Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't call QueryVariableInfo() on EFI 1.10 machines #364

Merged
merged 1 commit into from
May 24, 2021
Merged

Don't call QueryVariableInfo() on EFI 1.10 machines #364

merged 1 commit into from
May 24, 2021

Conversation

vathpela
Copy link
Contributor

The EFI 1.10 spec (and presumably earlier revisions as well) didn't have
RT->QueryVariableInfo(), and on Chris Murphy's MacBookPro8,2 , that
memory appears to be initialized randomly.

This patch changes it to not call RT->QueryVariableInfo() if the
EFI_RUNTIME_SERVICES table's major revision is less than two, and
assumes our maximum variable size is 1024 in that case.

Signed-off-by: Peter Jones pjones@redhat.com

@vathpela
Don't call QueryVariableInfo() on EFI 1.10 machines
8b59591 
The EFI 1.10 spec (and presumably earlier revisions as well) didn't have
RT->QueryVariableInfo(), and on Chris Murphy's MacBookPro8,2 , that
memory appears to be initialized randomly.

This patch changes it to not call RT->QueryVariableInfo() if the
EFI_RUNTIME_SERVICES table's major revision is less than two, and
assumes our maximum variable size is 1024 in that case.

Signed-off-by: Peter Jones <pjones@redhat.com>
martinezjavier
martinezjavier approved these changes Apr 15, 2021
View reviewed changes
Copy link
Contributor

@martinezjavier martinezjavier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@rbalint
Copy link

rbalint commented Apr 19, 2021

This fixed boot on MacBookAir 5,2 , too.

@julian-klode julian-klode mentioned this pull request Apr 20, 2021
Closed
@jsetje jsetje mentioned this pull request Apr 21, 2021
Closed
9 tasks
@xnox xnox mentioned this pull request Apr 21, 2021
Closed
9 tasks
@steve-mcintyre
Copy link
Collaborator

Looks good to me, tested locally on an Imac6,1. It's broken without this patch, and boots to grub fine after applying it.

@EgoSecure EgoSecure mentioned this pull request Apr 26, 2021
Closed
9 tasks
@vathpela vathpela merged commit 493bd94 into rhboot:main May 24, 2021
@vathpela vathpela deleted the fix-efi-1.10-machines branch May 24, 2021 20:05
@julian-klode julian-klode mentioned this pull request Jun 8, 2021
Closed
9 tasks
@pnardini pnardini mentioned this pull request Jul 13, 2021
Closed
9 tasks
@pnardini pnardini mentioned this pull request Sep 14, 2021
Closed
9 tasks
@christopherco christopherco mentioned this pull request Jan 8, 2022
Closed
9 tasks
@mirh mirh mentioned this pull request Mar 9, 2022
Closed
@mirh mirh mentioned this pull request Jul 7, 2024
Open
@eduardacatrinei
Copy link

I have the same issue on a MacBookPro15,2 with EFI version 2.40. The shim gets stuck at mok.c:236:get_max_var_sz() calling RT->QueryVariableInfoO at 0x88C466D6.

I created a shim with verbose mode enabled, and these are the logs:

sbat.c:553:set_sbat_uefi_variable() shim SBAT reparse before application 
sbat.c:339:parse_sbat_var() SBAT variable entries: 
sbat.c:344:parse_sbat_var() sbat, 1, 2021030218
pe.c:376:verify_sbat_section() SBAT section data
pe.c:378:verify_sbat_section() sbat, 1, SBAT Version, sbat, 1, https://github.co m/rhboot/shim/blob/main/SBAT.md
pe.c:378:verify_sbat_section() shim, 4, UEFI shim, shim, 1, https://github.com/rhboot/shim
pe.c:378:verify_sbat_section() shim.certus, 1, Certus Software S.R.L., shim, 15.8, mail:security@certussoftware.ro
sbat.c:138:verify_single_entry() component sbat has a matching SBAT variable entry, verifying
sbat.c:204:verify_sbat_helper() finished verifying SBAT data: Success
sbat.c:573:set_sbat_uefi_variable() SbatLevel variable is 18 bytes, attributes are 0x00000003
sbat.c:575:set_sbat_uefi_variable() Deleting SbatLevel variable.
sbat.c:609:set_sbat_uefi_variable() SbatLevel variable initialization succeeded

..... (unable to understand what is printing here check the video)

variables.c:28:fill_esl() fill_esl: first_sig-0x0, data_len=2022
mok.c:586:mirror_one_mok_variable() FullDataSize:2050 FullData:0x0
mok.c:622:mirror_one_mok_variable() v->name: "MokList" v-rtname: "MokListRT"
mok.c:623:mirror_one_mok_variable() v->data_size:0 v->data: 0x0
mok.c:624:mirror_one_mok_variable() FullDataSize:2050 FullData:0x0
mok.c:650:mirror_one_mok_variable() FullDataSize:2050 FullData:0x0 allocating FullData
mok.c:670:mirror_one_mok_variable() FullDataSize:2050 FullData:0x7650B018 p:0x7650B018 pos:0
variables.c:28:fill_esl() fill_esl: first_sig-0x7650A018, data_len=2022
mok.c:699:mirror_one_mok_variable() FullDataSize:2050 FullData:0x7650B018 p:0x7650B81A pos: 2050
mok.c:712:mirror_one_mok_variable() FullDataSize:2050 FullData:0x7650B018 p:0x7650B81A pos:2050
mok.c:740:mirror_one_mok_variable() FullDataSize:2050 FullData:0x7650B018 p:0x7650B81A pos:2050
mok.c:746:mirror_one_mok_variable() FullDataSize:2050 FullData:0x7650B018 p:0x7650B81A pos:2050
mok.c:769:mirror_one_mok_variable() FullDataSize:2050 FullData:0x7650B018 p:0x7650B81A pos:2050
mok.c:772:mirror_one_mok variable() calling mirror_mok_db("MokListRT", datasz=2050)
mok.c:228:get_max_var_sz() -> EFI 2.40 attrs: 6 #added by me.
mok.c:236:get_max_var_sz() calling RT->QueryVariableInfoO at 0x88C466D6
IMG_4971.mov

@eduardacatrinei eduardacatrinei mentioned this pull request Aug 29, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsetje jsetje jsetje approved these changes

@martinezjavier martinezjavier martinezjavier approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@vathpela @rbalint @steve-mcintyre @eduardacatrinei @martinezjavier @jsetje