ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2025-02-11 12:55:17 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
226 Commits 3 Branches 15 Tags
Commit Graph

9 Commits

Author SHA1 Message Date
Brandon Weeks
be496f1149 Internal change 
PiperOrigin-RevId: 394330027
 2021-09-01 15:39:03 -07:00
Tom D
cc52e2d143
Handle EFI_ACTION events signalling DMA protection is disabled. (#235) 2021-08-23 14:03:58 -07:00
Go-Attestation Team
20a9e4b381 Internal change 
PiperOrigin-RevId: 380881515
 2021-06-22 20:41:11 +00:00
Alex Wu
0a3c6e82bf
Ignore SBAT events in ParseUEFIVariableAuthority (#222) 
As part of the Boothole fixes, shim has introduced an
SBAT feature https://github.com/rhboot/shim/blob/main/SBAT.md.
SBAT configuration is configured to log to PCR7 using
EV_EFI_VARIABLE_AUTHORITY.
493bd940e5/mok.c (L228-L247)

This causes issue with ParseUEFIVariableAuthority, as
it asssumes that an event with type EV_EFI_VARIABLE_AUTHORITY
can be parsed as EFI_SIGNATURE_DATA, per section 3.3.4.8
of the TCG PC Client Platform Firmware Profile Specification.
 2021-06-03 14:28:24 -07:00
Tom D
ee5bb94c43
WIP processing image load events (#216) 2021-05-10 12:11:58 -07:00
Eric Chiang
339bdb245a
attest: add bounds checks for slice indexes (#197) 
Found manually looking through the code. The activate credential could
crash the client, the secureboot and challenge generation could crash
the server.
 2020-12-30 19:33:55 +01:00
Tom D
3b5f0a5e00
Begin implementing extraction of windows info from the event log (#167) 2020-06-01 17:35:23 -07:00
Tom D
ab116a02a1
Implement workaround for secureboot authority events from shim (#158) 2020-05-01 14:20:54 -07:00
Tom D
e134551bb0
Implement extractor for determining secure boot state (#148) 2019-12-19 12:28:32 -08:00