From patchwork Fri May 8 17:16:53 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 48180 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-wg0-f69.google.com (mail-wg0-f69.google.com [74.125.82.69]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id CC8B92121F for ; Fri, 8 May 2015 17:20:40 +0000 (UTC) Received: by wgiv13 with SMTP id v13sf23225187wgi.3 for ; Fri, 08 May 2015 10:20:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:subject :precedence:reply-to:list-id:list-unsubscribe:list-archive:list-post :list-help:list-subscribe:mime-version:content-type :content-transfer-encoding:errors-to:x-original-sender :x-original-authentication-results:mailing-list; bh=Ag31tsY7zVj/oE8RMBh+Ur8tme1TIz/Gx0I2hdliSJE=; b=GUQYt1+GeSZ2Anw34x5kQbNXgwd41vQpwfvR6wEVZC+fjVpCL6/xgEBt6ZlfOGCmY/ yE1JQcEmv/ARQNiJhD+gAzRbj0OxdPbMnCKlW/ZHbrM8LX0phrLOObeO3yd1T0sVlkSv uJwSWXZuYF8cEZ/G3++odcbiGexOTzzAwgabJdR/a7pxCmZBqonmjPBrvrKaROde8ZNY w2sVdCCXUOpbiN74eHm8mSzanvTSJxmzMI7j89vIUtLvBX2CHT//aYRcJt2oFch1K9T2 NVdQBOcLx72264Pw1uSE8uA9dKM9RbRRgrMbEQQPOyAvDJU0m2j2Lg+gGCIuZZutrlpf 5QMQ== X-Gm-Message-State: ALoCoQn2aaZLF7VjnWznX4+btynuIh/6FB6A7wcXSo4yQV0twHKDM5LKfHMzV2tLEiZfcwn356ux X-Received: by 10.112.28.111 with SMTP id a15mr2514838lbh.21.1431105640135; Fri, 08 May 2015 10:20:40 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.4.73 with SMTP id i9ls380055lai.100.gmail; Fri, 08 May 2015 10:20:40 -0700 (PDT) X-Received: by 10.112.142.232 with SMTP id rz8mr706568lbb.74.1431105639988; Fri, 08 May 2015 10:20:39 -0700 (PDT) Received: from mail-lb0-f174.google.com (mail-lb0-f174.google.com. [209.85.217.174]) by mx.google.com with ESMTPS id tp6si3661846lbb.97.2015.05.08.10.20.39 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 08 May 2015 10:20:39 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.174 as permitted sender) client-ip=209.85.217.174; Received: by lbbuc2 with SMTP id uc2so57677427lbb.2 for ; Fri, 08 May 2015 10:20:39 -0700 (PDT) X-Received: by 10.152.27.98 with SMTP id s2mr3673170lag.106.1431105639889; Fri, 08 May 2015 10:20:39 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.108.230 with SMTP id hn6csp147756lbb; Fri, 8 May 2015 10:20:39 -0700 (PDT) X-Received: by 10.50.8.6 with SMTP id n6mr5876712iga.12.1431105638448; Fri, 08 May 2015 10:20:38 -0700 (PDT) Received: from lists.sourceforge.net (lists.sourceforge.net. [216.34.181.88]) by mx.google.com with ESMTPS id o3si4513298icv.34.2015.05.08.10.20.37 (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 08 May 2015 10:20:38 -0700 (PDT) Received-SPF: pass (google.com: domain of edk2-devel-bounces@lists.sourceforge.net designates 216.34.181.88 as permitted sender) client-ip=216.34.181.88; Received: from localhost ([127.0.0.1] helo=sfs-ml-4.v29.ch3.sourceforge.com) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Yqlwo-00078s-Rf; Fri, 08 May 2015 17:20:26 +0000 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Yqlwo-00078m-6s for edk2-devel@lists.sourceforge.net; Fri, 08 May 2015 17:20:26 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of linaro.org designates 209.85.212.173 as permitted sender) client-ip=209.85.212.173; envelope-from=ard.biesheuvel@linaro.org; helo=mail-wi0-f173.google.com; Received: from mail-wi0-f173.google.com ([209.85.212.173]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Yqlwn-0003aw-Cp for edk2-devel@lists.sourceforge.net; Fri, 08 May 2015 17:20:26 +0000 Received: by wizk4 with SMTP id k4so37578468wiz.1 for ; Fri, 08 May 2015 10:20:19 -0700 (PDT) X-Received: by 10.180.83.229 with SMTP id t5mr8193139wiy.82.1431105619386; Fri, 08 May 2015 10:20:19 -0700 (PDT) Received: from localhost.localdomain (cag06-7-83-153-85-71.fbx.proxad.net. [83.153.85.71]) by mx.google.com with ESMTPSA id bm9sm9247342wjc.21.2015.05.08.10.20.17 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 08 May 2015 10:20:18 -0700 (PDT) From: Ard Biesheuvel To: chao.b.zhang@intel.com, edk2-devel@lists.sourceforge.net Date: Fri, 8 May 2015 19:16:53 +0200 Message-Id: <1431105413-21709-1-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 1.9.1 X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1Yqlwn-0003aw-Cp Subject: [edk2] [PATCH] SecurityPkg: allow image digest enrollment of non-Intel binaries X-BeenThere: edk2-devel@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list Reply-To: edk2-devel@lists.sourceforge.net List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.sourceforge.net X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: ard.biesheuvel@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.174 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 This updates the SecureBootConfigDxe component to allow the enrollment of the digests of EFI executable that are built for ARM or AARCH64. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel --- .../SecureBootConfigDxe/SecureBootConfigImpl.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c index 1d730dc288fc..e43c6e0ee7e2 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c @@ -1643,15 +1643,17 @@ LoadPeImage ( // Note the size of FileHeader field is constant for both IA32 and X64 arch // if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA32) - || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC)) { + || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_EBC) + || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_ARMTHUMB_MIXED)) { // - // IA-32 Architecture + // 32-bits Architecture // mImageType = ImageType_IA32; mSecDataDir = (EFI_IMAGE_SECURITY_DATA_DIRECTORY*) &(NtHeader32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]); } else if ((NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_IA64) - || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_X64)) { + || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_X64) + || (NtHeader32->FileHeader.Machine == EFI_IMAGE_MACHINE_AARCH64)) { // // 64-bits Architecture //