From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-f68.google.com (mail-wr1-f68.google.com [209.85.221.68]) by mx.groups.io with SMTP id smtpd.web11.12604.1583415989761576685 for ; Thu, 05 Mar 2020 05:46:30 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@linaro.org header.s=google header.b=v2oow2wC; spf=pass (domain: linaro.org, ip: 209.85.221.68, mailfrom: ard.biesheuvel@linaro.org) Received: by mail-wr1-f68.google.com with SMTP id v11so5134495wrm.9 for ; Thu, 05 Mar 2020 05:46:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=pNDNM9/AQ5nqQH+hLWLIJVrZg1K5pA09I61n5ZHa0NI=; b=v2oow2wCj55jHas2rZUw7nk5ljKoItqRP2HAuL9TMH3kpTrI8mWSU0evx53avY7M3H Rsetx/bvCMjdPxdeT4bvj3j11IsisPP+4aQwSZDL2XkHeBHbEFW2+ksmN+zpxY9xpdvT maQlZsiNio8ZVv2BWOb0dlcm63oSaNQJZt3OYVUtJ6fW7qAzlJ74n2Qq4vsCupDoz/Jx mnnSdI9FAaj4A/BFEodib0B9BNMvnt2CIZMVpao3jcnxBrdEwZNz3WbN/RuTXsEHsTUL tSuKefpfR2C+Z22/KePVTwK7l6DiKqTlfUVPTFEw/btqTqBBOl6d4sgQOzyNdHVA4F8f FAuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=pNDNM9/AQ5nqQH+hLWLIJVrZg1K5pA09I61n5ZHa0NI=; b=rWJW0SoBrnDzfUjmgbbTdWUmTWEc2ADwNUFGPZMlatmaABC9pmLr4pwdoDJnpSSO4P fzGuA5iBquehLPMDYGR7pkOgoTv35LHDq2SgmKpZb3BT73gjRDXY2pE+TMbzlpLIgPrG uC/SXanH4pEpKQh2qwMv9sUE2Q0WfhT6hXiJ7oDpYZ4mnBnxkyg5PXQWcvWJ/n5zPpLl 6eG2W+z+1ByeOo6g1cI0OR2LIOvo/92+uvBQ98BAcCklJ9ML1QVPAJOAwE7gu1Pqd7JR yCFMkPdJuC897nRRr1pTR+ywd4ejPYfXDNUYBNMm4Xw6tePgwkbcWGwfKSXXTiKHPgDU yYVA== X-Gm-Message-State: ANhLgQ1aVG9n6VrYXq7hJla/LNLH41YqQPm2yCcqjcsk0TvUGnrMW6jl rvWl6mTKVCud9fiMFJP3/gmfiFMDZEuh+w== X-Google-Smtp-Source: ADFU+vsSQh9uS286iIf+PwheRQjpJ4So8Bin7kUt3C/CBNgO0wfrEdjo99V4tWQOSUZsWQxsSaSrDQ== X-Received: by 2002:adf:ee4f:: with SMTP id w15mr10919212wro.254.1583415987991; Thu, 05 Mar 2020 05:46:27 -0800 (PST) Return-Path: Received: from e123331-lin.home ([2a01:cb1d:112:6f00:816e:ff0d:fb69:f613]) by smtp.gmail.com with ESMTPSA id m19sm9278701wmc.34.2020.03.05.05.46.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 05 Mar 2020 05:46:27 -0800 (PST) From: "Ard Biesheuvel" To: devel@edk2.groups.io Cc: lersek@redhat.com, Ard Biesheuvel Subject: [PATCH v3 14/14] OvmfPkg: use generic QEMU image loader for secure boot enabled builds Date: Thu, 5 Mar 2020 14:46:07 +0100 Message-Id: <20200305134607.20125-15-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200305134607.20125-1-ard.biesheuvel@linaro.org> References: <20200305134607.20125-1-ard.biesheuvel@linaro.org> The QemuLoadImageLib implementation we currently use for all OVMF builds copies the behavior of the QEMU loader code that precedes it, which is to disregard UEFI secure boot policies entirely when it comes to loading kernel images that have been specified on the QEMU command line. This behavior deviates from ArmVirtQemu based builds, which do take UEFI secure boot policies into account, and refuse to load images from the command line that cannot be authenticated. The disparity was originally due to the fact that the QEMU command line kernel loader did not use LoadImage and StartImage at all, but this changed recently, and now, there are only a couple of reasons left to stick with the legacy loader: - it permits loading images that lack a valid PE/COFF header, - it permits loading X64 kernels on IA32 firmware running on a X64 capable system. Since every non-authentic PE/COFF image can trivially be converted into an image that lacks a valid PE/COFF header, the former case can simply not be supported in a UEFI secure boot context. The latter case is highly theoretical, given that one could easily switch to native X64 firmware in a VM scenario. That leaves us with little justification to use the legacy loader at all when UEFI secure boot policies are in effect, so let's switch to the generic loader for UEFI secure boot enabled builds. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2566 Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 4 ++++ OvmfPkg/OvmfPkgIa32X64.dsc | 4 ++++ OvmfPkg/OvmfPkgX64.dsc | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index ec21d2f3f6cb..8916255df4df 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -363,7 +363,11 @@ [LibraryClasses.common.DXE_DRIVER] PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf +!if $(SECURE_BOOT_ENABLE) == TRUE + QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf +!else QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf +!endif !if $(TPM_ENABLE) == TRUE Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 3c80a18c6086..342ff96cc279 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -367,7 +367,11 @@ [LibraryClasses.common.DXE_DRIVER] PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf +!if $(SECURE_BOOT_ENABLE) == TRUE + QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf +!else QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf +!endif !if $(TPM_ENABLE) == TRUE Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 63f1f935f4f3..1fb2de5e0121 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -367,7 +367,11 @@ [LibraryClasses.common.DXE_DRIVER] PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf MpInitLib|UefiCpuPkg/Library/MpInitLib/DxeMpInitLib.inf QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf +!if $(SECURE_BOOT_ENABLE) == TRUE + QemuLoadImageLib|OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.inf +!else QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf +!endif !if $(TPM_ENABLE) == TRUE Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf -- 2.17.1