diff --git a/backport-Fix-the-issue-that-the-gBS-LoadImage-pointer-was-emp.patch b/backport-Fix-the-issue-that-the-gBS-LoadImage-pointer-was-emp.patch new file mode 100644 index 0000000000000000000000000000000000000000..2e61043bb55394834ca8e0478f44c046803efde5 --- /dev/null +++ b/backport-Fix-the-issue-that-the-gBS-LoadImage-pointer-was-emp.patch @@ -0,0 +1,39 @@ +From 712097206702f26e96be3f7ba79eb52d00e1f658 Mon Sep 17 00:00:00 2001 +From: jinlun <869793317@qq.com> +Date: Sat, 2 Nov 2024 17:21:22 +0800 +Subject: [PATCH] Fix the issue that the gBS->LoadImage pointer was empty. + +The interface shouldn't be replaced at the shim_fini + stage When the vendor certificate doesn't exist. + +Signed-off-by: jinlun <869793317@qq.com> +Signed-off-by: xuce +--- + shim.c | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/shim.c b/shim.c +index 547b052..aa74610 100644 +--- a/shim.c ++++ b/shim.c +@@ -1651,11 +1651,12 @@ shim_fini(void) + uninstall_shim_protocols(); + + if (secure_mode()) { +- +- /* +- * Remove our hooks from system services. +- */ +- unhook_system_services(); ++ if (vendor_authorized_size || vendor_deauthorized_size) { ++ /* ++ * Remove our hooks from system services. ++ */ ++ unhook_system_services(); ++ } + } + + unhook_exit(); +-- +2.33.0 + diff --git a/shim.spec b/shim.spec index cbe0d92b2530d09b3491095f6979e1f209968885..97dedce8fddcc71d5e0eee8b7e682d08357e7a4f 100644 --- a/shim.spec +++ b/shim.spec @@ -25,7 +25,7 @@ Name: shim Version: 15.7 -Release: 15 +Release: 16 Summary: First-stage UEFI bootloader ExclusiveArch: x86_64 aarch64 License: BSD @@ -55,6 +55,7 @@ Patch15:backport-CVE-2024-0727.patch Patch16:backport-Always-clear-SbatLevel-when-Secure-Boot-is-disabled.patch Patch17:backport-Align-section-size-up-to-page-size-for-mem-attrs.patch Patch18:backport-shim-don-t-set-second_stage-to-the-empty-string.patch +Patch19:backport-Fix-the-issue-that-the-gBS-LoadImage-pointer-was-emp.patch # Feature for shim SMx support Patch9000:Feature-shim-openssl-add-ec-support.patch @@ -212,6 +213,9 @@ make test /usr/src/debug/%{name}-%{version}-%{release}/* %changelog +* Mon Jan 20 2025 xuce -15.7-16 +- fix the issue that the gBS->LoadImage pointer was empty. + * Tue Oct 29 2024 yanglongkang -15.7-15 - Correct the signature code.