import shim-unsigned-x64-15-2.el8

SOURCES/0001-Make-sure-that-MOK-variables-always-get-mirrored.patch

@@ -0,0 +1,60 @@
+From 9ab0d796bdc9cefdaa3b0df7434845d26c43d894 Mon Sep 17 00:00:00 2001
+From: Patrick Uiterwijk <patrick@puiterwijk.org>
+Date: Mon, 5 Nov 2018 14:51:16 +0100
+Subject: [PATCH 1/3] Make sure that MOK variables always get mirrored
+
+Without this, if a Mok variable doesn't exist in Boot Services, it will also
+not be copied to Runtime, even if we have data to be added to it (vendor cert).
+This patch makes sure that if we have extra data to append, we still mirror
+the variable.
+
+Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
+---
+ mok.c | 20 ++++++++++++++++----
+ 1 file changed, 16 insertions(+), 4 deletions(-)
+
+diff --git a/mok.c b/mok.c
+index 38675211e0e..00dd1ad3034 100644
+--- a/mok.c
++++ b/mok.c
+@@ -223,11 +223,26 @@ EFI_STATUS import_mok_state(EFI_HANDLE image_handle)
+ 		UINT32 attrs = 0;
+ 		BOOLEAN delete = FALSE, present, addend;
+ 
++		addend = (v->addend_source && v->addend_size &&
++			  *v->addend_source && *v->addend_size)
++			? TRUE : FALSE;
++
+ 		efi_status = get_variable_attr(v->name,
+ 					       &v->data, &v->data_size,
+ 					       *v->guid, &attrs);
+-		if (efi_status == EFI_NOT_FOUND)
++		if (efi_status == EFI_NOT_FOUND) {
++			if (v->rtname && addend) {
++				efi_status = mirror_one_mok_variable(v);
++				if (EFI_ERROR(efi_status) &&
++				    ret != EFI_SECURITY_VIOLATION)
++					ret = efi_status;
++			}
++			/*
++			 * after possibly adding, we can continue, no
++			 * further checks to be done.
++			 */
+ 			continue;
++		}
+ 		if (EFI_ERROR(efi_status)) {
+ 			perror(L"Could not verify %s: %r\n", v->name,
+ 			       efi_status);
+@@ -272,9 +287,6 @@ EFI_STATUS import_mok_state(EFI_HANDLE image_handle)
+ 		}
+ 
+ 		present = (v->data && v->data_size) ? TRUE : FALSE;
+-		addend = (v->addend_source && v->addend_size &&
+-			  *v->addend_source && *v->addend_size)
+-			? TRUE : FALSE;
+ 
+ 		if (v->flags & MOK_VARIABLE_MEASURE && present) {
+ 			/*
+-- 
+2.20.1
+

SOURCES/0002-mok-fix-the-mirroring-of-RT-variables.patch

@@ -0,0 +1,49 @@
+From 4b27ae034ba9885960e72f77b3f687a9b7fea824 Mon Sep 17 00:00:00 2001
+From: Gary Lin <glin@suse.com>
+Date: Wed, 21 Nov 2018 12:47:43 +0800
+Subject: [PATCH 2/3] mok: fix the mirroring of RT variables
+
+When there is no key in MokList, import_mok_state() just skipped MokList
+even though it should always mirror the vendor cert. Besides, the faulty
+check of 'present' and 'addend' invalidates the mirroring of MokListXRT,
+MokSBStateRT, and MokIgnoreDB.
+
+https://github.com/rhboot/shim/issues/154
+
+Signed-off-by: Gary Lin <glin@suse.com>
+---
+ mok.c | 11 ++++-------
+ 1 file changed, 4 insertions(+), 7 deletions(-)
+
+diff --git a/mok.c b/mok.c
+index 00dd1ad3034..41925abbb49 100644
+--- a/mok.c
++++ b/mok.c
+@@ -231,12 +231,8 @@ EFI_STATUS import_mok_state(EFI_HANDLE image_handle)
+ 					       &v->data, &v->data_size,
+ 					       *v->guid, &attrs);
+ 		if (efi_status == EFI_NOT_FOUND) {
+-			if (v->rtname && addend) {
+-				efi_status = mirror_one_mok_variable(v);
+-				if (EFI_ERROR(efi_status) &&
+-				    ret != EFI_SECURITY_VIOLATION)
+-					ret = efi_status;
+-			}
++			if (addend)
++				goto mirror_addend;
+ 			/*
+ 			 * after possibly adding, we can continue, no
+ 			 * further checks to be done.
+@@ -316,7 +312,8 @@ EFI_STATUS import_mok_state(EFI_HANDLE image_handle)
+ 			}
+ 		}
+ 
+-		if (v->rtname && present && addend) {
++mirror_addend:
++		if (v->rtname && (present || addend)) {
+ 			if (v->flags & MOK_MIRROR_DELETE_FIRST)
+ 				LibDeleteVariable(v->rtname, v->guid);
+ 
+-- 
+2.20.1
+

SOURCES/0003-mok-consolidate-mirroring-code-in-a-helper-instead-o.patch

@@ -0,0 +1,109 @@
+From 29c11483101b460869a5e0dba1f425073862127d Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Thu, 31 Jan 2019 13:45:30 -0500
+Subject: [PATCH 3/3] mok: consolidate mirroring code in a helper instead of
+ using goto
+
+There's no reason to complicate the logic with a goto here, instead just
+pull the logic we're jumping to out to a helper function.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ mok.c  | 41 ++++++++++++++++++++++++++++-------------
+ shim.h |  2 ++
+ 2 files changed, 30 insertions(+), 13 deletions(-)
+
+diff --git a/mok.c b/mok.c
+index 41925abbb49..2f495e6cf25 100644
+--- a/mok.c
++++ b/mok.c
+@@ -130,7 +130,8 @@ struct mok_state_variable mok_state_variables[] = {
+ 	{ NULL, }
+ };
+ 
+-static EFI_STATUS mirror_one_mok_variable(struct mok_state_variable *v)
++static EFI_STATUS nonnull(1)
++mirror_one_mok_variable(struct mok_state_variable *v)
+ {
+ 	EFI_STATUS efi_status = EFI_SUCCESS;
+ 	void *FullData = NULL;
+@@ -196,6 +197,29 @@ static EFI_STATUS mirror_one_mok_variable(struct mok_state_variable *v)
+ 	return efi_status;
+ }
+ 
++/*
++ * Mirror a variable if it has an rtname, and preserve any
++ * EFI_SECURITY_VIOLATION status at the same time.
++ */
++static EFI_STATUS nonnull(1)
++maybe_mirror_one_mok_variable(struct mok_state_variable *v, EFI_STATUS ret)
++{
++	EFI_STATUS efi_status;
++	if (v->rtname) {
++		if (v->flags & MOK_MIRROR_DELETE_FIRST)
++			LibDeleteVariable(v->rtname, v->guid);
++
++		efi_status = mirror_one_mok_variable(v);
++		if (EFI_ERROR(efi_status)) {
++			if (ret != EFI_SECURITY_VIOLATION)
++				ret = efi_status;
++			perror(L"Could not create %s: %r\n", v->rtname,
++			       efi_status);
++		}
++	}
++	return ret;
++}
++
+ /*
+  * Verify our non-volatile MoK state.  This checks the variables above
+  * accessable and have valid attributes.  If they don't, it removes
+@@ -232,7 +256,7 @@ EFI_STATUS import_mok_state(EFI_HANDLE image_handle)
+ 					       *v->guid, &attrs);
+ 		if (efi_status == EFI_NOT_FOUND) {
+ 			if (addend)
+-				goto mirror_addend;
++				ret = maybe_mirror_one_mok_variable(v, ret);
+ 			/*
+ 			 * after possibly adding, we can continue, no
+ 			 * further checks to be done.
+@@ -312,16 +336,8 @@ EFI_STATUS import_mok_state(EFI_HANDLE image_handle)
+ 			}
+ 		}
+ 
+-mirror_addend:
+-		if (v->rtname && (present || addend)) {
+-			if (v->flags & MOK_MIRROR_DELETE_FIRST)
+-				LibDeleteVariable(v->rtname, v->guid);
+-
+-			efi_status = mirror_one_mok_variable(v);
+-			if (EFI_ERROR(efi_status) &&
+-			    ret != EFI_SECURITY_VIOLATION)
+-				ret = efi_status;
+-		}
++		if (present)
++			ret = maybe_mirror_one_mok_variable(v, ret);
+ 	}
+ 
+ 	/*
+@@ -340,4 +356,4 @@ mirror_addend:
+ 	return ret;
+ }
+ 
+-// vim:fenc=utf-8:tw=75
++// vim:fenc=utf-8:tw=75:noet
+diff --git a/shim.h b/shim.h
+index 2b359d821e3..c26d5f06538 100644
+--- a/shim.h
++++ b/shim.h
+@@ -30,6 +30,8 @@
+ 
+ #include <stddef.h>
+ 
++#define nonnull(...) __attribute__((__nonnull__(__VA_ARGS__)))
++
+ #define min(a, b) ({(a) < (b) ? (a) : (b);})
+ 
+ #ifdef __x86_64__
+-- 
+2.20.1
+

SOURCES/0004-Make-VLogError-behave-as-expected.patch

@@ -0,0 +1,50 @@
+From 0bff94b170116737e6e0838c35c0ac376542a5c0 Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Tue, 12 Feb 2019 18:04:49 -0500
+Subject: [PATCH 4/4] Make VLogError() behave as expected.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ errlog.c | 15 +++------------
+ 1 file changed, 3 insertions(+), 12 deletions(-)
+
+diff --git a/errlog.c b/errlog.c
+index 18be4822d53..eebb266d396 100644
+--- a/errlog.c
++++ b/errlog.c
+@@ -14,29 +14,20 @@ EFI_STATUS
+ VLogError(const char *file, int line, const char *func, CHAR16 *fmt, va_list args)
+ {
+ 	va_list args2;
+-	UINTN size = 0, size2;
+ 	CHAR16 **newerrs;
+ 
+-	size = SPrint(NULL, 0, L"%a:%d %a() ", file, line, func);
+-	va_copy(args2, args);
+-	size2 = VSPrint(NULL, 0, fmt, args2);
+-	va_end(args2);
+-
+ 	newerrs = ReallocatePool(errs, (nerrs + 1) * sizeof(*errs),
+ 				       (nerrs + 3) * sizeof(*errs));
+ 	if (!newerrs)
+ 		return EFI_OUT_OF_RESOURCES;
+ 
+-	newerrs[nerrs] = AllocatePool(size*2+2);
++	newerrs[nerrs] = PoolPrint(L"%a:%d %a() ", file, line, func);
+ 	if (!newerrs[nerrs])
+ 		return EFI_OUT_OF_RESOURCES;
+-	newerrs[nerrs+1] = AllocatePool(size2*2+2);
++	va_copy(args2, args);
++	newerrs[nerrs+1] = VPoolPrint(fmt, args2);
+ 	if (!newerrs[nerrs+1])
+ 		return EFI_OUT_OF_RESOURCES;
+-
+-	SPrint(newerrs[nerrs], size*2+2, L"%a:%d %a() ", file, line, func);
+-	va_copy(args2, args);
+-	VSPrint(newerrs[nerrs+1], size2*2+2, fmt, args2);
+ 	va_end(args2);
+ 
+ 	nerrs += 2;
+-- 
+2.20.1
+

SPECS/shim-unsigned-x64.spec

@@ -18,7 +18,7 @@
 
 Name:		shim-unsigned-%{efiarch}
 Version:	15
-Release:	1%{?dist}
+Release:	2%{?dist}
 Summary:	First-stage UEFI bootloader
 ExclusiveArch:	x86_64
 License:	BSD
@@ -31,6 +31,11 @@ Source2:	dbx.esl
 
 Source100:	shim-find-debuginfo.sh
 
+Patch0001:	0001-Make-sure-that-MOK-variables-always-get-mirrored.patch
+Patch0002:	0002-mok-fix-the-mirroring-of-RT-variables.patch
+Patch0003:	0003-mok-consolidate-mirroring-code-in-a-helper-instead-o.patch
+Patch0004:	0004-Make-VLogError-behave-as-expected.patch
+
 BuildRequires:	elfutils-libelf-devel
 BuildRequires:	git openssl-devel openssl
 BuildRequires:	pesign >= %{pesign_vre}
@@ -167,6 +172,10 @@ cd ..
 %files debugsource -f build-%{efiarch}/debugsource.list
 
 %changelog
+* Tue Feb 12 2019 Peter Jones <pjones@redhat.com> - 15-2
+- Fix MoK mirroring issue which breaks kdump without intervention
+  Related: rhbz#1668966
+
 * Fri Jul 20 2018 Peter Jones <pjones@redhat.com> - 15-1
 - Update to shim 15