From: Ross Lagerwall <ross.lagerwall@citrix.com>
To: xen-devel@lists.xenproject.org
Cc: "Ross Lagerwall" <ross.lagerwall@citrix.com>,
"Jan Beulich" <jbeulich@suse.com>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Roger Pau Monné" <roger.pau@citrix.com>, "Wei Liu" <wl@xen.org>
Subject: [PATCH 4/4] x86: Call Shim Verify in the multiboot2 path
Date: Wed, 13 Mar 2024 15:04:39 +0000 [thread overview]
Message-ID: <20240313150439.791213-5-ross.lagerwall@citrix.com> (raw)
In-Reply-To: <20240313150439.791213-1-ross.lagerwall@citrix.com>
Now that the multiboot2 binary can be verified by Shim, ensure that the
dom0 kernel is verified when using the multiboot2 path. If the Shim
protocol is not available and the SecureBoot variable is not set to 0
(or the state cannot be determined), abort the boot.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
---
xen/arch/x86/boot/head.S | 4 ++-
xen/arch/x86/efi/efi-boot.h | 65 ++++++++++++++++++++++++++++++++++++-
2 files changed, 67 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/boot/head.S b/xen/arch/x86/boot/head.S
index 84dc8b76b61d..7b6e5d3882ad 100644
--- a/xen/arch/x86/boot/head.S
+++ b/xen/arch/x86/boot/head.S
@@ -385,10 +385,12 @@ __efi64_mb2_start:
/* Keep the stack aligned. Do not pop a single item off it. */
mov (%rsp),%rdi
+ mov %rbx, %rcx
+
/*
* efi_multiboot2() is called according to System V AMD64 ABI:
* - IN: %rdi - EFI ImageHandle, %rsi - EFI SystemTable,
- * %rdx - MB2 cmdline
+ * %rdx - MB2 cmdline, %rcx - Multiboot information.
*/
call efi_multiboot2
diff --git a/xen/arch/x86/efi/efi-boot.h b/xen/arch/x86/efi/efi-boot.h
index 8ea64e31cdc2..a9569e150e08 100644
--- a/xen/arch/x86/efi/efi-boot.h
+++ b/xen/arch/x86/efi/efi-boot.h
@@ -3,6 +3,7 @@
* is intended to be included by common/efi/boot.c _only_, and
* therefore can define arch specific global variables.
*/
+#include <xen/multiboot2.h>
#include <xen/vga.h>
#include <asm/e820.h>
#include <asm/edd.h>
@@ -808,9 +809,69 @@ static const char *__init get_option(const char *cmd, const char *opt)
return o;
}
+#define ALIGN_UP(arg, align) \
+ (((arg) + (align) - 1) & ~((typeof(arg))(align) - 1))
+
+static void __init efi_verify_dom0(uint64_t mbi_in)
+{
+ uint64_t ptr;
+ const multiboot2_tag_t *tag;
+ EFI_SHIM_LOCK_PROTOCOL *shim_lock;
+ EFI_STATUS status;
+ const multiboot2_tag_module_t *kernel = NULL;
+ const multiboot2_fixed_t *mbi_fix = _p(mbi_in);
+ static EFI_GUID __initdata shim_lock_guid = SHIM_LOCK_PROTOCOL_GUID;
+ static EFI_GUID __initdata global_variable_guid = EFI_GLOBAL_VARIABLE;
+
+ ptr = ALIGN_UP(mbi_in + sizeof(*mbi_fix), MULTIBOOT2_TAG_ALIGN);
+
+ for ( tag = _p(ptr); (uint64_t)tag - mbi_in < mbi_fix->total_size;
+ tag = _p(ALIGN_UP((uint64_t)tag + tag->size, MULTIBOOT2_TAG_ALIGN)) )
+ {
+ if ( tag->type == MULTIBOOT2_TAG_TYPE_MODULE )
+ {
+ kernel = (const multiboot2_tag_module_t *)tag;
+ break;
+ }
+ else if ( tag->type == MULTIBOOT2_TAG_TYPE_END )
+ break;
+ }
+
+ if ( !kernel )
+ return;
+
+ if ( (status = efi_bs->LocateProtocol(&shim_lock_guid, NULL,
+ (void **)&shim_lock)) != EFI_SUCCESS )
+ {
+ UINT32 attr;
+ UINT8 data;
+ UINTN size = sizeof(data);
+
+ status = efi_rs->GetVariable((CHAR16 *)L"SecureBoot", &global_variable_guid,
+ &attr, &size, &data);
+ if ( status == EFI_NOT_FOUND )
+ return;
+
+ if ( EFI_ERROR(status) )
+ PrintErrMesg(L"Could not get SecureBoot variable", status);
+
+ if ( attr != (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS) )
+ PrintErrMesg(L"Unexpected SecureBoot attributes", attr);
+
+ if ( size == 1 && data == 0 )
+ return;
+
+ blexit(L"Could not locate shim but Secure Boot is enabled");
+ }
+
+ if ( (status = shim_lock->Verify(_p(kernel->mod_start),
+ kernel->mod_end - kernel->mod_start)) != EFI_SUCCESS )
+ PrintErrMesg(L"Dom0 kernel image could not be verified", status);
+}
+
void asmlinkage __init efi_multiboot2(EFI_HANDLE ImageHandle,
EFI_SYSTEM_TABLE *SystemTable,
- const char *cmdline)
+ const char *cmdline, uint64_t mbi_in)
{
EFI_GRAPHICS_OUTPUT_PROTOCOL *gop;
EFI_HANDLE gop_handle;
@@ -902,6 +963,8 @@ void asmlinkage __init efi_multiboot2(EFI_HANDLE ImageHandle,
efi_relocate_esrt(SystemTable);
+ efi_verify_dom0(mbi_in);
+
efi_exit_boot(ImageHandle, SystemTable);
}
--
2.43.0
prev parent reply other threads:[~2024-03-13 15:03 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-13 15:04 [PATCH 0/4] x86: Multiboot PE support Ross Lagerwall
2024-03-13 15:04 ` [PATCH 1/4] multiboot2: Advertise the load type Ross Lagerwall
2024-03-13 15:04 ` [PATCH 2/4] x86: Add support for building a multiboot2 PE binary Ross Lagerwall
2024-03-13 15:04 ` [PATCH 3/4] x86: Hand-edit coff flags to remove RELOCS_STRIPPED flag Ross Lagerwall
2024-03-13 15:04 ` Ross Lagerwall [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240313150439.791213-5-ross.lagerwall@citrix.com \
--to=ross.lagerwall@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=roger.pau@citrix.com \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.