-
Bug
-
Resolution: Done-Errata
-
Critical
-
rhel-7.9.z
-
shim-15.8-1.el7
-
Yes
-
Critical
-
rhel-sst-cs-bootloaders
-
ssg_display
-
13
-
False
-
-
None
-
None
-
If docs needed, set a value
-
-
x86_64
-
None
Description of problem:
Booting BOOTX64.EFI fails after it prints "Verification failed: Security Policy Violation".
Verbose mode shows this happens due to some "self signed certificate in certificate chain":
-------- 8< ---------------- 8< ---------------- 8< ---------------- 8< --------
shim.c:866:load_image() attempting to load \EFI\BOOT\fbx64.efi^M
shim.c:737:verify_buffer_sbat() sbat section base:0x7CCED418 size:0x200^M
pe.c:868:verify_sbat_section() SBAT section data^M
pe.c:876:verify_sbat_section() sbat, 1, SBAT Version, sbat, 1, https://github.com/rhboot/shim/blob/main/SBAT.md^M
pe.c:876:verify_sbat_section() shim, 2, UEFI shim, shim, 1, https://github.com/rhboot/shim^M
sbat.c:126:verify_single_entry() component sbat has a matching SBAT variable entry, verifying^M
sbat.c:191:verify_sbat_helper() finished verifying SBAT data: Success^M
pe.c:571:generate_hash() sha1 authenticode hash:^M
pe.c:572:generate_hash() 00000000 XX XX XX XX XX XX XX XX XX XX XX XX 56 b0 81 0d XXXXXXXXXXXX|V...|^M
pe.c:572:generate_hash() 00000004 3a 19 2f 84 29 f8 97 69 91 11 23 84 ed d6 8e a3 |:./.)..i..#.....|^M
pe.c:573:generate_hash() sha256 authenticode hash:^M
pe.c:574:generate_hash() 00000000 7a b6 3b 1a f6 ae a2 5c 99 6a 38 8e fa d8 aa fb |z.;....\.j8.....|^M
pe.c:574:generate_hash() 00000010 3f 09 72 e8 90 17 97 7d 8e 72 7d 6b 94 ff 05 c6 |?.r....}.r}k....|^M
shim.c:611:verify_buffer_authenticode() check_allowlist: Not Found^M
shim.c:665:verify_buffer_authenticode() Attempting to verify signature 0:^M
shim.c:154:check_db_cert_in_ram() trying to verify cert 0 (db)^M
shim.c:154:check_db_cert_in_ram() trying to verify cert 1 (db)^M
shim.c:154:check_db_cert_in_ram() trying to verify cert 0 (vendor_db)^M
shim.c:154:check_db_cert_in_ram() trying to verify cert 0 (MokListRT)^M
shim.c:687:verify_buffer_authenticode() Binary is not authorized^M
shim.c:354 check_allowlist() check_db_hash(db, sha256hash) != DATA_FOUND^M^M
shim.c:362 check_allowlist() check_db_hash(db, sha1hash) != DATA_FOUND^M^M
shim.c:385 check_allowlist() check_db_hash(vendor_db, sha256hash) != DATA_FOUND^M^M
shim.c:406 check_allowlist() check_db_hash(MokListRT, sha256hash) != DATA_FOUND^M^M
shim.c:610 verify_buffer_authenticode() check_allowlist(): Not Found^M^M
shim.c:354 check_allowlist() check_db_hash(db, sha256hash) != DATA_FOUND^M^M
shim.c:362 check_allowlist() check_db_hash(db, sha1hash) != DATA_FOUND^M^M
shim.c:169 check_db_cert_in_ram() AuthenticodeVerify(): 0^M^M
shim.c:169 check_db_cert_in_ram() AuthenticodeVerify(): 0^M^M
shim.c:370 check_allowlist() check_db_cert(db, sha256hash) != DATA_FOUND^M^M
shim.c:385 check_allowlist() check_db_hash(vendor_db, sha256hash) != DATA_FOUND^M^M
shim.c:169 check_db_cert_in_ram() AuthenticodeVerify(): 0^M^M
shim.c:395 check_allowlist() check_db_cert(vendor_db, sha256hash) != DATA_FOUND^M^M
shim.c:406 check_allowlist() check_db_hash(MokListRT, sha256hash) != DATA_FOUND^M^M
shim.c:169 check_db_cert_in_ram() AuthenticodeVerify(): 0^M^M
shim.c:414 check_allowlist() check_db_cert(MokListRT, sha256hash) != DATA_FOUND^M^M
SSL Error: shim.c:691 verify_buffer_authenticode(): Security Policy Violation^M
2092850320:error:21075075:lib(33):func(117):reason(117):NA:0:Verify error:self signed certificate in certificate chain^M
Verification failed: Security Policy Violation^M
Failed to load image: Security Policy Violation^M
shim.c:1169 start_image() Failed to load image: Security Policy Violation^M^M
shim.c:866:load_image() attempting to load \EFI\BOOT\mmx64.efi^M
Failed to open \EFI\BOOT\mmx64.efi - Not Found^M
Failed to load image ??: Not Found^M
shim.c:888 load_image() Failed to open \EFI\BOOT\mmx64.efi - Not Found^M^M
shim.c:1116 read_image() Failed to load image ??: Not Found^M^M
start_image() returned Not Found^M
BdsDxe: No bootable option or device was found.^M
BdsDxe: Press any key to enter the Boot Manager Menu.^M
-------- 8< ---------------- 8< ---------------- 8< ---------------- 8< --------
This prevents executing Recovery Code, causing system to be unbootable if firmware was cleared somehow (e.g. "efibootmgr -O" executed).
Additionally this prevents some VMWare systems to boot without user interaction (need to "OK" multiple times until "Red Hat Enterprise Linux gets selected):
issue still under investigation by VMWare, seems to affect "VMware ESXi, 7.0.3, 21313628".
Version-Release number of selected component (if applicable):
shim-x64-15.6-3.el7_9.x86_64
How reproducible:
Always
Steps to Reproduce:
1. Boot a UEFI RHEL7 system in Secure Boot
2. Clear the EFI entries
- efibootmgr -O
3. Reboot
Actual results:
Security Violation
Expected results:
No violation and "Red Hat Enterprise Linux" entry recreated
[RHEL-4382] Executing BOOTX64.EFI fails after printing "Verification failed: Security Policy Violation"
Unfortunately this is not the case, and it is possible to update shim without updating grub2.
We are documenting this as clearly and thoroughly as we can so that customers do not run into problems.
Hidetoshi Seto (fukurokuju)
added a comment - According to the next comment by Peter Jones, the new shim rpm package should have version dependency for grub2 rpm package and so grub2 rpm packages should get updated automatically when you try to update shim package.
https://bugzilla.redhat.com/show_bug.cgi?id=2220848#c65
Could you check this just in case?
Thanks.
HATAYAMA, Daisuke
Hidetoshi Seto (fukurokuju)
added a comment - According to the next comment by Peter Jones, the new shim rpm package should have version dependency for grub2 rpm package and so grub2 rpm packages should get updated automatically when you try to update shim package.
https://bugzilla.redhat.com/show_bug.cgi?id=2220848#c65
Could you check this just in case?
Thanks.
HATAYAMA, Daisuke Important update information:
The new shim revokes ALL PREVIOUS VERSIONS of GRUB2. Therefore GRUB2 MUST be updated to the latest version: grub2-2.02-0.87.el7_9.14 (RHSA-2024:128440-02) BEFORE OR SIMULTANEOUSLY with this shim in order for Secure Boot to continue to work. Failure to update GRUB2 will result in an UNBOOTABLE system.
Reproduced with old shim, verified with shim-15.8-1.el7
# pesign -S -i boot/efi/EFI/BOOT/fbx64.efi --------------------------------------------- certificate address is 0x7f9e459cfe40 Content was not encrypted. Content is detached; signature cannot be verified. The signer's common name is Red Hat Secure Boot Signing 501 The signer's email address is secalert@redhat.com Signing time: Mon Apr 15, 2024 There were certs or crls included. ---------------------------------------------
pm-rhel
added a comment - Issue migration from Bugzilla to Jira is in process at this time. This will be the last message in Jira copied from the Bugzilla bug.
pm-rhel
added a comment - Issue migration from Bugzilla to Jira is in process at this time. This will be the last message in Jira copied from the Bugzilla bug. Actually the fbx64.efi binary has been signed with wrong certificate:
[root@vm-uefi7 ~]# pesign -S -i /boot/efi/EFI/BOOT/fbx64.efi
---------------------------------------------
certificate address is 0x7ff26281be10
Content was not encrypted.
Content is detached; signature cannot be verified.
The signer's common name is Red Hat Test Certificate
No signer email address.
Signing time: Mon Apr 17, 2023
There were certs or crls included.
---------------------------------------------
Since the problem described in this issue should be resolved in a recent advisory, it has been closed.
For information on the advisory (Important: shim security update), and where to find the updated files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2024:1959