[PATCH v3 4/6] eficonfig: add "Show/Delete Signature Database" menu entry
Masahisa Kojima
masahisa.kojima at linaro.org
Fri Oct 14 08:56:58 CEST 2022
This commit adds the menu-driven interface to show and delete the
signature database.
EFI Signature Lists can contain the multiple signature
entries, this menu can delete the indivisual entry.
If the PK is enrolled and UEFI Secure Boot is in User Mode or
Deployed Mode, user can not delete the existing signature lists
since the signature lists must be signed by KEK or PK but signing
information is not stored in the signature database.
To delete PK, user needs to enroll the new key with an empty
value and this new key must be signed with the old PK.
Signed-off-by: Masahisa Kojima <masahisa.kojima at linaro.org>
---
No change since v2
Changes in v2:
- integrate show and delete signature database menu
- add confirmation message before delete
- add function comment
cmd/eficonfig_sbkey.c | 394 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 394 insertions(+)
diff --git a/cmd/eficonfig_sbkey.c b/cmd/eficonfig_sbkey.c
index cc27f78e66..e8ba15726d 100644
--- a/cmd/eficonfig_sbkey.c
+++ b/cmd/eficonfig_sbkey.c
@@ -17,6 +17,14 @@
#include <efi_variable.h>
#include <crypto/pkcs7_parser.h>
+struct eficonfig_sig_data {
+ struct efi_signature_list *esl;
+ struct efi_signature_data *esd;
+ struct list_head list;
+ struct eficonfig_sig_data **selected;
+ u16 *varname;
+};
+
enum efi_sbkey_signature_type {
SIG_TYPE_X509 = 0,
SIG_TYPE_HASH,
@@ -46,6 +54,32 @@ static const struct eficonfig_sigtype_to_str sigtype_to_str[] = {
/* {EFI_CERT_SHA512_GUID, "SHA512", SIG_TYPE_HASH}, */
};
+/**
+ * eficonfig_console_wait_enter() - wait ENTER key press
+ *
+ * Return: 1 if ENTER key is pressed, 0 if user selects to quit
+ */
+static int eficonfig_console_wait_enter(void)
+{
+ int esc = 0;
+ enum bootmenu_key key = KEY_NONE;
+
+ puts(ANSI_CURSOR_HIDE);
+
+ while (1) {
+ bootmenu_loop(NULL, &key, &esc);
+
+ switch (key) {
+ case KEY_SELECT:
+ return 1;
+ case KEY_QUIT:
+ return 0;
+ default:
+ break;
+ }
+ }
+}
+
/**
* is_secureboot_enabled() - check UEFI Secure Boot is enabled
*
@@ -270,8 +304,368 @@ out:
return ret;
}
+/**
+ * delete_selected_signature_data() - delete the signature data from signature list
+ *
+ * @db: pointer to the signature database
+ * @db_size: pointer to the signature database size
+ * @target: pointer to the signature data to be deleted
+ * Return: status code
+ */
+static void delete_selected_signature_data(void *db, efi_uintn_t *db_size,
+ struct eficonfig_sig_data *target)
+{
+ u32 remain;
+ u8 *dest, *start, *end;
+ efi_uintn_t total_size, esd_size, size;
+ struct efi_signature_list *esl;
+ struct efi_signature_data *esd;
+
+ esl = db;
+ total_size = *db_size;
+ size = *db_size;
+ end = (u8 *)db + *db_size;
+ while (total_size > 0) {
+ esd = (struct efi_signature_data *)((u8 *)esl +
+ sizeof(struct efi_signature_list) + esl->signature_header_size);
+ esd_size = esl->signature_list_size - sizeof(struct efi_signature_list) -
+ esl->signature_header_size;
+ for (; esd_size > 0; esd_size -= esl->signature_size) {
+ if (esl == target->esl && esd == target->esd) {
+ remain = esl->signature_list_size -
+ (sizeof(struct efi_signature_list) -
+ esl->signature_header_size) -
+ esl->signature_size;
+ if (remain > 0) {
+ /* only delete the single signature data */
+ esl->signature_list_size -= esl->signature_size;
+ size -= esl->signature_size;
+ dest = (u8 *)esd;
+ start = (u8 *)esd + esl->signature_size;
+ } else {
+ /* delete entire signature list */
+ dest = (u8 *)esl;
+ start = (u8 *)esl + esl->signature_list_size;
+ size -= esl->signature_list_size;
+ }
+ memmove(dest, start, (end - start));
+ goto out;
+ }
+ esd = (struct efi_signature_data *)((u8 *)esd + esl->signature_size);
+ }
+ total_size -= esl->signature_list_size;
+ esl = (struct efi_signature_list *)((u8 *)esl + esl->signature_list_size);
+ }
+out:
+ *db_size = size;
+}
+
+/**
+ * display_sigdata_info() - display signature data information
+ *
+ * @sg: pointer to the internal signature data structure
+ * Return: status code
+ */
+static void display_sigdata_info(struct eficonfig_sig_data *sg)
+{
+ u32 i;
+
+ puts(ANSI_CURSOR_HIDE);
+ puts(ANSI_CLEAR_CONSOLE);
+ printf(ANSI_CURSOR_POSITION, 1, 1);
+
+ *sg->selected = sg;
+ printf("\n ** Show/Delete Signature Database (%ls) **\n\n"
+ " Owner GUID:\n"
+ " %pUL\n",
+ sg->varname, sg->esd->signature_owner.b);
+
+ for (i = 0; i < ARRAY_SIZE(sigtype_to_str); i++) {
+ if (!guidcmp(&sg->esl->signature_type, &sigtype_to_str[i].sig_type)) {
+ printf(" Signature Type:\n"
+ " %s\n", sigtype_to_str[i].str);
+
+ switch (sigtype_to_str[i].type) {
+ case SIG_TYPE_X509:
+ {
+ struct x509_certificate *cert_tmp;
+
+ cert_tmp = x509_cert_parse(sg->esd->signature_data,
+ sg->esl->signature_size);
+ printf(" Subject:\n"
+ " %s\n"
+ " Issuer:\n"
+ " %s\n",
+ cert_tmp->subject, cert_tmp->issuer);
+ break;
+ }
+ case SIG_TYPE_CRL:
+ {
+ u32 hash_size = sg->esl->signature_size - sizeof(efi_guid_t) -
+ sizeof(struct efi_time);
+ struct efi_time *time =
+ (struct efi_time *)((u8 *)sg->esd->signature_data +
+ hash_size);
+
+ printf(" ToBeSignedHash:\n");
+ print_hex_dump(" ", DUMP_PREFIX_NONE, 16, 1,
+ sg->esd->signature_data, hash_size, false);
+ printf(" TimeOfRevocation:\n"
+ " %d-%d-%d %02d:%02d:%02d\n",
+ time->year, time->month, time->day,
+ time->hour, time->minute, time->second);
+ break;
+ }
+ case SIG_TYPE_HASH:
+ {
+ u32 hash_size = sg->esl->signature_size - sizeof(efi_guid_t);
+
+ printf(" Hash:\n");
+ print_hex_dump(" ", DUMP_PREFIX_NONE, 16, 1,
+ sg->esd->signature_data, hash_size, false);
+ break;
+ }
+ default:
+ eficonfig_print_msg("ERROR! Unsupported format.");
+ break;
+ }
+ }
+ }
+}
+
+/**
+ * eficonfig_process_sigdata_delete() - delete signature data
+ *
+ * @data: pointer to the data for each entry
+ * Return: status code
+ */
+static efi_status_t eficonfig_process_sigdata_delete(void *data)
+{
+ int delete;
+ efi_status_t ret;
+ efi_uintn_t size;
+ u8 setup_mode = 0;
+ u8 audit_mode = 0;
+
+ struct eficonfig_sig_data *sg = data;
+
+ display_sigdata_info(sg);
+
+ if (!u16_strcmp(sg->varname, u"PK")) {
+ while (tstc())
+ getchar();
+
+ printf("\n\n Can not delete PK, Press any key to continue");
+ getchar();
+ return EFI_NOT_READY;
+ }
+
+ printf("\n\n Press ENTER to delete, ESC/CTRL+C to quit");
+ delete = eficonfig_console_wait_enter();
+ if (!delete)
+ return EFI_NOT_READY;
+
+ size = sizeof(setup_mode);
+ ret = efi_get_variable_int(u"SetupMode", &efi_global_variable_guid,
+ NULL, &size, &setup_mode, NULL);
+ size = sizeof(audit_mode);
+ ret = efi_get_variable_int(u"AuditMode", &efi_global_variable_guid,
+ NULL, &size, &audit_mode, NULL);
+
+ if (!setup_mode && !audit_mode) {
+ eficonfig_print_msg("Not in the SetupMode or AuditMode, can not delete.");
+ return EFI_NOT_READY;
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ * prepare_signature_db_list() - create the signature data menu entry
+ *
+ * @efimenu: pointer to the efimenu structure
+ * @varname: pointer to the variable name
+ * @db: pointer to the variable raw data
+ * @db_size: variable data size
+ * @func: callback of each entry
+ * @selected: pointer to selected signature data
+ * Return: status code
+ */
+static efi_status_t prepare_signature_db_list(struct efimenu *efi_menu, void *varname,
+ void *db, efi_uintn_t db_size,
+ eficonfig_entry_func func,
+ struct eficonfig_sig_data **selected)
+{
+ u32 num = 0;
+ efi_uintn_t size;
+ struct eficonfig_sig_data *sg;
+ struct efi_signature_list *esl;
+ struct efi_signature_data *esd;
+ efi_status_t ret = EFI_SUCCESS;
+
+ INIT_LIST_HEAD(&efi_menu->list);
+
+ esl = db;
+ size = db_size;
+ while (size > 0) {
+ u32 remain;
+
+ esd = (struct efi_signature_data *)((u8 *)esl +
+ (sizeof(struct efi_signature_list) +
+ esl->signature_header_size));
+ remain = esl->signature_list_size - sizeof(struct efi_signature_list) -
+ esl->signature_header_size;
+ for (; remain > 0; remain -= esl->signature_size) {
+ char buf[40];
+ char *title;
+
+ if (num >= EFICONFIG_ENTRY_NUM_MAX - 1) {
+ ret = EFI_OUT_OF_RESOURCES;
+ goto out;
+ }
+
+ sg = calloc(1, sizeof(struct eficonfig_sig_data));
+ if (!sg) {
+ ret = EFI_OUT_OF_RESOURCES;
+ goto err;
+ }
+
+ snprintf(buf, sizeof(buf), "%pUL", &esd->signature_owner);
+ title = calloc(1, (strlen(buf) + 1));
+ if (!title) {
+ free(sg);
+ ret = EFI_OUT_OF_RESOURCES;
+ goto err;
+ }
+ strlcpy(title, buf, strlen(buf) + 1);
+
+ sg->esl = esl;
+ sg->esd = esd;
+ sg->selected = selected;
+ sg->varname = varname;
+ ret = eficonfig_append_menu_entry(efi_menu, title, func, sg);
+ if (ret != EFI_SUCCESS) {
+ free(sg);
+ free(title);
+ goto err;
+ }
+ esd = (struct efi_signature_data *)((u8 *)esd + esl->signature_size);
+ num++;
+ }
+
+ size -= esl->signature_list_size;
+ esl = (struct efi_signature_list *)((u8 *)esl + esl->signature_list_size);
+ }
+out:
+ ret = eficonfig_append_quit_entry(efi_menu);
+err:
+ return ret;
+}
+
+/**
+ * process_show_signature_db() - display the signature data list
+ *
+ * @data: pointer to the data for each entry
+ * Return: status code
+ */
+static efi_status_t process_show_signature_db(void *varname)
+{
+ char buf[50];
+ efi_status_t ret;
+ efi_uintn_t db_size;
+ void *db, *new_db = NULL;
+ struct efimenu *efi_menu;
+ struct list_head *pos, *n;
+ struct eficonfig_entry *entry;
+ struct eficonfig_sig_data *selected;
+
+ db = efi_get_var(varname, efi_auth_var_get_guid(varname), &db_size);
+ if (!db) {
+ eficonfig_print_msg("There is no entry in the signature database.");
+ return EFI_NOT_FOUND;
+ }
+
+ efi_menu = calloc(1, sizeof(struct efimenu));
+ if (!efi_menu) {
+ free(db);
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ ret = prepare_signature_db_list(efi_menu, varname, db, db_size,
+ eficonfig_process_sigdata_delete, &selected);
+ if (ret != EFI_SUCCESS)
+ goto out;
+
+ snprintf(buf, sizeof(buf), " ** Show/Delete Signature Database (%ls) **",
+ (u16 *)varname);
+ ret = eficonfig_process_common(efi_menu, buf);
+ if (ret == EFI_SUCCESS) {
+ u32 attr;
+ int delete;
+
+ printf(ANSI_CURSOR_HIDE
+ "\n\n Are you sure you want to delete this item?\n\n"
+ " Press ENTER to delete, ESC/CTRL+C to quit");
+ delete = eficonfig_console_wait_enter();
+ if (!delete)
+ goto out;
+
+ delete_selected_signature_data(db, &db_size, selected);
+
+ ret = create_time_based_payload(db, &new_db, &db_size);
+ if (ret != EFI_SUCCESS) {
+ eficonfig_print_msg("ERROR! Failed to create payload with timestamp.");
+ goto out;
+ }
+
+ attr = EFI_VARIABLE_NON_VOLATILE |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS |
+ EFI_VARIABLE_RUNTIME_ACCESS |
+ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+ ret = efi_set_variable_int((u16 *)varname, efi_auth_var_get_guid((u16 *)varname),
+ attr, db_size, new_db, false);
+ if (ret != EFI_SUCCESS) {
+ eficonfig_print_msg("ERROR! Failed to delete signature database");
+ goto out;
+ }
+ }
+out:
+ list_for_each_safe(pos, n, &efi_menu->list) {
+ entry = list_entry(pos, struct eficonfig_entry, list);
+ free(entry->data);
+ }
+ eficonfig_destroy(efi_menu);
+ free(new_db);
+ free(db);
+
+ return ret;
+}
+
+/**
+ * eficonfig_process_set_secure_boot_key() - display the key configuration menu
+ *
+ * @data: pointer to the data for each entry
+ * Return: status code
+ */
+static efi_status_t eficonfig_process_show_signature_db(void *data)
+{
+ efi_status_t ret;
+
+ while (1) {
+ ret = process_show_signature_db(data);
+ if (ret != EFI_SUCCESS && ret != EFI_NOT_READY)
+ break;
+ }
+
+ /* to stay the parent menu */
+ ret = (ret == EFI_ABORTED) ? EFI_NOT_READY : ret;
+
+ return ret;
+}
+
static struct eficonfig_item key_config_menu_items[] = {
{"Enroll New Key", eficonfig_process_enroll_key},
+ {"Show/Delete Signature Database", eficonfig_process_show_signature_db},
{"Quit", eficonfig_process_quit},
};
--
2.17.1
More information about the U-Boot
mailing list