Update to shim-15.6

Resolves: CVE-2022-28737

Signed-off-by: Peter Jones <pjones@redhat.com>
This commit is contained in:
Peter Jones 2022-05-31 15:27:21 -04:00
parent 3ab85dd213
commit 3b90d8001a
9 changed files with 6 additions and 356 deletions

View File

@ -1,69 +0,0 @@
From 77144e5a404df89b45941bfc54fd2f59e0ee607b Mon Sep 17 00:00:00 2001
From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Date: Tue, 24 May 2022 11:49:44 -0700
Subject: [PATCH 1/6] SBAT Policy latest should be a one-shot
Since booting from removable media can be hard to detect,
setting a persistent latest SBAT policy is risky in a typical
client system. This changes latest to be a one-shot operation
that could be set at the time of an OS update if desired.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
---
sbat.c | 21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/sbat.c b/sbat.c
index 637df5ecdd6..9b872082e35 100644
--- a/sbat.c
+++ b/sbat.c
@@ -369,6 +369,16 @@ preserve_sbat_uefi_variable(UINT8 *sbat, UINTN sbatsize, UINT32 attributes,
return false;
}
+static void
+clear_sbat_policy()
+{
+ EFI_STATUS efi_status = EFI_SUCCESS;
+
+ efi_status = del_variable(SBAT_POLICY, SHIM_LOCK_GUID);
+ if (EFI_ERROR(efi_status))
+ console_error(L"Could not reset SBAT Policy", efi_status);
+}
+
EFI_STATUS
set_sbat_uefi_variable(void)
{
@@ -394,6 +404,7 @@ set_sbat_uefi_variable(void)
case SBAT_POLICY_LATEST:
dprint("Custom sbat policy: latest\n");
sbat_var = SBAT_VAR_LATEST;
+ clear_sbat_policy();
break;
case SBAT_POLICY_PREVIOUS:
dprint("Custom sbat policy: previous\n");
@@ -408,19 +419,13 @@ set_sbat_uefi_variable(void)
reset_sbat = true;
sbat_var = SBAT_VAR_ORIGINAL;
}
- efi_status = del_variable(SBAT_POLICY, SHIM_LOCK_GUID);
- if (EFI_ERROR(efi_status))
- console_error(L"Could not reset SBAT Policy",
- efi_status);
+ clear_sbat_policy();
break;
default:
console_error(L"SBAT policy state %llu is invalid",
EFI_INVALID_PARAMETER);
- efi_status = del_variable(SBAT_POLICY, SHIM_LOCK_GUID);
- if (EFI_ERROR(efi_status))
- console_error(L"Could not reset SBAT Policy",
- efi_status);
sbat_var = SBAT_VAR_PREVIOUS;
+ clear_sbat_policy();
break;
}
}
--
2.35.1

View File

@ -1,63 +0,0 @@
From e99bdbb827a50cde019393d3ca1e89397db221a7 Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Tue, 3 May 2022 15:41:00 +0200
Subject: [PATCH 2/6] pe: Fix a buffer overflow when SizeOfRawData >
VirtualSize
During image loading, the size of the destination buffer for the image
is determined by the SizeOfImage field in the optional header. The start
and end virtual addresses of each section, as determined by each section's
VirtualAddress and VirtualSize fields, are bounds checked against the
allocated buffer. However, the amount of data copied to the destination
buffer is determined by the section's SizeOfRawData filed. If this is
larger than the VirtualSize, then the copy can overflow the destination
buffer.
Fix this by limiting the amount of data to copy to the section's
VirtualSize. In the case where a section has SizeOfRawData > VirtualSize,
the excess data is discarded.
This fixes CVE-2022-28737
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
---
pe.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/pe.c b/pe.c
index 5d0c6b0bad0..1eb3f59a4f7 100644
--- a/pe.c
+++ b/pe.c
@@ -1089,6 +1089,7 @@ handle_image (void *data, unsigned int datasize,
int i;
EFI_IMAGE_SECTION_HEADER *Section;
char *base, *end;
+ UINT32 size;
PE_COFF_LOADER_IMAGE_CONTEXT context;
unsigned int alignment, alloc_size;
int found_entry_point = 0;
@@ -1274,13 +1275,15 @@ handle_image (void *data, unsigned int datasize,
return EFI_UNSUPPORTED;
}
- if (Section->SizeOfRawData > 0)
- CopyMem(base, data + Section->PointerToRawData,
- Section->SizeOfRawData);
+ size = Section->Misc.VirtualSize;
+ if (size > Section->SizeOfRawData)
+ size = Section->SizeOfRawData;
- if (Section->SizeOfRawData < Section->Misc.VirtualSize)
- ZeroMem(base + Section->SizeOfRawData,
- Section->Misc.VirtualSize - Section->SizeOfRawData);
+ if (size > 0)
+ CopyMem(base, data + Section->PointerToRawData, size);
+
+ if (size < Section->Misc.VirtualSize)
+ ZeroMem(base + size, Section->Misc.VirtualSize - size);
}
}
--
2.35.1

View File

@ -1,78 +0,0 @@
From 5a82d7973656c68f006aac1ed462e7bb37075d92 Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Tue, 3 May 2022 16:02:19 +0200
Subject: [PATCH 3/6] pe: Perform image verification earlier when loading grub
The second stage loader was being verified after loading it into
memory. As an additional hardening measure to avoid performing risky
memcpys using header fields from a potentially specially crafted image,
perform the verification before this so that it can be rejected earlier.
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
---
pe.c | 42 +++++++++++++++++++++++++-----------------
1 file changed, 25 insertions(+), 17 deletions(-)
diff --git a/pe.c b/pe.c
index 1eb3f59a4f7..1d120f2d78d 100644
--- a/pe.c
+++ b/pe.c
@@ -1106,7 +1106,31 @@ handle_image (void *data, unsigned int datasize,
}
/*
- * We only need to verify the binary if we're in secure mode
+ * Perform the image verification before we start copying data around
+ * in order to load it.
+ */
+ if (secure_mode ()) {
+ efi_status = verify_buffer(data, datasize, &context, sha256hash,
+ sha1hash);
+
+ if (EFI_ERROR(efi_status)) {
+ if (verbose)
+ console_print(L"Verification failed: %r\n", efi_status);
+ else
+ console_error(L"Verification failed", efi_status);
+ return efi_status;
+ } else {
+ if (verbose)
+ console_print(L"Verification succeeded\n");
+ }
+ }
+
+ /*
+ * Calculate the hash for the TPM measurement.
+ * XXX: We're computing these twice in secure boot mode when the
+ * buffers already contain the previously computed hashes. Also,
+ * this is only useful for the TPM1.2 case. We should try to fix
+ * this in a follow-up.
*/
efi_status = generate_hash(data, datasize, &context, sha256hash,
sha1hash);
@@ -1287,22 +1311,6 @@ handle_image (void *data, unsigned int datasize,
}
}
- if (secure_mode ()) {
- efi_status = verify_buffer(data, datasize, &context, sha256hash,
- sha1hash);
-
- if (EFI_ERROR(efi_status)) {
- if (verbose)
- console_print(L"Verification failed: %r\n", efi_status);
- else
- console_error(L"Verification failed", efi_status);
- return efi_status;
- } else {
- if (verbose)
- console_print(L"Verification succeeded\n");
- }
- }
-
if (context.NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC) {
perror(L"Image has no relocation entry\n");
FreePool(buffer);
--
2.35.1

View File

@ -1,21 +0,0 @@
From 80e34fc3d55106680a245f6338bec627114bed35 Mon Sep 17 00:00:00 2001
From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Date: Tue, 10 May 2022 13:14:24 -0700
Subject: [PATCH 4/6] Update advertised sbat generation number for shim
Signed-off-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
---
data/sbat.csv | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/data/sbat.csv b/data/sbat.csv
index ad838f2aff3..7a5169fb39f 100755
--- a/data/sbat.csv
+++ b/data/sbat.csv
@@ -1,2 +1,2 @@
sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
-shim,1,UEFI shim,shim,1,https://github.com/rhboot/shim
+shim,2,UEFI shim,shim,1,https://github.com/rhboot/shim
--
2.35.1

View File

@ -1,31 +0,0 @@
From 9a09faf390eea083c3bef1b07c7e043ebe0cc1f6 Mon Sep 17 00:00:00 2001
From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Date: Tue, 10 May 2022 14:09:26 -0700
Subject: [PATCH 5/6] Update SBAT generation requirements for 05/24/22
bump shim SBAT generation requirement to 2 for CVE-2022-28737
bump GRUB2 SBAT generation requirement to 2 for CVE-2021-3695
Signed-off-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
---
include/sbat.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/sbat.h b/include/sbat.h
index 904880decfb..aca4359870f 100644
--- a/include/sbat.h
+++ b/include/sbat.h
@@ -31,8 +31,8 @@
SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \
SBAT_VAR_PREVIOUS_REVOCATIONS
-#define SBAT_VAR_LATEST_DATE SBAT_VAR_ORIGINAL_DATE
-#define SBAT_VAR_LATEST_REVOCATIONS
+#define SBAT_VAR_LATEST_DATE "2022052400"
+#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,2\n"
#define SBAT_VAR_LATEST \
SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \
SBAT_VAR_LATEST_REVOCATIONS
--
2.35.1

View File

@ -1,84 +0,0 @@
From 159151b6649008793d6204a34d7b9c41221fb4b0 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Tue, 3 May 2022 17:05:20 -0400
Subject: [PATCH 6/6] Also avoid CVE-2022-28737 in verify_image()
PR 446 ("Add verify_image") duplicates some of the code affected by
Chris Coulson's defense in depth patch against CVE-2022-28737 ("pe:
Perform image verification earlier when loading grub").
This patch makes the same change to the new function.
Signed-off-by: Peter Jones <pjones@redhat.com>
---
pe.c | 46 +++++++++++++++++++++++++++-------------------
1 file changed, 27 insertions(+), 19 deletions(-)
diff --git a/pe.c b/pe.c
index 1d120f2d78d..ba3e2bbc444 100644
--- a/pe.c
+++ b/pe.c
@@ -1038,26 +1038,9 @@ EFI_STATUS verify_image(void *data, unsigned int datasize,
}
/*
- * We only need to verify the binary if we're in secure mode
+ * Perform the image verification before we start copying data around
+ * in order to load it.
*/
- efi_status = generate_hash(data, datasize, context, sha256hash,
- sha1hash);
- if (EFI_ERROR(efi_status))
- return efi_status;
-
- /* Measure the binary into the TPM */
-#ifdef REQUIRE_TPM
- efi_status =
-#endif
- tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize,
- (EFI_PHYSICAL_ADDRESS)(UINTN)context->ImageAddress,
- li->FilePath, sha1hash, 4);
-#ifdef REQUIRE_TPM
- if (efi_status != EFI_SUCCESS) {
- return efi_status;
- }
-#endif
-
if (secure_mode()) {
efi_status = verify_buffer(data, datasize,
context, sha256hash, sha1hash);
@@ -1071,6 +1054,31 @@ EFI_STATUS verify_image(void *data, unsigned int datasize,
console_print(L"Verification succeeded\n");
}
+ /*
+ * Calculate the hash for the TPM measurement.
+ * XXX: We're computing these twice in secure boot mode when the
+ * buffers already contain the previously computed hashes. Also,
+ * this is only useful for the TPM1.2 case. We should try to fix
+ * this in a follow-up.
+ */
+ efi_status = generate_hash(data, datasize, context, sha256hash,
+ sha1hash);
+ if (EFI_ERROR(efi_status))
+ return efi_status;
+
+ /* Measure the binary into the TPM */
+#ifdef REQUIRE_TPM
+ efi_status =
+#endif
+ tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize,
+ (EFI_PHYSICAL_ADDRESS)(UINTN)context->ImageAddress,
+ li->FilePath, sha1hash, 4);
+#ifdef REQUIRE_TPM
+ if (efi_status != EFI_SUCCESS) {
+ return efi_status;
+ }
+#endif
+
return EFI_SUCCESS;
}
--
2.35.1

View File

@ -19,7 +19,7 @@
%global dbxfile %{nil}
Name: shim-unsigned-%{efiarch}
Version: 15.6~rc1
Version: 15.6
Release: 1.el9
Summary: First-stage UEFI bootloader
ExclusiveArch: x86_64
@ -31,15 +31,11 @@ Source1: redhatsecurebootca5.cer
Source2: %{dbxfile}
%endif
Source3: sbat.redhat.csv
Source4: shim.patches
Source100: shim-find-debuginfo.sh
Patch0001: 0001-SBAT-Policy-latest-should-be-a-one-shot.patch
Patch0002: 0002-pe-Fix-a-buffer-overflow-when-SizeOfRawData-VirtualS.patch
Patch0003: 0003-pe-Perform-image-verification-earlier-when-loading-g.patch
Patch0004: 0004-Update-advertised-sbat-generation-number-for-shim.patch
Patch0005: 0005-Update-SBAT-generation-requirements-for-05-24-22.patch
Patch0006: 0006-Also-avoid-CVE-2022-28737-in-verify_image.patch
%include %{SOURCE4}
BuildRequires: gcc make
BuildRequires: elfutils-libelf-devel
@ -162,8 +158,8 @@ cd ..
%files debugsource -f build-%{efiarch}/debugsource.list
%changelog
* Tue May 24 2022 Peter Jones <pjones@redhat.com> - 15.6~rc1-1.el9
- Update to shim-15.6~rc1
* Wed Jun 01 2022 Peter Jones <pjones@redhat.com> - 15.6-1.el9
- Update to shim-15.6
Resolves: CVE-2022-28737
* Wed Mar 09 2022 Peter Jones <pjones@redhat.com> - 15.5-1

0
shim.patches Normal file
View File

View File

@ -1 +1 @@
SHA512 (shim-15.6~rc1.tar.bz2) = e654f04fcf171c69fd3cf0396c246cbdb43fee8a865ebe14a9ed75f7ddef79d14cb7c58a382f7407ec34508131d58c700f4ef8bab2203ee7ec06d9a326a4c950
SHA512 (shim-15.6.tar.bz2) = ddc5d5234851d05ed7124ad748ad3fee2df8a335493948a045653322c873f3f055d34894aeb2ac7495086984ca62183907d341e46e6bdf108856e39c646455fc