))
>> +        {
>> +            if  ( shim_lock->Verify(kernel.ptr, kernel.size) != EFI_SUCCESS )
>> +                blexit(L"Dom0 kernel image could not be verified by the shim.");
>> +
>> +            PrintStr(L"Dom0 kernel image was verified by the shim.\r\n");
>> +        }
>
> So what is the actual behavioral change you're trying to
> accomplish? PrintErrMesg() already calls blexit(),

Indeed, I've somehow missed that. Sorry for the noise.

Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-09-21 15:07 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-20 20:57 [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step Tamas K Lengyel
2017-09-20 20:57 ` [PATCH 2/2] common/efi: give people some time to read messages when debugging Tamas K Lengyel
2017-09-21 13:04   ` Jan Beulich
2017-09-21 13:03 ` [PATCH 1/2] common/efi: bail if dom0 fails the shim verification step Jan Beulich
2017-09-21 15:07   ` Tamas K Lengyel

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.