Update to shim-15.6

Resolves: CVE-2022-28737 Signed-off-by: Peter Jones <pjones@redhat.com>
2022-05-31 15:27:21 -04:00 · 2022-05-31 15:27:21 -04:00 · 3b90d8001a
commit 3b90d8001a
parent 3ab85dd213
9 changed files with 6 additions and 356 deletions
--- a/0001-SBAT-Policy-latest-should-be-a-one-shot.patch
+++ b/0001-SBAT-Policy-latest-should-be-a-one-shot.patch
@ -1,69 +0,0 @@
-From 77144e5a404df89b45941bfc54fd2f59e0ee607b Mon Sep 17 00:00:00 2001
-From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
-Date: Tue, 24 May 2022 11:49:44 -0700
-Subject: [PATCH 1/6] SBAT Policy latest should be a one-shot
-
-Since booting from removable media can be hard to detect,
-setting a persistent latest SBAT policy is risky in a typical
-client system. This changes latest to be a one-shot operation
-that could be set at the time of an OS update if desired.
-
-Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
---
- sbat.c | 21 +++++++++++++--------
- 1 file changed, 13 insertions(+), 8 deletions(-)
-
-diff --git a/sbat.c b/sbat.c
-index 637df5ecdd6..9b872082e35 100644
--- a/sbat.c
-+++ b/sbat.c
-@@ -369,6 +369,16 @@ preserve_sbat_uefi_variable(UINT8 *sbat, UINTN sbatsize, UINT32 attributes,
- 	return false;
- }
- 
-+static void
-+clear_sbat_policy()
-+{
-+	EFI_STATUS efi_status = EFI_SUCCESS;
-+
-+	efi_status = del_variable(SBAT_POLICY, SHIM_LOCK_GUID);
-+	if (EFI_ERROR(efi_status))
-+		console_error(L"Could not reset SBAT Policy", efi_status);
-+}
-+
- EFI_STATUS
- set_sbat_uefi_variable(void)
- {
-@@ -394,6 +404,7 @@ set_sbat_uefi_variable(void)
- 			case SBAT_POLICY_LATEST:
- 				dprint("Custom sbat policy: latest\n");
- 				sbat_var = SBAT_VAR_LATEST;
-+				clear_sbat_policy();
- 				break;
- 			case SBAT_POLICY_PREVIOUS:
- 				dprint("Custom sbat policy: previous\n");
-@@ -408,19 +419,13 @@ set_sbat_uefi_variable(void)
- 					reset_sbat = true;
- 					sbat_var = SBAT_VAR_ORIGINAL;
- 				}
-				efi_status = del_variable(SBAT_POLICY, SHIM_LOCK_GUID);
-				if (EFI_ERROR(efi_status))
-					console_error(L"Could not reset SBAT Policy",
-						      efi_status);
-+				clear_sbat_policy();
- 				break;
- 			default:
- 				console_error(L"SBAT policy state %llu is invalid",
- 					      EFI_INVALID_PARAMETER);
-				efi_status = del_variable(SBAT_POLICY, SHIM_LOCK_GUID);
-				if (EFI_ERROR(efi_status))
-					console_error(L"Could not reset SBAT Policy",
-						      efi_status);
- 				sbat_var = SBAT_VAR_PREVIOUS;
-+				clear_sbat_policy();
- 				break;
- 		}
- 	}
-- 
-2.35.1
-
--- a/0002-pe-Fix-a-buffer-overflow-when-SizeOfRawData-VirtualS.patch
+++ b/0002-pe-Fix-a-buffer-overflow-when-SizeOfRawData-VirtualS.patch
@ -1,63 +0,0 @@
-From e99bdbb827a50cde019393d3ca1e89397db221a7 Mon Sep 17 00:00:00 2001
-From: Chris Coulson <chris.coulson@canonical.com>
-Date: Tue, 3 May 2022 15:41:00 +0200
-Subject: [PATCH 2/6] pe: Fix a buffer overflow when SizeOfRawData >
- VirtualSize
-
-During image loading, the size of the destination buffer for the image
-is determined by the SizeOfImage field in the optional header. The start
-and end virtual addresses of each section, as determined by each section's
-VirtualAddress and VirtualSize fields, are bounds checked against the
-allocated buffer. However, the amount of data copied to the destination
-buffer is determined by the section's SizeOfRawData filed. If this is
-larger than the VirtualSize, then the copy can overflow the destination
-buffer.
-
-Fix this by limiting the amount of data to copy to the section's
-VirtualSize. In the case where a section has SizeOfRawData > VirtualSize,
-the excess data is discarded.
-
-This fixes CVE-2022-28737
-
-Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
---
- pe.c | 15 +++++++++------
- 1 file changed, 9 insertions(+), 6 deletions(-)
-
-diff --git a/pe.c b/pe.c
-index 5d0c6b0bad0..1eb3f59a4f7 100644
--- a/pe.c
-+++ b/pe.c
-@@ -1089,6 +1089,7 @@ handle_image (void *data, unsigned int datasize,
- 	int i;
- 	EFI_IMAGE_SECTION_HEADER *Section;
- 	char *base, *end;
-+	UINT32 size;
- 	PE_COFF_LOADER_IMAGE_CONTEXT context;
- 	unsigned int alignment, alloc_size;
- 	int found_entry_point = 0;
-@@ -1274,13 +1275,15 @@ handle_image (void *data, unsigned int datasize,
- 				return EFI_UNSUPPORTED;
- 			}
- 
-			if (Section->SizeOfRawData > 0)
-				CopyMem(base, data + Section->PointerToRawData,
-					Section->SizeOfRawData);
-+			size = Section->Misc.VirtualSize;
-+			if (size > Section->SizeOfRawData)
-+				size = Section->SizeOfRawData;
- 
-			if (Section->SizeOfRawData < Section->Misc.VirtualSize)
-				ZeroMem(base + Section->SizeOfRawData,
-					Section->Misc.VirtualSize - Section->SizeOfRawData);
-+			if (size > 0)
-+				CopyMem(base, data + Section->PointerToRawData, size);
-+
-+			if (size < Section->Misc.VirtualSize)
-+				ZeroMem(base + size, Section->Misc.VirtualSize - size);
- 		}
- 	}
- 
-- 
-2.35.1
-
--- a/0003-pe-Perform-image-verification-earlier-when-loading-g.patch
+++ b/0003-pe-Perform-image-verification-earlier-when-loading-g.patch
@ -1,78 +0,0 @@
-From 5a82d7973656c68f006aac1ed462e7bb37075d92 Mon Sep 17 00:00:00 2001
-From: Chris Coulson <chris.coulson@canonical.com>
-Date: Tue, 3 May 2022 16:02:19 +0200
-Subject: [PATCH 3/6] pe: Perform image verification earlier when loading grub
-
-The second stage loader was being verified after loading it into
-memory. As an additional hardening measure to avoid performing risky
-memcpys using header fields from a potentially specially crafted image,
-perform the verification before this so that it can be rejected earlier.
-
-Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
---
- pe.c | 42 +++++++++++++++++++++++++-----------------
- 1 file changed, 25 insertions(+), 17 deletions(-)
-
-diff --git a/pe.c b/pe.c
-index 1eb3f59a4f7..1d120f2d78d 100644
--- a/pe.c
-+++ b/pe.c
-@@ -1106,7 +1106,31 @@ handle_image (void *data, unsigned int datasize,
- 	}
- 
- 	/*
-	 * We only need to verify the binary if we're in secure mode
-+	 * Perform the image verification before we start copying data around
-+	 * in order to load it.
-+	 */
-+	if (secure_mode ()) {
-+		efi_status = verify_buffer(data, datasize, &context, sha256hash,
-+					   sha1hash);
-+
-+		if (EFI_ERROR(efi_status)) {
-+			if (verbose)
-+				console_print(L"Verification failed: %r\n", efi_status);
-+			else
-+				console_error(L"Verification failed", efi_status);
-+			return efi_status;
-+		} else {
-+			if (verbose)
-+				console_print(L"Verification succeeded\n");
-+		}
-+	}
-+
-+	/*
-+	 * Calculate the hash for the TPM measurement.
-+	 * XXX: We're computing these twice in secure boot mode when the
-+	 *  buffers already contain the previously computed hashes. Also,
-+	 *  this is only useful for the TPM1.2 case. We should try to fix
-+	 *  this in a follow-up.
- 	 */
- 	efi_status = generate_hash(data, datasize, &context, sha256hash,
- 				   sha1hash);
-@@ -1287,22 +1311,6 @@ handle_image (void *data, unsigned int datasize,
- 		}
- 	}
- 
-	if (secure_mode ()) {
-		efi_status = verify_buffer(data, datasize, &context, sha256hash,
-					   sha1hash);
-
-		if (EFI_ERROR(efi_status)) {
-			if (verbose)
-				console_print(L"Verification failed: %r\n", efi_status);
-			else
-				console_error(L"Verification failed", efi_status);
-			return efi_status;
-		} else {
-			if (verbose)
-				console_print(L"Verification succeeded\n");
-		}
-	}
-
- 	if (context.NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC) {
- 		perror(L"Image has no relocation entry\n");
- 		FreePool(buffer);
-- 
-2.35.1
-
--- a/0004-Update-advertised-sbat-generation-number-for-shim.patch
+++ b/0004-Update-advertised-sbat-generation-number-for-shim.patch
@ -1,21 +0,0 @@
-From 80e34fc3d55106680a245f6338bec627114bed35 Mon Sep 17 00:00:00 2001
-From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
-Date: Tue, 10 May 2022 13:14:24 -0700
-Subject: [PATCH 4/6] Update advertised sbat generation number for shim
-
-Signed-off-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
---
- data/sbat.csv | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/data/sbat.csv b/data/sbat.csv
-index ad838f2aff3..7a5169fb39f 100755
--- a/data/sbat.csv
-+++ b/data/sbat.csv
-@@ -1,2 +1,2 @@
- sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
-shim,1,UEFI shim,shim,1,https://github.com/rhboot/shim
-+shim,2,UEFI shim,shim,1,https://github.com/rhboot/shim
-- 
-2.35.1
-
--- a/0005-Update-SBAT-generation-requirements-for-05-24-22.patch
+++ b/0005-Update-SBAT-generation-requirements-for-05-24-22.patch
@ -1,31 +0,0 @@
-From 9a09faf390eea083c3bef1b07c7e043ebe0cc1f6 Mon Sep 17 00:00:00 2001
-From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
-Date: Tue, 10 May 2022 14:09:26 -0700
-Subject: [PATCH 5/6] Update SBAT generation requirements for 05/24/22
-
-bump shim SBAT generation requirement to 2 for CVE-2022-28737
-bump GRUB2 SBAT generation requirement to 2 for CVE-2021-3695
-
-Signed-off-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
---
- include/sbat.h | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/include/sbat.h b/include/sbat.h
-index 904880decfb..aca4359870f 100644
--- a/include/sbat.h
-+++ b/include/sbat.h
-@@ -31,8 +31,8 @@
- 	SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" \
- 	SBAT_VAR_PREVIOUS_REVOCATIONS
- 
-#define SBAT_VAR_LATEST_DATE SBAT_VAR_ORIGINAL_DATE
-#define SBAT_VAR_LATEST_REVOCATIONS
-+#define SBAT_VAR_LATEST_DATE "2022052400"
-+#define SBAT_VAR_LATEST_REVOCATIONS "shim,2\ngrub,2\n"
- #define SBAT_VAR_LATEST \
- 	SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_LATEST_DATE "\n" \
- 	SBAT_VAR_LATEST_REVOCATIONS
-- 
-2.35.1
-
--- a/0006-Also-avoid-CVE-2022-28737-in-verify_image.patch
+++ b/0006-Also-avoid-CVE-2022-28737-in-verify_image.patch
@ -1,84 +0,0 @@
-From 159151b6649008793d6204a34d7b9c41221fb4b0 Mon Sep 17 00:00:00 2001
-From: Peter Jones <pjones@redhat.com>
-Date: Tue, 3 May 2022 17:05:20 -0400
-Subject: [PATCH 6/6] Also avoid CVE-2022-28737 in verify_image()
-
-PR 446 ("Add verify_image") duplicates some of the code affected by
-Chris Coulson's defense in depth patch against CVE-2022-28737 ("pe:
-Perform image verification earlier when loading grub").
-
-This patch makes the same change to the new function.
-
-Signed-off-by: Peter Jones <pjones@redhat.com>
---
- pe.c | 46 +++++++++++++++++++++++++++-------------------
- 1 file changed, 27 insertions(+), 19 deletions(-)
-
-diff --git a/pe.c b/pe.c
-index 1d120f2d78d..ba3e2bbc444 100644
--- a/pe.c
-+++ b/pe.c
-@@ -1038,26 +1038,9 @@ EFI_STATUS verify_image(void *data, unsigned int datasize,
- 	}
- 
- 	/*
-	 * We only need to verify the binary if we're in secure mode
-+	 * Perform the image verification before we start copying data around
-+	 * in order to load it.
- 	 */
-	efi_status = generate_hash(data, datasize, context, sha256hash,
-				   sha1hash);
-	if (EFI_ERROR(efi_status))
-		return efi_status;
-
-	/* Measure the binary into the TPM */
-#ifdef REQUIRE_TPM
-	efi_status =
-#endif
-	tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize,
-		   (EFI_PHYSICAL_ADDRESS)(UINTN)context->ImageAddress,
-		   li->FilePath, sha1hash, 4);
-#ifdef REQUIRE_TPM
-	if (efi_status != EFI_SUCCESS) {
-		return efi_status;
-	}
-#endif
-
- 	if (secure_mode()) {
- 		efi_status = verify_buffer(data, datasize,
- 					   context, sha256hash, sha1hash);
-@@ -1071,6 +1054,31 @@ EFI_STATUS verify_image(void *data, unsigned int datasize,
- 			console_print(L"Verification succeeded\n");
- 	}
- 
-+	/*
-+	 * Calculate the hash for the TPM measurement.
-+	 * XXX: We're computing these twice in secure boot mode when the
-+	 *  buffers already contain the previously computed hashes. Also,
-+	 *  this is only useful for the TPM1.2 case. We should try to fix
-+	 *  this in a follow-up.
-+	 */
-+	efi_status = generate_hash(data, datasize, context, sha256hash,
-+				   sha1hash);
-+	if (EFI_ERROR(efi_status))
-+		return efi_status;
-+
-+	/* Measure the binary into the TPM */
-+#ifdef REQUIRE_TPM
-+	efi_status =
-+#endif
-+	tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize,
-+		   (EFI_PHYSICAL_ADDRESS)(UINTN)context->ImageAddress,
-+		   li->FilePath, sha1hash, 4);
-+#ifdef REQUIRE_TPM
-+	if (efi_status != EFI_SUCCESS) {
-+		return efi_status;
-+	}
-+#endif
-+
- 	return EFI_SUCCESS;
- }
- 
-- 
-2.35.1
-
--- a/shim-unsigned-x64.spec
+++ b/shim-unsigned-x64.spec
@ -19,7 +19,7 @@
 %global dbxfile %{nil}

 Name:		shim-unsigned-%{efiarch}
-Version:	15.6~rc1
+Version:	15.6
 Release:	1.el9
 Summary:	First-stage UEFI bootloader
 ExclusiveArch:	x86_64
@ -31,15 +31,11 @@ Source1:	redhatsecurebootca5.cer
 Source2:	%{dbxfile}
 %endif
 Source3:	sbat.redhat.csv
+Source4:	shim.patches

 Source100:	shim-find-debuginfo.sh

-Patch0001:	0001-SBAT-Policy-latest-should-be-a-one-shot.patch
-Patch0002:	0002-pe-Fix-a-buffer-overflow-when-SizeOfRawData-VirtualS.patch
-Patch0003:	0003-pe-Perform-image-verification-earlier-when-loading-g.patch
-Patch0004:	0004-Update-advertised-sbat-generation-number-for-shim.patch
-Patch0005:	0005-Update-SBAT-generation-requirements-for-05-24-22.patch
-Patch0006:	0006-Also-avoid-CVE-2022-28737-in-verify_image.patch
+%include %{SOURCE4}

 BuildRequires:	gcc make
 BuildRequires:	elfutils-libelf-devel
@ -162,8 +158,8 @@ cd ..
 %files debugsource -f build-%{efiarch}/debugsource.list

 %changelog
-* Tue May 24 2022 Peter Jones <pjones@redhat.com> - 15.6~rc1-1.el9
- Update to shim-15.6~rc1
+* Wed Jun 01 2022 Peter Jones <pjones@redhat.com> - 15.6-1.el9
+- Update to shim-15.6
  Resolves: CVE-2022-28737

 * Wed Mar 09 2022 Peter Jones <pjones@redhat.com> - 15.5-1
--- a/shim.patches
+++ b/shim.patches
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (shim-15.6~rc1.tar.bz2) = e654f04fcf171c69fd3cf0396c246cbdb43fee8a865ebe14a9ed75f7ddef79d14cb7c58a382f7407ec34508131d58c700f4ef8bab2203ee7ec06d9a326a4c950
+SHA512 (shim-15.6.tar.bz2) = ddc5d5234851d05ed7124ad748ad3fee2df8a335493948a045653322c873f3f055d34894aeb2ac7495086984ca62183907d341e46e6bdf108856e39c646455fc