Searched refs:shim_lock (Results 1 – 14 of 14) sorted by relevance
4 Subject: [PATCH] shim_lock: Only skip loading shim_lock verifier with explicit7 Commit 32ddc42c (efi: Only register shim_lock verifier if shim_lock12 Under Secure Boot enforce loading shim_lock verifier. Allow skipping13 shim_lock verifier if SecureBoot/MokSBState EFI variables indicate16 Fixes: 132ddc42c (efi: Only register shim_lock verifier if shim_lock41 boot and the shim. This functionality is provided by the shim_lock verifier. It44 +enabled. The @samp{shim_lock} variable is set to @samp{y} when shim_lock verifier46 +disable shim_lock by disabling shim verification with MokSbState UEFI variable75 + /* shim_lock is missing, check if GRUB image is built with --disable-shim-lock. */86 + /* Secure Boot is off. Do not load shim_lock. */[all …]
4 Subject: [PATCH] efi: Make shim_lock GUID and protocol type public8 subsequent patches. The shim_lock protocol type is made public for19 grub-core/commands/efi/shim_lock.c | 12 ------------23 diff --git a/grub-core/commands/efi/shim_lock.c b/grub-core/commands/efi/shim_lock.c25 --- a/grub-core/commands/efi/shim_lock.c26 +++ b/grub-core/commands/efi/shim_lock.c
33 - /* Register the shim_lock verifier if UEFI Secure Boot is enabled. */36 + * Lockdown the GRUB and register the shim_lock verifier
13 also properly separate the concerns. Since the shim_lock verifier logic42 @@ -5752,12 +5755,12 @@ boot and the shim. This functionality is provided by the shim_lock verifier…51 -shim_lock verifier logic.
7 The shim_lock verifier validates the XNU kernels but no its extensions
4 Subject: [PATCH] efi: Move the shim_lock verifier to the GRUB core6 Move the shim_lock verifier from its own module into the core image. The23 grub-core/commands/efi/shim_lock.c | 130 -29 delete mode 100644 grub-core/commands/efi/shim_lock.c39 -boot and the shim. This functionality is provided by the shim_lock module. It41 +boot and the shim. This functionality is provided by the shim_lock verifier. It50 -shim_lock module. And itself it is a persistent module which means that52 +shim_lock verifier logic.65 -platform_PROGRAMS += shim_lock.module66 -MODULE_FILES += shim_lock.module$(EXEEXT)[all …]
27 For example, PE/COFF binaries verification can be done by the shim_lock28 verifier which validates the signatures using the shim_lock protocol.29 However, the verification is not deferred directly to the shim_lock verifier.30 The shim_lock verifier is hooked into the verification process instead.
70 platform_PROGRAMS += shim_lock.module300 name = shim_lock;301 common = commands/efi/shim_lock.c;795 @COND_x86_64_efi_TRUE@shim_lock_module_SOURCES = commands/efi/shim_lock.c ## platform sources1113 …@COND_x86_64_efi_TRUE@shim_lock.marker: $(shim_lock_module_SOURCES) $(nodist_shim_lock_module_SOUR…
348 mutex_lock(sdw->link_res->shim_lock); in intel_link_power_up()409 mutex_unlock(sdw->link_res->shim_lock); in intel_link_power_up()472 mutex_lock(sdw->link_res->shim_lock); in intel_shim_init()499 mutex_unlock(sdw->link_res->shim_lock); in intel_shim_init()510 mutex_lock(sdw->link_res->shim_lock); in intel_shim_wake()527 mutex_unlock(sdw->link_res->shim_lock); in intel_shim_wake()538 mutex_lock(sdw->link_res->shim_lock); in intel_link_power_down()576 mutex_unlock(sdw->link_res->shim_lock); in intel_link_power_down()586 mutex_lock(sdw->link_res->shim_lock); in intel_shim_sync_arm()593 mutex_unlock(sdw->link_res->shim_lock); in intel_shim_sync_arm()[all …]
231 mutex_init(&ctx->shim_lock); in sdw_intel_probe_controller()256 link->shim_lock = &ctx->shim_lock; in sdw_intel_probe_controller()
34 struct mutex *shim_lock; /* protect shared registers */ member
129 struct mutex shim_lock; /* lock for access to shared SHIM registers */ member
4 Subject: [PATCH] kern/efi/sb: Reject non-kernel files in the shim_lock
34 file://CVE-2022-28735-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch \