efi_shim.c

Go to the documentation of this file.

/*
 * Copyright (C) 2022 Michael Brown <mbrown@fensystems.co.uk>.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 * 02110-1301, USA.
 *
 * You can also choose to distribute this program under the terms of
 * the Unmodified Binary Distribution Licence (as given in the file
 * COPYING.UBDL), provided that you have satisfied its requirements.
 */

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include <ipxe/image.h>
#include <ipxe/efi/efi.h>
#include <ipxe/efi/efi_strings.h>
#include <ipxe/efi/efi_shim.h>
#include <ipxe/efi/Protocol/PxeBaseCode.h>
#include <ipxe/efi/Protocol/ShimLock.h>

/** @file
 *
 * UEFI shim special handling
 *
 */

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );

/**
 * Require use of a third party loader binary
 *
 * The UEFI shim is gradually becoming less capable of directly
 * executing a Linux kernel image, due to an ever increasing list of
 * assumptions that it will only ever be used in conjunction with a
 * second stage loader binary such as GRUB.
 *
 * For example: shim will erroneously complain if the image that it
 * loads and executes does not in turn call in to the "shim lock
 * protocol" to verify a separate newly loaded binary before calling
 * ExitBootServices(), even if no such separate binary is used or
 * required.
 *
 * Experience shows that there is unfortunately no point in trying to
 * get a fix for this upstreamed into shim.  We therefore default to
 * reducing the Secure Boot attack surface by removing, where
 * possible, this spurious requirement for the use of an additional
 * second stage loader.
 *
 * This option may be used to require the use of an additional second
 * stage loader binary, in case this behaviour is ever desirable.
 */
int efi_shim_require_loader = 0;

/**
 * Allow use of PXE base code protocol
 *
 * We provide shim with access to all of the relevant downloaded files
 * via our EFI_SIMPLE_FILE_SYSTEM_PROTOCOL interface.  However, shim
 * will instead try to redownload the files via TFTP since it prefers
 * to use the EFI_PXE_BASE_CODE_PROTOCOL installed on the same handle.
 *
 * Experience shows that there is unfortunately no point in trying to
 * get a fix for this upstreamed into shim.  We therefore default to
 * working around this undesirable behaviour by stopping the PXE base
 * code protocol before invoking shim.
 *
 * This option may be used to allow shim to use the PXE base code
 * protocol, in case this behaviour is ever desirable.
 */
int efi_shim_allow_pxe = 0;

/**
 * Allow SBAT variable access
 *
 * The UEFI shim implements a fairly nicely designed revocation
 * mechanism designed around the concept of security generations.
 * Unfortunately nobody in the shim community has thus far added the
 * relevant metadata to the Linux kernel, with the result that current
 * versions of shim are incapable of booting current versions of the
 * Linux kernel.
 *
 * Experience shows that there is unfortunately no point in trying to
 * get a fix for this upstreamed into shim.  We therefore default to
 * working around this undesirable behaviour by patching data read
 * from the "SbatLevel" variable used to hold SBAT configuration.
 *
 * This option may be used to allow shim unpatched access to the
 * "SbatLevel" variable, in case this behaviour is ever desirable.
 */
int efi_shim_allow_sbat = 0;

/** UEFI shim image */
struct image_tag efi_shim __image_tag = {
        .name = "SHIM",
};

/** Original GetMemoryMap() function */
static EFI_GET_MEMORY_MAP efi_shim_orig_get_memory_map;

/** Original ExitBootServices() function */
static EFI_EXIT_BOOT_SERVICES efi_shim_orig_exit_boot_services;

/** Original SetVariable() function */
static EFI_SET_VARIABLE efi_shim_orig_set_variable;

/** Original GetVariable() function */
static EFI_GET_VARIABLE efi_shim_orig_get_variable;

/** Verify read from SbatLevel variable */
static int efi_shim_sbatlevel_verify;

/**
 * Check if variable is SbatLevel
 *
 * @v name              Variable name
 * @v guid              Variable namespace GUID
 * @ret is_sbatlevel    Variable is SbatLevel
 */
static int efi_shim_is_sbatlevel ( const CHAR16 *name, const EFI_GUID *guid ) {
        static CHAR16 sbatlevel[] = L"SbatLevel";
        EFI_GUID *shimlock = &efi_shim_lock_protocol_guid;

        return ( ( memcmp ( name, sbatlevel, sizeof ( sbatlevel ) ) == 0 ) &&
                 ( memcmp ( guid, shimlock, sizeof ( *shimlock ) ) == 0 ) );
}

/**
 * Unlock UEFI shim
 *
 */
static void efi_shim_unlock ( void ) {
        EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
        uint8_t empty[0];
        union {
                EFI_SHIM_LOCK_PROTOCOL *lock;
                void *interface;
        } u;
        EFI_STATUS efirc;

        /* Locate shim lock protocol */
        if ( ( efirc = bs->LocateProtocol ( &efi_shim_lock_protocol_guid,
                                            NULL, &u.interface ) ) == 0 ) {
                u.lock->Verify ( empty, sizeof ( empty ) );
                DBGC ( &efi_shim, "SHIM unlocked via %p\n", u.lock );
        }
}

/**
 * Wrap GetMemoryMap()
 *
 * @v len               Memory map size
 * @v map               Memory map
 * @v key               Memory map key
 * @v desclen           Descriptor size
 * @v descver           Descriptor version
 * @ret efirc           EFI status code
 */
static EFIAPI EFI_STATUS efi_shim_get_memory_map ( UINTN *len,
                                                   EFI_MEMORY_DESCRIPTOR *map,
                                                   UINTN *key, UINTN *desclen,
                                                   UINT32 *descver ) {

        /* Unlock shim */
        if ( ! efi_shim_require_loader )
                efi_shim_unlock();

        /* Hand off to original GetMemoryMap() */
        return efi_shim_orig_get_memory_map ( len, map, key, desclen,
                                              descver );
}

/**
 * Wrap ExitBootServices()
 *
 * @v handle            Image handle
 * @v key               Memory map key
 * @ret efirc           EFI status code
 */
static EFIAPI EFI_STATUS efi_shim_exit_boot_services ( EFI_HANDLE handle,
                                                       UINTN key ) {
        EFI_RUNTIME_SERVICES *rs = efi_systab->RuntimeServices;

        /* Restore original runtime services functions */
        rs->SetVariable = efi_shim_orig_set_variable;
        rs->GetVariable = efi_shim_orig_get_variable;

        /* Hand off to original ExitBootServices() */
        return efi_shim_orig_exit_boot_services ( handle, key );
}

/**
 * Wrap SetVariable()
 *
 * @v name              Variable name
 * @v guid              Variable namespace GUID
 * @v attrs             Attributes
 * @v len               Buffer size
 * @v data              Data buffer
 * @ret efirc           EFI status code
 */
static EFI_STATUS EFIAPI
efi_shim_set_variable ( CHAR16 *name, EFI_GUID *guid, UINT32 attrs,
                        UINTN len, VOID *data ) {
        EFI_STATUS efirc;

        /* Call original SetVariable() */
        efirc = efi_shim_orig_set_variable ( name, guid, attrs, len, data );

        /* Allow verification of SbatLevel variable content */
        if ( efi_shim_is_sbatlevel ( name, guid ) && ( efirc == 0 ) ) {
                DBGC ( &efi_shim, "SHIM detected write to %ls:\n", name );
                DBGC_HDA ( &efi_shim, 0, data, len );
                efi_shim_sbatlevel_verify = 1;
        }

        return efirc;
}

/**
 * Wrap GetVariable()
 *
 * @v name              Variable name
 * @v guid              Variable namespace GUID
 * @v attrs             Attributes to fill in
 * @v len               Buffer size
 * @v data              Data buffer
 * @ret efirc           EFI status code
 */
static EFI_STATUS EFIAPI
efi_shim_get_variable ( CHAR16 *name, EFI_GUID *guid, UINT32 *attrs,
                        UINTN *len, VOID *data ) {
        char *value = data;
        EFI_STATUS efirc;

        /* Call original GetVariable() */
        efirc = efi_shim_orig_get_variable ( name, guid, attrs, len, data );

        /* Patch SbatLevel variable if applicable */
        if ( efi_shim_is_sbatlevel ( name, guid ) && data && ( efirc == 0 ) ) {
                if ( efi_shim_allow_sbat ) {
                        DBGC ( &efi_shim, "SHIM allowing read from %ls:\n",
                               name );
                } else if ( efi_shim_sbatlevel_verify ) {
                        DBGC ( &efi_shim, "SHIM allowing one read from %ls:\n",
                               name );
                        efi_shim_sbatlevel_verify = 0;
                } else {
                        DBGC ( &efi_shim, "SHIM patching read from %ls:\n",
                               name );
                        value[0] = '\0';
                }
                DBGC_HDA ( &efi_shim, 0, data, *len );
        }

        return efirc;
}

/**
 * Inhibit use of PXE base code
 *
 * @v handle            EFI handle
 * @ret rc              Return status code
 */
static int efi_shim_inhibit_pxe ( EFI_HANDLE handle ) {
        EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
        union {
                EFI_PXE_BASE_CODE_PROTOCOL *pxe;
                void *interface;
        } u;
        EFI_STATUS efirc;
        int rc;

        /* Locate PXE base code */
        if ( ( efirc = bs->OpenProtocol ( handle,
                                          &efi_pxe_base_code_protocol_guid,
                                          &u.interface, efi_image_handle, NULL,
                                          EFI_OPEN_PROTOCOL_GET_PROTOCOL ))!=0){
                rc = -EEFI ( efirc );
                DBGC ( &efi_shim, "SHIM could not open PXE base code: %s\n",
                       strerror ( rc ) );
                goto err_no_base;
        }

        /* Stop PXE base code */
        if ( ( efirc = u.pxe->Stop ( u.pxe ) ) != 0 ) {
                rc = -EEFI ( efirc );
                DBGC ( &efi_shim, "SHIM could not stop PXE base code: %s\n",
                       strerror ( rc ) );
                goto err_stop;
        }

        /* Success */
        rc = 0;
        DBGC ( &efi_shim, "SHIM stopped PXE base code\n" );

 err_stop:
        bs->CloseProtocol ( handle, &efi_pxe_base_code_protocol_guid,
                            efi_image_handle, NULL );
 err_no_base:
        return rc;
}

/**
 * Update command line
 *
 * @v shim              Shim image
 * @v cmdline           Command line to update
 * @ret rc              Return status code
 */
static int efi_shim_cmdline ( struct image *shim, wchar_t **cmdline ) {
        wchar_t *shimcmdline;
        int len;
        int rc;

        /* Construct new command line */
        len = ( shim->cmdline ?
                efi_asprintf ( &shimcmdline, "%s %s", shim->name,
                               shim->cmdline ) :
                efi_asprintf ( &shimcmdline, "%s %ls", shim->name,
                               *cmdline ) );
        if ( len < 0 ) {
                rc = len;
                DBGC ( &efi_shim, "SHIM could not construct command line: "
                       "%s\n", strerror ( rc ) );
                return rc;
        }

        /* Replace command line */
        free ( *cmdline );
        *cmdline = shimcmdline;

        return 0;
}

/**
 * Install UEFI shim special handling
 *
 * @v shim              Shim image
 * @v handle            EFI device handle
 * @v cmdline           Command line to update
 * @ret rc              Return status code
 */
int efi_shim_install ( struct image *shim, EFI_HANDLE handle,
                       wchar_t **cmdline ) {
        EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
        EFI_RUNTIME_SERVICES *rs = efi_systab->RuntimeServices;
        int rc;

        /* Stop PXE base code */
        if ( ( ! efi_shim_allow_pxe ) &&
             ( ( rc = efi_shim_inhibit_pxe ( handle ) ) != 0 ) ) {
                return rc;
        }

        /* Update command line */
        if ( ( rc = efi_shim_cmdline ( shim, cmdline ) ) != 0 )
                return rc;

        /* Record original boot and runtime services functions */
        efi_shim_orig_get_memory_map = bs->GetMemoryMap;
        efi_shim_orig_exit_boot_services = bs->ExitBootServices;
        efi_shim_orig_set_variable = rs->SetVariable;
        efi_shim_orig_get_variable = rs->GetVariable;

        /* Wrap relevant boot and runtime services functions */
        bs->GetMemoryMap = efi_shim_get_memory_map;
        bs->ExitBootServices = efi_shim_exit_boot_services;
        rs->SetVariable = efi_shim_set_variable;
        rs->GetVariable = efi_shim_get_variable;

        return 0;
}

/**
 * Uninstall UEFI shim special handling
 *
 */
void efi_shim_uninstall ( void ) {
        EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
        EFI_RUNTIME_SERVICES *rs = efi_systab->RuntimeServices;

        /* Restore original boot and runtime services functions */
        bs->GetMemoryMap = efi_shim_orig_get_memory_map;
        bs->ExitBootServices = efi_shim_orig_exit_boot_services;
        rs->SetVariable = efi_shim_orig_set_variable;
        rs->GetVariable = efi_shim_orig_get_variable;
}