efi/sb: Add API for retrieving shim loader image handles

Not reusing these handles will result in image measurements showing up twice in the event log. Signed-off-by: Mate Kukri <mate.kukri@canonical.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
2025-07-08 21:21:15 +01:00 · 2025-07-08 21:21:15 +01:00 · e31d0cd7fb
commit e31d0cd7fb
parent ed7e053a36
2 changed files with 36 additions and 2 deletions
--- a/grub-core/kern/efi/sb.c
+++ b/grub-core/kern/efi/sb.c
@ -36,6 +36,8 @@ static grub_guid_t shim_loader_guid = GRUB_EFI_SHIM_IMAGE_LOADER_GUID;
 static grub_efi_loader_t *shim_loader = NULL;
 static grub_efi_shim_lock_protocol_t *shim_lock = NULL;

+static grub_efi_handle_t last_verified_image_handle = NULL;
+
 /*
 * Determine whether we're in secure boot mode.
 *
@ -181,11 +183,25 @@ shim_lock_verifier_write (void *context __attribute__ ((unused)), void *buf, gru

  if (shim_loader != NULL)
    {
+      if (last_verified_image_handle != NULL)
+        {
+          /*
+	   * Unload the previous image because ownership of the handle was
+	   * not transfered to a loader, and a new image is being loaded.
+	   */
+          shim_loader->unload_image (last_verified_image_handle);
+          last_verified_image_handle = NULL;
+        }
+
      if (shim_loader->load_image (false, grub_efi_image_handle, NULL, buf, size, &image_handle) != GRUB_EFI_SUCCESS)
-	/* If verification fails no handle is produced */
+	/* If verification fails no handle is produced. */
        return grub_error (GRUB_ERR_BAD_SIGNATURE, N_("bad shim loader signature"));

-      shim_loader->unload_image (image_handle);
+      /*
+       * Not unloading the image here because chainloader and linux
+       * might use this handle to avoid double TPM measurements.
+       */
+      last_verified_image_handle = image_handle;
      return GRUB_ERR_NONE;
    }
  if (shim_lock != NULL)
@ -243,3 +259,17 @@ grub_is_using_legacy_shim_lock_protocol (void)
 {
  return (shim_loader == NULL && shim_lock != NULL) ? true : false;
 }
+
+grub_efi_handle_t
+grub_efi_get_last_verified_image_handle (void)
+{
+  grub_efi_handle_t tmp = last_verified_image_handle;
+
+  /*
+   * This function is intended to act as a "transfer of ownership"
+   * of the handle. We set it to NULL so that it cannot be buggily
+   * retrieved more than once and reused for the wrong image.
+   */
+  last_verified_image_handle = NULL;
+  return tmp;
+}
--- a/include/grub/efi/sb.h
+++ b/include/grub/efi/sb.h
@ -21,6 +21,7 @@

 #include <grub/types.h>
 #include <grub/dl.h>
+#include <grub/efi/api.h>

 #define GRUB_EFI_SECUREBOOT_MODE_UNSET		0
 #define GRUB_EFI_SECUREBOOT_MODE_UNKNOWN	1
@ -34,6 +35,9 @@ EXPORT_FUNC (grub_efi_get_secureboot) (void);
 extern bool
 EXPORT_FUNC (grub_is_using_legacy_shim_lock_protocol) (void);

+extern grub_efi_handle_t
+EXPORT_FUNC (grub_efi_get_last_verified_image_handle) (void);
+
 extern void
 grub_shim_lock_verifier_setup (void);
 #else