d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
283,629 Commits 72 Branches 135 Tags 3.2 GiB
ca14781c81
Commit Graph

8 Commits

Author SHA1 Message Date
Kenneth Camann
5deb350025 uefisign: fix SizeOfHeaders sanity check. 
This check was too aggressive: it is fine if SizeOfHeaders is exactly
equal to the size of the DOS stub + PE header + section table. Despite
being wrong this code typically worked for most EFI binaries because
SizeOfHeaders is rounded up to a multiple of FileAlignment, which is
often large (e.g., 512 bytes for the FreeBSD loader) so most binaries
made it through.

Reviewed by:	imp@
Sponsored by:	Netflix
Pull Request:	https://github.com/freebsd/freebsd-src/pull/445
 2021-06-03 15:22:14 -06:00
Eric van Gyzen
12db51d208 uefisign: handle empty sections 
loader.efi has an empty set_Xfic section.  Handle it correctly.

```
Sections:
Idx Name          Size      VMA               LMA               File off  Algn
[...]
3 set_Xcom      00000168  00000000000d4000  00000000000d4000  000d0e00  2**2
	      CONTENTS, ALLOC, LOAD, DATA
4 set_Xfic      00000000  00000000000d4168  00000000000d4168  00000000  2**2
	      ALLOC, LOAD, DATA
5 .sdata        00000448  00000000000d5000  00000000000d5000  000d1000  2**2
	      CONTENTS, ALLOC, LOAD, DATA
[...]
```

Reviewed by:	trasz, dab
Reported by:	andy.y.liu@dell.com
Tested by:	andy.y.liu@dell.com
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D29606
 2021-04-07 11:23:11 -05:00
Edward Tomasz Napierala
bce7ee9d41 Drop "All rights reserved" from all my stuff. This includes 
Foundation copyrights, approved by emaste@.  It does not include
files which carry other people's copyrights; if you're one
of those people, feel free to make similar change.

Reviewed by:	emaste, imp, gbe (manpages)
Differential Revision:	https://reviews.freebsd.org/D26980
 2020-10-28 13:46:11 +00:00
Marcin Wojtas
c97ed06a4b Fix alignment issue in uefisign 
The pe_certificate structure has to be aligned to 8 bytes. [1]
Since this is now checked in edk2, any binaries signed with
older version of this tool will fail verification.

References:
[1] https://docs.microsoft.com/en-us/windows/desktop/Debug/pe-format#the-attribute-certificate-table-image-only

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: trasz
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D18554
 2018-12-19 22:47:37 +00:00
Edward Tomasz Napierala
1aa6f9aea2 Add SPDX identifiers for uefisign(8) sources. 
MFC after:	2 weeks
 2018-01-24 16:33:33 +00:00
Eitan Adler
463a577b27 Fix a ton of speelling errors 
arc lint is helpful

Reviewed By: allanjude, wblock, #manpages, chris@bsdjunk.com
Differential Revision: https://reviews.freebsd.org/D3337
 2015-10-21 05:37:09 +00:00
Edward Tomasz Napierala
8dca98d787 Remove the warning about invalid PE checksum; apparently nothing 
cares about those checksums anyway.

MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
 2015-05-20 09:40:34 +00:00
Edward Tomasz Napierala
e595e65b8a Add uefisign(8), UEFI Secure Boot signing utility. 
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
 2015-02-26 09:15:24 +00:00