Fail validation if we can't find shim and Secure Boot is enabled

If grub is signed with a key that's in the trusted EFI keyring, an attacker
can point a boot entry at grub rather than at shim and grub will fail to
locate the shim verification protocol. This would then allow booting an
arbitrary kernel image. Fail validation if Secure Boot is enabled and we
can't find the shim protocol in order to prevent this.
This commit is contained in:
Matthew Garrett 2015-04-16 16:30:53 -07:00
parent 25850cfd50
commit 9b669efb38

View file

@ -57,8 +57,12 @@ grub_linuxefi_secure_validate (void *data, grub_uint32_t size)
shim_lock = grub_efi_locate_protocol(&guid, NULL); shim_lock = grub_efi_locate_protocol(&guid, NULL);
if (!shim_lock) if (!shim_lock) {
return 1; if (grub_efi_secure_boot())
return 0;
else
return 1;
}
if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS) if (shim_lock->verify(data, size) == GRUB_EFI_SUCCESS)
return 1; return 1;