Releases: rhboot/shim
Releases · rhboot/shim
shim-16.0-rc1
What's Changed
- Validate that a supplied vendor cert is not in PEM format by @steve-mcintyre in #646
- sbat: Add grub.peimage,2 to latest (CVE-2024-2312) by @julian-klode in #651
- sbat: Also bump latest for grub,4 (and to todays date) by @julian-klode in #653
- undo change that limits certificate files to a single file by @jsetje in #659
- shim: don't set second_stage to the empty string by @jjd27 in #640
- Fix SBAT.md for today's consensus about numbers by @aronowski in #672
- Update Code of Conduct contact address by @aronowski in #683
- make-certs: Handle missing OpenSSL installation by @aronowski in #595
- Update MokVars.txt by @mikebeaton in #598
- export DEFINES for sub makefile by @bryteise in #600
- Drop unused EFI_IMAGE_SECURITY_DATABASE_GUID definition by @vittyvk in #609
- Null-terminate 'arguments' in fallback by @vittyvk in #611
- Fix "Verifiying" typo in error message by @chrisbainbridge in #706
- Update Fedora CI targets by @vathpela in #708
- Force gcc to produce DWARF4 so that gdb can use it by @mikebeaton in #607
- Minor housekeeping 2024121700 by @vathpela in #709
- Discard load-options that start with WINDOWS by @Metabolix in #621
- Fix the issue that the gBS->LoadImage pointer was empty. by @15058718379 in #703
- shim: Allow data after the end of device path node in load options by @dbnicholson in #694
- Handle network file not found like disks by @dbnicholson in #695
- Update gnu-efi submodule for EFI_HTTP_ERROR by @vathpela in #674
- Increase EFI file alignment by @lumag in #673
- avoid EFIv2 runtime services on Apple x86 machines by @eduardacatrinei in #690
- Improve shortcut performance when comparing two boolean expressions by @dennis-tseng99 in #667
- Provide better error message when MokManager is not found by @rmetrich in #663
- tpm: Boot with a warning if the event log is full by @kukrimate in #657
- MokManager: remove redundant logical constraints by @xypron in #409
- Test import_mok_state() when MokListRT would be bigger than available size by @vathpela in #417
- test-mok-mirror: minor bug fix by @vathpela in #715
- Fix file system browser hang when enrolling MOK from disk by @miczyg1 in #622
- Ignore a minor clang-tidy nit by @vathpela in #716
- Allow fallback to default loader when encountering errors on network boot by @nathan-omeara in #666
- test.mk: don't use a temporary random.bin by @vathpela in #718
- pe: Enhance debug report for update_mem_attrs by @jongwu in #594
- Multiple certificate handling improvements by @rosslagerwall in #644
- Generate SbatLevel Metadata from SbatLevel_Variable.txt by @jsetje in #711
- Apply EKU check with compile option by @dennis-tseng99 in #664
- Add configuration option to boot an alternative 2nd stage by @esnowberg in #608
- Loader protocol (with Device Path resolution support) by @kukrimate in #656
- netboot cleanup for additional files by @jsetje in #686
- Document how revocations can be delivered by @jsetje in #722
- post-process-pe: add tests to validate NX compliance by @vathpela in #705
- regression: CopyMem() in ad8692e copies out of bounds by @jsetje in #725
- Save the debug and error logs in mok-variables by @vathpela in #726
- Add features for the Host Security ID program by @vathpela in #660
- Mirror some more efi variables to mok-variables by @vathpela in #723
- This adds DXE Services measurements to HSI and uses them for NX by @vathpela in #724
- Add shim's current NX_COMPAT status to HSIStatus by @vathpela in #727
- README.tpm: reflect that vendor_db is in fact logged as "vendor_db" by @jsetje in #728
- Reject HTTP message with duplicate Content-Length header fields by @dennis-tseng99 in #637
- Disable log saving by @vathpela in #729
- fallback: don't add new boot order entries backwards by @vathpela in #730
New Contributors
- @jjd27 made their first contribution in #640
- @mikebeaton made their first contribution in #598
- @bryteise made their first contribution in #600
- @vittyvk made their first contribution in #609
- @chrisbainbridge made their first contribution in #706
- @Metabolix made their first contribution in #621
- @15058718379 made their first contribution in #703
- @dbnicholson made their first contribution in #694
- @lumag made their first contribution in #673
- @eduardacatrinei made their first contribution in #690
- @kukrimate made their first contribution in #657
- @miczyg1 made their first contribution in #622
- @nathan-omeara made their first contribution in #666
- @jongwu made their first contribution in #594
- @rosslagerwall made their first contribution in #644
Full Changelog: 15.8...16.0-rc1
Contributors
bryteise, lumag, and 22 other contributors
Assets 3
shim 15.8
What's New
* Various CVE fixes:
CVE-2023-40546 mok: fix LogError() invocation
CVE-2023-40547 - avoid incorrectly trusting HTTP headers
CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit system
CVE-2023-40549 Authenticode: verify that the signature header is in bounds.
CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat()
CVE-2023-40551: pe-relocate: Fix bounds check for MZ binaries
What's Changed
- Make sbat_var.S parse right with buggy gcc/binutils by @vathpela in #535
- Enable the NX compatibility flag by default. by @vathpela in #530
- CryptoPkg/BaseCryptLib: Fix buffer overflow issue in realloc wrapper by @nicholasbishop in #546
- pe: Align section size up to page size for mem attrs by @nicholasbishop in #539
- Don't loop forever in load_certs() with buggy firmware by @rmetrich in #547
- Optionally allow to keep shim protocol installed by @bluca in #565
- Drop invalid calls to
CRYPTO_set_mem_functionsby @nicholasbishop in #537 - test-sbat: Fix exit code by @nicholasbishop in #540
- Block Debian grub binaries with SBAT < 4 by @steve-mcintyre in #550
- SBAT-related documents formatting and spelling by @aronowski in #566
- Add a security contact email address in README.md by @vathpela in #572
- Add SbatLevel_Variable.txt to document the various revocations by @jsetje in #569
- Use -Wno-unused-but-set-variable for Cryptlib and OpenSSL by @vathpela in #576
- Minor housekeeping by @vathpela in #578
- Test ImageAddress() by @vathpela in #579
- Verify signature before verifying sbat levels by @jsetje in #583
- Add libFuzzer support for csv.c and sbat.c by @vathpela in #584
- mok: Avoid underflow in maximum variable size calculation by @alpernebbi in #587
- Housekeeping by @vathpela in #605
- mok: fix LogError() invocation by @vathpela in #577
New Contributors
- @bluca made their first contribution in #565
- @aronowski made their first contribution in #566
- @alpernebbi made their first contribution in #587
Full Changelog: 15.7...15.8
Contributors
bluca, nicholasbishop, and 6 other contributors
Assets 4
shim 15.7
15.7
This tag was signed with the committer’s verified signature.
frozencemetery
Robbie Harwood
What's Changed
- Make SBAT variable payload introspectable by @chrisccoulson in #483
- Reference MokListRT instead of MokList by @esnowberg in #488
- Add a link to the test plan in the readme. by @vathpela in #494
- [V3] Enable TDX measurement to RTMR register by @kenplusplus in #485
- Discard load-options that start with a NUL by @frozencemetery in #505
- load_cert_file bugs by @esnowberg in #523
- Add -malign-double to IA32 compiler flags by @nicholasbishop in #516
- pe: Fix image section entry-point validation by @iokomin in #518
- make-archive: Build reproducible tarball by @julian-klode in #527
- mok: remove MokListTrusted from PCR 7 by @baloo in #519
New Contributors
- @kenplusplus made their first contribution in #485
- @iokomin made their first contribution in #518
- @baloo made their first contribution in #519
Full Changelog: 15.6...15.7
Contributors
baloo, chrisccoulson, and 7 other contributors
Assets 3
shim-15.6
15.6
This tag was signed with the committer’s verified signature.
The key has expired.
vathpela
Peter Jones
- What's Changed
- MokManager: removed Locate graphic output protocol fail error message by @joeyli in #441
- shim: implement SBAT verification for the shim_lock protocol by @chrisccoulson in #456
- post-process-pe: Fix a missing return code check by @vathpela in #462
- Update github actions matrix to be more useful by @frozencemetery in #469
- Add f36 and centos9 CI builds by @vathpela in #470
- post-process-pe: Fix format string warnings on 32-bit platforms by @steve-mcintyre in #464
- tests: also look for system headers in multi-arch directories by @steve-mcintyre in #466
- tests: fix gcc warnings by @akodanev in #463
- Allow MokListTrusted to be enabled by default by @esnowberg in #455
- Add code of conduct by @frozencemetery in #427
- Re-add ARM AArch64 support by @vathpela in #468
- Use ASCII as fallback if Unicode Box Drawing characters fail by @vathpela in #428
- make: don't treat cert.S specially by @vathpela in #475
- shim: use SHIM_DEVEL_VERBOSE when built in devel mode by @vathpela in #474
- Break out of the inner sbat loop if we find the entry. by @vathpela in #476
- Support loading additional certificates by @esnowberg in #446
- Add support for NX (W^X) mitigations. by @vathpela in #459
- Misc fixups from scan-build. by @vathpela in #477
- Fix preserve_sbat_uefi_variable() logic by @jsetje in #478
- SBAT Policy latest should be a one-shot by @jsetje in #481
- pe: Fix a buffer overflow when SizeOfRawData > VirtualSize by @chriscoulson
- pe: Perform image verification earlier when loading grub by @chriscoulson
- Update advertised sbat generation number for shim by @jsetje
- Update SBAT generation requirements for 05/24/22 by @jsetje
- Also avoid CVE-2022-28737 in verify_image() by @vathpela
- New Contributors
- @joeyli made their first contribution in #441
- @akodanev made their first contribution in #463
- @esnowberg made their first contribution in #455
- Full Changelog**: 15.5...15.6
Contributors
chrisccoulson, joeyli, and 6 other contributors
Assets 3
shim 15.6 rc1
15.6-rc1
This tag was signed with the committer’s verified signature.
The key has expired.
vathpela
Peter Jones
What's Changed
- MokManager: removed Locate graphic output protocol fail error message by @joeyli in #441
- shim: implement SBAT verification for the shim_lock protocol by @chrisccoulson in #456
- post-process-pe: Fix a missing return code check by @vathpela in #462
- Update github actions matrix to be more useful by @frozencemetery in #469
- Add f36 and centos9 CI builds by @vathpela in #470
- post-process-pe: Fix format string warnings on 32-bit platforms by @steve-mcintyre in #464
- tests: also look for system headers in multi-arch directories by @steve-mcintyre in #466
- tests: fix gcc warnings by @akodanev in #463
- Allow MokListTrusted to be enabled by default by @esnowberg in #455
- Add code of conduct by @frozencemetery in #427
- Re-add ARM AArch64 support by @vathpela in #468
- Use ASCII as fallback if Unicode Box Drawing characters fail by @vathpela in #428
- make: don't treat cert.S specially by @vathpela in #475
- shim: use SHIM_DEVEL_VERBOSE when built in devel mode by @vathpela in #474
- Break out of the inner sbat loop if we find the entry. by @vathpela in #476
- Support loading additional certificates by @esnowberg in #446
- Add support for NX (W^X) mitigations. by @vathpela in #459
- Misc fixups from scan-build. by @vathpela in #477
- Fix preserve_sbat_uefi_variable() logic by @jsetje in #478
New Contributors
- @joeyli made their first contribution in #441
- @akodanev made their first contribution in #463
- @esnowberg made their first contribution in #455
Full Changelog: 15.5...15.6-rc1
Contributors
chrisccoulson, joeyli, and 6 other contributors
Assets 3
15.5
15.5
This tag was signed with the committer’s verified signature.
frozencemetery
Robbie Harwood
What's Changed
- Broken ia32 relocs and an unimportant submodule change. by @vathpela in #357
- mok: allocate MOK config table as BootServicesData by @lcp in #361
- Don't call QueryVariableInfo() on EFI 1.10 machines by @vathpela in #364
- Relax the check for import_mok_state() by @lcp in #372
- SBAT.md: trivial changes by @hallyn in #389
- shim: another attempt to fix load options handling by @chrisccoulson in #379
- Add tests for our load options parsing. by @vathpela in #390
- arm/aa64: fix the size of .rela* sections by @lcp in #383
- mok: fix potential buffer overrun in import_mok_state by @jyong2 in #365
- mok: relax the maximum variable size check by @lcp in #369
- Don't unhook ExitBootServices when EBS protection is disabled by @sforshee in #378
- fallback: find_boot_option() needs to return the index for the boot entry in optnum by @jsetje in #396
- httpboot: Ignore case when checking HTTP headers by @frozencemetery in #403
- Fallback allocation errors by @vathpela in #402
- shim: avoid BOOTx64.EFI in message on other architectures by @xypron in #406
- str: remove duplicate parameter check by @xypron in #408
- fallback: add compile option FALLBACK_NONINTERACTIVE by @xnox in #359
- Test mok mirror by @vathpela in #394
- Modify sbat.md to help with readability. by @eshiman in #398
- csv: detect end of csv file correctly by @xypron in #404
- Specify that the .sbat section is ASCII not UTF-8 by @daxtens in #413
- tests: add "include-fixed" GCC directory to include directories by @diabonas in #415
- pe: simplify generate_hash() by @xypron in #411
- Don't make shim abort when TPM log event fails (RHBZ #2002265) by @rmetrich in #414
- Fallback to default loader if parsed one does not exist by @julian-klode in #393
- fallback: Fix for BootOrder crash when index returned by find_boot_option() is not in current BootOrder list by @rmetrich in #422
- Better console checks by @vathpela in #416
- docs: update SBAT UEFI variable name by @nicholasbishop in #421
- Don't parse load options if invoked from removable media path by @julian-klode in #399
- fallback: fix fallback not passing arguments of the first boot option by @martinezjavier in #433
- shim: Don't stop forever at "Secure Boot not enabled" notification by @rmetrich in #438
- Shim 15.5 coverity by @vathpela in #439
- Allocate mokvar table in runtime memory. by @vathpela in #447
- Remove post-process-pe on 'make clean' by @vathpela in #448
- pe: missing perror argument by @xypron in #443
New Contributors
- @hallyn made their first contribution in #389
- @jyong2 made their first contribution in #365
- @sforshee made their first contribution in #378
- @frozencemetery made their first contribution in #403
- @xypron made their first contribution in #406
- @eshiman made their first contribution in #398
- @daxtens made their first contribution in #413
- @rmetrich made their first contribution in #414
- @julian-klode made their first contribution in #393
Full Changelog: 15.4...15.5
Contributors
xnox, lcp, and 15 other contributors
Assets 3
shim 15.5 release candidate 2
15.5-rc2
This tag was signed with the committer’s verified signature.
The key has expired.
vathpela
Peter Jones
What's Changed
- Don't parse load options if invoked from removable media path by @julian-klode in #399
- fallback: fix fallback not passing arguments of the first boot option by @martinezjavier in #433
- shim: Don't stop forever at "Secure Boot not enabled" notification by @rmetrich in #438
- Shim 15.5 coverity by @vathpela in #439
Full Changelog: 15.5-rc1...15.5-rc2
Contributors
martinezjavier, vathpela, and 2 other contributors
Assets 3
shim 15.5 release candidate 1
15.5-rc1
This tag was signed with the committer’s verified signature.
The key has expired.
vathpela
Peter Jones
What's Changed
- Broken ia32 relocs and an unimportant submodule change. by @vathpela in #357
- mok: allocate MOK config table as BootServicesData by @lcp in #361
- Don't call QueryVariableInfo() on EFI 1.10 machines by @vathpela in #364
- Relax the check for import_mok_state() by @lcp in #372
- SBAT.md: trivial changes by @hallyn in #389
- shim: another attempt to fix load options handling by @chrisccoulson in #379
- Add tests for our load options parsing. by @vathpela in #390
- arm/aa64: fix the size of .rela* sections by @lcp in #383
- mok: fix potential buffer overrun in import_mok_state by @jyong2 in #365
- mok: relax the maximum variable size check by @lcp in #369
- Don't unhook ExitBootServices when EBS protection is disabled by @sforshee in #378
- fallback: find_boot_option() needs to return the index for the boot entry in optnum by @jsetje in #396
- httpboot: Ignore case when checking HTTP headers by @frozencemetery in #403
- Fallback allocation errors by @vathpela in #402
- shim: avoid BOOTx64.EFI in message on other architectures by @xypron in #406
- str: remove duplicate parameter check by @xypron in #408
- fallback: add compile option FALLBACK_NONINTERACTIVE by @xnox in #359
- Test mok mirror by @vathpela in #394
- Modify sbat.md to help with readability. by @eshiman in #398
- csv: detect end of csv file correctly by @xypron in #404
- Specify that the .sbat section is ASCII not UTF-8 by @daxtens in #413
- tests: add "include-fixed" GCC directory to include directories by @diabonas in #415
- pe: simplify generate_hash() by @xypron in #411
- Don't make shim abort when TPM log event fails (RHBZ #2002265) by @rmetrich in #414
- Fallback to default loader if parsed one does not exist by @julian-klode in #393
- fallback: Fix for BootOrder crash when index returned by find_boot_option() is not in current BootOrder list by @rmetrich in #422
- Better console checks by @vathpela in #416
- docs: update SBAT UEFI variable name by @nicholasbishop in #421
New Contributors
- @hallyn made their first contribution in #389
- @jyong2 made their first contribution in #365
- @sforshee made their first contribution in #378
- @frozencemetery made their first contribution in #403
- @xypron made their first contribution in #406
- @eshiman made their first contribution in #398
- @daxtens made their first contribution in #413
- @rmetrich made their first contribution in #414
Full Changelog: 15.4...15.5-rc1
As usual, please use the tarball attached below.
Contributors
xnox, lcp, and 14 other contributors
Assets 3
shim-15.4
15.4
This tag was signed with the committer’s verified signature.
The key has expired.
vathpela
Peter Jones
This is a critical bugfix release. Don't use 15.3, as the SBAT self-check is
broken.
As usual, please use the shim-15.4.tar.bz2 tarball, rather than the other two archives github automatically produces.
Many thanks to all who helped out, including but not limited to these
contributions:
Chris Co (1):
Makefile: sort vendor sbats to remove duplicates
Jan Setje-Eilers (3):
Move the check for the SBAT variable properties to its own function.
Fix SBAT variable content validation.
Change SBAT variable name to SbatLevel
Peter Jones (13):
CI: don't use 'make -s'; it's more trouble than help.
arm/aa64: Swizzle some sections to make old sbsign happier.
Make building outside of the top directory work.
make: make 'make install-as-data' install BOOT*.CSV
make: Fix search paths for vendor sbat.*.csv files
test_parse_sbat_section_too_many_elem(): free section entries
parse_sbat_var_data()/cleanup_sbat_var(): fix free logic
test_verify_sbat_null_sbat_section(): call cleanup_sbat_var()
Fix openssl's 'make clean'
sbat: add more dprint()
arm/aa64 targets: put .rel* and .dyn* in .rodata
Fix an off-by-one on the sbat self-check.
Update version to 15.4
shim 15.3
15.3
This tag was signed with the committer’s verified signature.
The key has expired.
vathpela
Peter Jones
Some highlights:
- Support for revocations via the ".sbat" section and SBAT EFI variable
- A new unit test framework and a bunch of unit tests
- No external gnu-efi dependency
- Better CI (with more yet needed)
As usual, please use the shim-15.3.tar.bz2 tarball, rather than the other two archives github automatically produces.
Many thanks to all who helped out, including but not limited to these
contributions:
Alex Burmashev (4):
strndupa: allocate len + 1, so that \0 is not lost
add list_empty to linked list primitives
pe.c: parse SBAT variable and perform basic verification
Fix compilation for older gcc
Chris Co (2):
sbat: add minor fixes to parse_sbat
Add initial sbat unit testing code
Chris Coulson (8):
Fix sbsign command usage
Rename check_{white,black}list to check_{allow,deny}list
build: Pass the correct paths to sbsign
Include missing .text sections in PE/COFF binary
sbat: Don't assume VirtualSize == SizeOfRawData
Ensure that MOK variable mirroring creates well formed ESLs
Avoid creating unnecessary mirrored MOK variables
Fix boot failures due to variable size constraints
Colin Walters (1):
Convert README -> README.md
Dimitri John Ledkov (2):
Add testsuite to the github pull request workflow.
Drop comments, and make push workflow use same matrix as
pullrequest.
Gary Lin (9):
src/netboot.c: remove the execute bit
lib: move print_crypto_errors() out of console.c
console: Move the countdown function to console.c
fallback: show a countdown menu before reset
sbat: fix the gcc warnings
sbat: fix the residual "resource section" for SBAT
Restore loaded image of shim at Exit()
Set the section flags for .sbat
arm and aarch64: include the aligned part in SizeOfRawData of sbat
Hai Huang (1):
Fix EV_EFI_VARIABLE_AUTHORITY event in eventlog
Jan Setje-Eilers (8):
Add Secure Boot Advanced Targeting (SBAT) specification document
Add --set-section-alignment '.sbat=512' to objcopy command line
Drop --set-section-alignment from Makefile since linker ALIGN(4096)
already enforces the alignment, clarify that objcopy only needs to
do the alignment in the SBAT spec.
If the SBAT UEFI variable is not set, initialize it as a
bootservices variable.
Javier Martinez Canillas (10):
Add a .sbat section to EFI binaries
Add a function to parse the SBAT metadata from the .sbat section
sbat: remove unused buffer parameter in parse_sbat() function
sbat: use correct type for parse_sbat_var() return value
Don't re-parse the SBAT EFI variable for each binary we load.
sbat: include NULL terminator when calculating buffer end in
parse_sbat()
shim: initialize OpenSSL after parsing SBAT data
sbat: make shim to parse it's own .sbat section on init
shim: Fix a NULL pointer dereference caused by start not being set
shim: Use the default loader if an EFI_LOAD_OPTION can't be parsed
Jia Zhang (1):
Ignore *.hash
João Paulo Rechi Vita (8):
fallback: Store label size instead of calculating on every use
fallback: Consider all Boot* vars when checking for duplicates
fallback: Only use VerbosePrint for debug messages
fallback: Be silent by default
fallback: Print original BootOrder value in verbose mode
fallback: Wait before chainloading in verbose mode
fallback: Make verbose mode's wait time configurable
fallback: Allow defining FALLBACK_VERBOSE at build time
Lisa White (1):
Fix typo in a comment
Luca Boccassi (1):
Makefile: use fixed build host if SOURCE_DATE_EPOCH is defined
Mathieu Trudel-Lapierre (1):
Add mm/fb hashing to TODO, put that and related things under
'Reproducible builds'
Matthew Garrett (1):
build: Import gnu-efi as a submodule and build against it
Nicholas Bishop (1):
BUILDING: Fix a typo
Paul Menzel (1):
README: Remove superfluous *and*
Paul Moore (7):
shim: compile time option to bypass the ExitBootServices() check
build: add some basic $EFI_PATH checking
SBAT: fix some typos in the SBAT docs
SBAT: update the raw Markdown to look less terrible
openssl: fix various build errors and warnings
shim: attempt to improve the argument handling
build: load local build configuration from Make.local if present
Peter Jones (119):
Use github actions for CI builds
Split up push and PR CI/CD and build all patches in series on PRs
Try to kick the github PR workflow...
Add a .clang-format file.
Always use lower case for our local include file names.
Work around some clang-format oddnesses
Renaming PeImage.h to pe.h wasn't actually a good idea.
Fix pe.h -> peimage.h in /both/ places.
github workflows: Unify the x86 pull request build rules steps
github workflows: add the sbat branch to one PR builds run for
efi bins: add an easy way for vendors to add .sbat data
Remove my .syntastic_c_config, it doesn't belong in the repo.
includes: add strchra() and strchrnula() impls
Move a bunch of PE-related stuff out of shim.c
Refactor some PE handling code
Add some more PE helpers we need for SBAT
Add the beginning of .sbat parsing stuff
SBAT: parse a copy of the table that's got a NUL at the end
Add an example SBAT workflow document
Add some linked list primitives.
get_variable: always allocate a NUL character at the end.
add an ascii strndup() implementation.
sbat: make the includes work like everything else.
We're not using travis-build.sh any more.
Try to make coverity.mk work without cov-build installed.
Try to make scan-build.mk work without scan-build installed.
Add some more TODOs for shim 16
Add another unfortunate TODO entry.
Add some *more* TODO tasks.
Add fallback boot loop detection to TODO
Also ignore .sw?
Add screen logs to .gitignore
Add .cer/.crt/.esl to .gitignore
BUILDING: fix missing DISABLE_EBS_PROTECTION section
Re-alphabetize .gitignore.
.gitignore: add build dirs and shim_cert.h
.gitignore: ignore .gdbinit
Fix up a bunch of our license statements and add SPDX most places
SPDX: Clarify the attribution for crypt_blowfish
SPDX: Clarify the attribution for James's lib/ code
Make sure MIN() and MAX() are always defined.
console: Fix a typo in the EFI warning list in gnu-efi
Fix a bunch of trivial trailing whitespace issues.
Make httpboot.c always get built.
Make the variable name and pointer const in all of our efi vars
functions
Add ENABLE_SHIM_DEVEL config to change what our debug variable
name is
Use gcc -Os instead of -O0.
sbat: clang-format the whole thing.
SBAT: make the variable be CSV in our spec.
SBAT: Fix all the docs examples to start with version 1
Fix an off by one in strnlena()
shim: use an enum for efi_main's error messages.
sbat: drop the struct sbat and just use two variables instead
parse_sbat: handle the realloc failure leak and batch allocations.
pe.c: move sbat verification to its own function.
sbat: Fix two NULL derefs found with "gcc -fanalyzer"
tpm: minor cleanup: use EV_IPL not 0xd
Document struct mok_state_variable better.
SBAT: mirror SBAT to SbatRT and extend to PCR7 + log
Move the coverity and scan-build makefiles out of the top directory
Make 'make fanalyzer' targets
compiler.h: fix a typo and add some more function attribute macros
Fix all the places we need UNUSED on arguments.
Tidy up our string primitives...
Add a list_size() primitive
Move is_utf8_bom() to str.h
includes: include all gnu-efi includes at one place.
Fix our debuginfo paths hopefully
Add a stand-alone CSV parser.
SBAT: make our sbat section parser use the csv parser
SBAT: make our SBAT variable parser use the CSV parser
make 'make test' able to run unit test harnesses
Add a tester for our string functions.
Add test cases for our CSV parser.
Fix-up and enable a bunch of .sbat section parsing tests.
Make verify_sbat() more testable
Fix two errant 'shim,0' outdated sbat cases.
Add get_variable_size()/set_variable()del_variable() wrappers.
CI: try to update submodules
CI: show our compilation when it fails
Re-organize a bunch of CFLAGS-related makefile bits
Minor OpenSSL fixes
static analysis: make our build targets work better
More minor makefile cleanups
Switch to using -std=gnu11
Don't use WCHAR even when we're assigning wide string literals
Cryptlib: make some Str*() args const.
Restructure our includes.
Fix Cryptlib'...