[efi] Include Secure Boot Advanced Targeting (SBAT) metadata

SBAT defines an encoding for security generation numbers stored as a
CSV file within a special ".sbat" section in the signed binary.  If a
Secure Boot exploit is discovered then the generation number will be
incremented alongside the corresponding fix.

Platforms may then record the minimum generation number required for
any given product.  This allows for an efficient revocation mechanism
that consumes minimal flash storage space (in contrast to the DBX
mechanism, which allows for only a single-digit number of revocation
events to ever take place across all possible signed binaries).

Add SBAT metadata to wimboot binaries to support this mechanism.

Signed-off-by: Michael Brown <mbrown@fensystems.co.uk>

CHANGELOG.md

@@ -3,6 +3,8 @@ Changelog
 
 ## [Unreleased]
 
+- Add [Secure Boot Advanced Targeting (SBAT)][sbat] metadata.
+
 ## [v2.7.3] 2021-04-30
 
 - Fix extraction of embedded `bootmgr.exe` from Windows 10 versions of
@@ -248,3 +250,4 @@ Changelog
 [digint]: https://digitalintelligence.com/
 [jump]: https://jumptrading.com/
 [travis]: https://travis-ci.com/
+[sbat]: https://github.com/rhboot/shim/blob/main/SBAT.md

RELEASE.md

@@ -16,7 +16,9 @@ Prerelease (unsigned binaries)
    there are zero defects reported via [Coverity
    Scan](https://scan.coverity.com/projects/ipxe-wimboot).
 
-2. Edit [`src/Makefile`](src/Makefile) to update `VERSION`.
+2. Edit [`src/Makefile`](src/Makefile) to update `VERSION`, and to
+   increment `SBAT_GENERATION` if needed (i.e. if the release fixes a
+   new Secure Boot exploit).
 
 3. Edit [`CHANGELOG.md`](CHANGELOG.md) to create a section and link
    for the new release.

src/Makefile

@@ -1,5 +1,7 @@
 VERSION := v2.7.3
 
+SBAT_GENERATION := 1
+
 OBJECTS := prefix.o startup.o callback.o main.o vsprintf.o string.o peloader.o
 OBJECTS += int13.o vdisk.o cpio.o stdio.o lznt1.o xca.o die.o efi.o efimain.o
 OBJECTS += efiguid.o efifile.o efipath.o efiboot.o efiblock.o cmdline.o
@@ -32,6 +34,7 @@ HOST_CFLAGS += -Wall -W -Werror
 
 CFLAGS += -Os -ffreestanding -Wall -W -Werror -nostdinc -I. -fshort-wchar
 CFLAGS += -DVERSION="\"$(VERSION)\""
+CFLAGS += -DSBAT_GENERATION="\"$(SBAT_GENERATION)\""
 
 CFLAGS_i386 += -m32 -march=i386 -malign-double -fno-pic
 CFLAGS_x86_64 += -m64 -mno-red-zone -fpie

src/efimain.c

@@ -32,6 +32,23 @@
 #include "efiblock.h"
 #include "efiboot.h"
 
+/** SBAT section attributes */
+#define __sbat __attribute__ (( section ( ".sbat" ), aligned ( 512 ) ))
+
+/** SBAT metadata */
+#define SBAT_CSV							\
+	/* SBAT version */						\
+	"sbat,1,SBAT Version,sbat,1,"					\
+	"https://github.com/rhboot/shim/blob/main/SBAT.md"		\
+	"\n"								\
+	/* wimboot version */						\
+	"wimboot," SBAT_GENERATION ",iPXE,wimboot," VERSION ","		\
+	"https://ipxe.org/wimboot"					\
+	"\n"
+
+/** SBAT metadata (with no terminating NUL) */
+const char sbat[ sizeof ( SBAT_CSV ) - 1 ] __sbat = SBAT_CSV;
+
 /**
  * Process command line
  *

src/efireloc.c

@@ -60,7 +60,7 @@
 #define PE_HEADER_LEN 512
 
 /** .reloc section index */
-#define RELOC_SECTION_INDEX 3
+#define RELOC_SECTION_INDEX 4
 
 /** PE relocations */
 struct pe_relocs {

src/prefix.S

@@ -89,7 +89,7 @@ pe_header:
 	.ascii	"PE"			/* Signature */
 	.byte	0, 0
 	.word	coff_machine		/* Machine */
-	.word	4			/* NumberOfSections */
+	.word	5			/* NumberOfSections */
 	.long	0x10d1a884		/* TimeDateStamp */
 	.long	0			/* PointerToSymbolTable */
 	.long	0			/* NumberOfSymbols */
@@ -186,6 +186,17 @@ coff_sections:
 	.word	0			/* NumberOfRelocations */
 	.word	0			/* NumberOfLinenumbers */
 	.long	0xc8000080		/* Characteristics */
+	.ascii	".sbat"			/* Name */
+	.byte	0, 0, 0
+	.long	_sbat_used		/* Misc.VirtualSize */
+	.long	( _sbat - BASE_ADDRESS ) /* VirtualAddress */
+	.long	_sbat_len		/* SizeOfRawData */
+	.long	_sbat_pos		/* PointerToRawData */
+	.long	0			/* PointerToRelocations */
+	.long	0			/* PointerToLinenumbers */
+	.word	0			/* NumberOfRelocations */
+	.word	0			/* NumberOfLinenumbers */
+	.long	0x48000040		/* Characteristics */
 	.ascii	".reloc"		/* Name */
 	.byte	0, 0
 	.long	0			/* Misc.VirtualSize */

src/script.lds

@@ -89,8 +89,21 @@ SECTIONS {
 	}
 	_bss_len = ABSOLUTE ( _ebss ) - ABSOLUTE ( _bss );
 
+	/* Secure Boot Advanced Targeting (SBAT) section */
+	_sbat_pos = ( _payload_pos + _payload_len );
+	.sbat : AT ( _sbat_pos ) {
+		_sbat = .;
+		*(.sbat)
+		*(.sbat.*)
+		_msbat = .;
+		. = ALIGN ( alignment );
+		_esbat = .;
+	}
+	_sbat_used = ABSOLUTE ( _msbat ) - ABSOLUTE ( _sbat );
+	_sbat_len = ABSOLUTE ( _esbat ) - ABSOLUTE ( _sbat );
+
 	/* Relocations section */
-	_reloc_pos = ( _payload_pos + _payload_len );
+	_reloc_pos = ( _sbat_pos + _sbat_len );
 	_reloc = .;
 
 	_end = .;