[systemd.git] / src / boot / efi / shim.c

/* SPDX-License-Identifier: LGPL-2.1+ */
/*
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation; either version 2.1 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * Port to systemd-boot
 * Copyright 2017 Max Resch <resch.max@gmail.com>
 *
 * Security Policy Handling
 * Copyright 2012 <James.Bottomley@HansenPartnership.com>
 * https://github.com/mjg59/efitools
 */

#include <efi.h>
#include <efilib.h>

#include "util.h"
#include "shim.h"

/* well known shim lock guid */
#define SHIM_LOCK_GUID

struct ShimLock {
        EFI_STATUS __attribute__((sysv_abi)) (*shim_verify) (VOID *buffer, UINT32 size);

        /* context is actually a struct for the PE header, but it isn't needed so void is sufficient just do define the interface
         * see shim.c/shim.h and PeHeader.h in the github shim repo */
        EFI_STATUS __attribute__((sysv_abi)) (*generate_hash) (VOID *data, UINT32 datasize, VOID *context, UINT8 *sha256hash, UINT8 *sha1hash);

        EFI_STATUS __attribute__((sysv_abi)) (*read_header) (VOID *data, UINT32 datasize, VOID *context);
};

static const EFI_GUID simple_fs_guid = SIMPLE_FILE_SYSTEM_PROTOCOL;
static const EFI_GUID global_guid = EFI_GLOBAL_VARIABLE;

static const EFI_GUID security_protocol_guid = { 0xa46423e3, 0x4617, 0x49f1, {0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } };
static const EFI_GUID security2_protocol_guid = { 0x94ab2f58, 0x1438, 0x4ef1, {0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } };
static const EFI_GUID shim_lock_guid = { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} };

BOOLEAN shim_loaded(void) {
        struct ShimLock *shim_lock;

        return uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID*) &shim_lock_guid, NULL, (VOID**) &shim_lock) == EFI_SUCCESS;
}

static BOOLEAN shim_validate(VOID *data, UINT32 size) {
        struct ShimLock *shim_lock;

        if (!data)
                return FALSE;

        if (uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID*) &shim_lock_guid, NULL, (VOID**) &shim_lock) != EFI_SUCCESS)
                return FALSE;

        if (!shim_lock)
                return FALSE;

        return shim_lock->shim_verify(data, size) == EFI_SUCCESS;
}

BOOLEAN secure_boot_enabled(void) {
        CHAR8 *b;
        UINTN size;
        BOOLEAN result;

        if (efivar_get_raw(&global_guid, L"SecureBoot", &b, &size) == EFI_SUCCESS) {
                result = *b > 0;
                FreePool(b);
                return result;
        }

        return FALSE;
}

/*
 * See the UEFI Platform Initialization manual (Vol2: DXE) for this
 */
struct _EFI_SECURITY2_PROTOCOL;
struct _EFI_SECURITY_PROTOCOL;
struct _EFI_DEVICE_PATH_PROTOCOL;

typedef struct _EFI_SECURITY2_PROTOCOL EFI_SECURITY2_PROTOCOL;
typedef struct _EFI_SECURITY_PROTOCOL EFI_SECURITY_PROTOCOL;
typedef struct _EFI_DEVICE_PATH_PROTOCOL EFI_DEVICE_PATH_PROTOCOL;

typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE) (
        const EFI_SECURITY_PROTOCOL *This,
        UINT32 AuthenticationStatus,
        const EFI_DEVICE_PATH_PROTOCOL *File
);

typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) (
        const EFI_SECURITY2_PROTOCOL *This,
        const EFI_DEVICE_PATH_PROTOCOL *DevicePath,
        VOID *FileBuffer,
        UINTN FileSize,
        BOOLEAN  BootPolicy
);

struct _EFI_SECURITY2_PROTOCOL {
        EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;
};

struct _EFI_SECURITY_PROTOCOL {
        EFI_SECURITY_FILE_AUTHENTICATION_STATE  FileAuthenticationState;
};

/* Handle to the original authenticator for security1 protocol */
static EFI_SECURITY_FILE_AUTHENTICATION_STATE esfas = NULL;

/* Handle to the original authenticator for security2 protocol */
static EFI_SECURITY2_FILE_AUTHENTICATION es2fa = NULL;

/*
 * Perform shim/MOK and Secure Boot authentication on a binary that's already been
 * loaded into memory. This function does the platform SB authentication first
 * but preserves its return value in case of its failure, so that it can be
 * returned in case of a shim/MOK authentication failure. This is done because
 * the SB failure code seems to vary from one implementation to another, and I
 * don't want to interfere with that at this time.
 */
static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PROTOCOL *this,
                                                          const EFI_DEVICE_PATH_PROTOCOL *device_path,
                                                          VOID *file_buffer, UINTN file_size, BOOLEAN boot_policy) {
        EFI_STATUS status;

        /* Chain original security policy */
        status = uefi_call_wrapper(es2fa, 5, this, device_path, file_buffer, file_size, boot_policy);

        /* if OK, don't bother with MOK check */
        if (status == EFI_SUCCESS)
                return status;

        if (shim_validate(file_buffer, file_size))
                return EFI_SUCCESS;

        return status;
}

/*
 * Perform both shim/MOK and platform Secure Boot authentication. This function loads
 * the file and performs shim/MOK authentication first simply to avoid double loads
 * of Linux kernels, which are much more likely to be shim/MOK-signed than platform-signed,
 * since kernels are big and can take several seconds to load on some computers and
 * filesystems. This also has the effect of returning whatever the platform code is for
 * authentication failure, be it EFI_ACCESS_DENIED, EFI_SECURITY_VIOLATION, or something
 * else. (This seems to vary between implementations.)
 */
static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROTOCOL *this, UINT32 authentication_status,
                                                         const EFI_DEVICE_PATH_PROTOCOL *device_path_const) {
        EFI_STATUS status;
        EFI_DEVICE_PATH *dev_path;
        EFI_HANDLE h;
        EFI_FILE *root;
        CHAR8 *file_buffer = NULL;
        UINTN file_size;
        CHAR16 *dev_path_str;

        if (!device_path_const)
                return EFI_INVALID_PARAMETER;

        dev_path = DuplicateDevicePath((EFI_DEVICE_PATH*) device_path_const);

        status = uefi_call_wrapper(BS->LocateDevicePath, 3, (EFI_GUID*) &simple_fs_guid, &dev_path, &h);
        if (status != EFI_SUCCESS) {
                FreePool(dev_path);
                return status;
        }

        /* No need to check return value, this already happend in efi_main() */
        root = LibOpenRoot(h);
        dev_path_str = DevicePathToStr(dev_path);
        FreePool(dev_path);

        file_size = file_read(root, dev_path_str, 0, 0, &file_buffer);
        FreePool(dev_path_str);
        uefi_call_wrapper(root->Close, 1, root);

        if (shim_validate(file_buffer, file_size))
                status = EFI_SUCCESS;
        else
                /* Try using the platform's native policy.... */
                status = uefi_call_wrapper(esfas, 3, this, authentication_status, device_path_const);
        FreePool(file_buffer);

        return status;
}

EFI_STATUS security_policy_install(void) {
        EFI_SECURITY_PROTOCOL *security_protocol;
        EFI_SECURITY2_PROTOCOL *security2_protocol = NULL;
        EFI_STATUS status;

        /* Already Installed */
        if (esfas)
                return EFI_ALREADY_STARTED;

        /*
         * Don't bother with status here. The call is allowed
         * to fail, since SECURITY2 was introduced in PI 1.2.1.
         * Use security2_protocol == NULL as indicator.
         */
        uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID*) &security2_protocol_guid, NULL, (VOID**) &security2_protocol);

        status = uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID*) &security_protocol_guid, NULL, (VOID**) &security_protocol);
         /* This one is mandatory, so there's a serious problem */
        if (status != EFI_SUCCESS)
                return status;

        esfas = security_protocol->FileAuthenticationState;
        security_protocol->FileAuthenticationState = security_policy_authentication;

        if (security2_protocol) {
                es2fa = security2_protocol->FileAuthentication;
                security2_protocol->FileAuthentication = security2_policy_authentication;
        }

        return EFI_SUCCESS;
}

EFI_STATUS security_policy_uninstall(void) {
        EFI_STATUS status;

        if (esfas) {
                EFI_SECURITY_PROTOCOL *security_protocol;

                status = uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID*) &security_protocol_guid, NULL, (VOID**) &security_protocol);

                if (status != EFI_SUCCESS)
                        return status;

                security_protocol->FileAuthenticationState = esfas;
                esfas = NULL;
        } else
                /* nothing installed */
                return EFI_NOT_STARTED;

        if (es2fa) {
                EFI_SECURITY2_PROTOCOL *security2_protocol;

                status = uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID*) &security2_protocol_guid, NULL, (VOID**) &security2_protocol);

                if (status != EFI_SUCCESS)
                        return status;

                security2_protocol->FileAuthentication = es2fa;
                es2fa = NULL;
        }

        return EFI_SUCCESS;
}
Commit	Line	Data
52ad194e	1	/* SPDX-License-Identifier: LGPL-2.1+ */
81c58355 MB	2	/*
	3	* This program is free software; you can redistribute it and/or modify it
	4	* under the terms of the GNU Lesser General Public License as published by
	5	* the Free Software Foundation; either version 2.1 of the License, or
	6	* (at your option) any later version.
	7	*
	8	* This program is distributed in the hope that it will be useful, but
	9	* WITHOUT ANY WARRANTY; without even the implied warranty of
	10	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	11	* Lesser General Public License for more details.
	12	*
	13	* Port to systemd-boot
	14	* Copyright 2017 Max Resch <resch.max@gmail.com>
	15	*
	16	* Security Policy Handling
	17	* Copyright 2012 <James.Bottomley@HansenPartnership.com>
	18	* https://github.com/mjg59/efitools
	19	*/
	20
	21	#include <efi.h>
	22	#include <efilib.h>
	23
	24	#include "util.h"
	25	#include "shim.h"
	26
	27	/* well known shim lock guid */
	28	#define SHIM_LOCK_GUID
	29
	30	struct ShimLock {
	31	EFI_STATUS __attribute__((sysv_abi)) (shim_verify) (VOID buffer, UINT32 size);
	32
	33	/* context is actually a struct for the PE header, but it isn't needed so void is sufficient just do define the interface
	34	* see shim.c/shim.h and PeHeader.h in the github shim repo */
	35	EFI_STATUS __attribute__((sysv_abi)) (generate_hash) (VOID data, UINT32 datasize, VOID context, UINT8 sha256hash, UINT8 *sha1hash);
	36
	37	EFI_STATUS __attribute__((sysv_abi)) (read_header) (VOID data, UINT32 datasize, VOID *context);
	38	};
	39
	40	static const EFI_GUID simple_fs_guid = SIMPLE_FILE_SYSTEM_PROTOCOL;
	41	static const EFI_GUID global_guid = EFI_GLOBAL_VARIABLE;
	42
	43	static const EFI_GUID security_protocol_guid = { 0xa46423e3, 0x4617, 0x49f1, {0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } };
	44	static const EFI_GUID security2_protocol_guid = { 0x94ab2f58, 0x1438, 0x4ef1, {0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } };
	45	static const EFI_GUID shim_lock_guid = { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} };
	46
	47	BOOLEAN shim_loaded(void) {
	48	struct ShimLock *shim_lock;
	49
	50	return uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID) &shim_lock_guid, NULL, (VOID*) &shim_lock) == EFI_SUCCESS;
	51	}
	52
	53	static BOOLEAN shim_validate(VOID *data, UINT32 size) {
	54	struct ShimLock *shim_lock;
	55
	56	if (!data)
	57	return FALSE;
	58
	59	if (uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID) &shim_lock_guid, NULL, (VOID*) &shim_lock) != EFI_SUCCESS)
	60	return FALSE;
	61
	62	if (!shim_lock)
	63	return FALSE;
	64
52ad194e	65	return shim_lock->shim_verify(data, size) == EFI_SUCCESS;
81c58355 MB	66	}
	67
	68	BOOLEAN secure_boot_enabled(void) {
	69	CHAR8 *b;
	70	UINTN size;
	71	BOOLEAN result;
	72
	73	if (efivar_get_raw(&global_guid, L"SecureBoot", &b, &size) == EFI_SUCCESS) {
	74	result = *b > 0;
	75	FreePool(b);
	76	return result;
	77	}
	78
	79	return FALSE;
	80	}
	81
	82	/*
	83	* See the UEFI Platform Initialization manual (Vol2: DXE) for this
	84	*/
	85	struct _EFI_SECURITY2_PROTOCOL;
	86	struct _EFI_SECURITY_PROTOCOL;
	87	struct _EFI_DEVICE_PATH_PROTOCOL;
	88
	89	typedef struct _EFI_SECURITY2_PROTOCOL EFI_SECURITY2_PROTOCOL;
	90	typedef struct _EFI_SECURITY_PROTOCOL EFI_SECURITY_PROTOCOL;
	91	typedef struct _EFI_DEVICE_PATH_PROTOCOL EFI_DEVICE_PATH_PROTOCOL;
	92
	93	typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE) (
	94	const EFI_SECURITY_PROTOCOL *This,
	95	UINT32 AuthenticationStatus,
	96	const EFI_DEVICE_PATH_PROTOCOL *File
	97	);
	98
	99	typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) (
	100	const EFI_SECURITY2_PROTOCOL *This,
	101	const EFI_DEVICE_PATH_PROTOCOL *DevicePath,
	102	VOID *FileBuffer,
	103	UINTN FileSize,
	104	BOOLEAN BootPolicy
	105	);
	106
	107	struct _EFI_SECURITY2_PROTOCOL {
	108	EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;
	109	};
	110
	111	struct _EFI_SECURITY_PROTOCOL {
	112	EFI_SECURITY_FILE_AUTHENTICATION_STATE FileAuthenticationState;
	113	};
	114
	115	/* Handle to the original authenticator for security1 protocol */
	116	static EFI_SECURITY_FILE_AUTHENTICATION_STATE esfas = NULL;
	117
	118	/* Handle to the original authenticator for security2 protocol */
	119	static EFI_SECURITY2_FILE_AUTHENTICATION es2fa = NULL;
	120
	121	/*
	122	* Perform shim/MOK and Secure Boot authentication on a binary that's already been
	123	* loaded into memory. This function does the platform SB authentication first
	124	* but preserves its return value in case of its failure, so that it can be
	125	* returned in case of a shim/MOK authentication failure. This is done because
	126	* the SB failure code seems to vary from one implementation to another, and I
	127	* don't want to interfere with that at this time.
	128	*/
	129	static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PROTOCOL *this,
130	const EFI_DEVICE_PATH_PROTOCOL *device_path,
131	VOID *file_buffer, UINTN file_size, BOOLEAN boot_policy) {
132	EFI_STATUS status;
133
134	/* Chain original security policy */
135	status = uefi_call_wrapper(es2fa, 5, this, device_path, file_buffer, file_size, boot_policy);
136
137	/* if OK, don't bother with MOK check */
138	if (status == EFI_SUCCESS)
139	return status;
140
141	if (shim_validate(file_buffer, file_size))
142	return EFI_SUCCESS;
143
144	return status;
145	}
146
147	/*
148	* Perform both shim/MOK and platform Secure Boot authentication. This function loads
149	* the file and performs shim/MOK authentication first simply to avoid double loads
150	* of Linux kernels, which are much more likely to be shim/MOK-signed than platform-signed,
151	* since kernels are big and can take several seconds to load on some computers and
152	* filesystems. This also has the effect of returning whatever the platform code is for
153	* authentication failure, be it EFI_ACCESS_DENIED, EFI_SECURITY_VIOLATION, or something
154	* else. (This seems to vary between implementations.)
155	*/
156	static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROTOCOL *this, UINT32 authentication_status,
157	const EFI_DEVICE_PATH_PROTOCOL *device_path_const) {
158	EFI_STATUS status;
159	EFI_DEVICE_PATH *dev_path;
160	EFI_HANDLE h;
161	EFI_FILE *root;
52ad194e	162	CHAR8 *file_buffer = NULL;
81c58355 MB	163	UINTN file_size;
	164	CHAR16 *dev_path_str;
	165
	166	if (!device_path_const)
	167	return EFI_INVALID_PARAMETER;
	168
	169	dev_path = DuplicateDevicePath((EFI_DEVICE_PATH*) device_path_const);
	170
	171	status = uefi_call_wrapper(BS->LocateDevicePath, 3, (EFI_GUID*) &simple_fs_guid, &dev_path, &h);
	172	if (status != EFI_SUCCESS) {
	173	FreePool(dev_path);
	174	return status;
	175	}
	176
	177	/* No need to check return value, this already happend in efi_main() */
	178	root = LibOpenRoot(h);
	179	dev_path_str = DevicePathToStr(dev_path);
	180	FreePool(dev_path);
	181
52ad194e	182	file_size = file_read(root, dev_path_str, 0, 0, &file_buffer);
81c58355 MB	183	FreePool(dev_path_str);
	184	uefi_call_wrapper(root->Close, 1, root);
	185
	186	if (shim_validate(file_buffer, file_size))
	187	status = EFI_SUCCESS;
52ad194e MB	188	else
52ad194e MB	189	/* Try using the platform's native policy.... */
81c58355	190	status = uefi_call_wrapper(esfas, 3, this, authentication_status, device_path_const);
52ad194e	191	FreePool(file_buffer);
81c58355 MB	192
	193	return status;
	194	}
	195
	196	EFI_STATUS security_policy_install(void) {
	197	EFI_SECURITY_PROTOCOL *security_protocol;
	198	EFI_SECURITY2_PROTOCOL *security2_protocol = NULL;
	199	EFI_STATUS status;
	200
	201	/* Already Installed */
	202	if (esfas)
	203	return EFI_ALREADY_STARTED;
	204
	205	/*
52ad194e MB	206	* Don't bother with status here. The call is allowed
	207	* to fail, since SECURITY2 was introduced in PI 1.2.1.
	208	* Use security2_protocol == NULL as indicator.
81c58355 MB	209	*/
	210	uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID) &security2_protocol_guid, NULL, (VOID*) &security2_protocol);
	211
	212	status = uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID) &security_protocol_guid, NULL, (VOID*) &security_protocol);
	213	/* This one is mandatory, so there's a serious problem */
	214	if (status != EFI_SUCCESS)
	215	return status;
	216
52ad194e MB	217	esfas = security_protocol->FileAuthenticationState;
	218	security_protocol->FileAuthenticationState = security_policy_authentication;
	219
	220	if (security2_protocol) {
81c58355 MB	221	es2fa = security2_protocol->FileAuthentication;
	222	security2_protocol->FileAuthentication = security2_policy_authentication;
	223	}
	224
81c58355 MB	225	return EFI_SUCCESS;
	226	}
	227
	228	EFI_STATUS security_policy_uninstall(void) {
	229	EFI_STATUS status;
	230
	231	if (esfas) {
	232	EFI_SECURITY_PROTOCOL *security_protocol;
	233
	234	status = uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID) &security_protocol_guid, NULL, (VOID*) &security_protocol);
	235
	236	if (status != EFI_SUCCESS)
	237	return status;
	238
	239	security_protocol->FileAuthenticationState = esfas;
	240	esfas = NULL;
	241	} else
	242	/* nothing installed */
	243	return EFI_NOT_STARTED;
	244
	245	if (es2fa) {
	246	EFI_SECURITY2_PROTOCOL *security2_protocol;
	247
	248	status = uefi_call_wrapper(BS->LocateProtocol, 3, (EFI_GUID) &security2_protocol_guid, NULL, (VOID*) &security2_protocol);
	249
	250	if (status != EFI_SUCCESS)
	251	return status;
	252
	253	security2_protocol->FileAuthentication = es2fa;
	254	es2fa = NULL;
	255	}
	256
	257	return EFI_SUCCESS;
	258	}