search

Mattiwatti / EfiGuard

Disable PatchGuard and Driver Signature Enforcement at boot time
GNU General Public License v3.0
1.69k stars 326 forks source link

Patch SeValidateImageHeader when disabling DSE at boot #111

Open khang06 opened 7 months ago

khang06 commented 7 months ago

Feature description

Currently, SeValidateImageData is being patched to return S_OK when EfiGuard is set to disable DSE at boot, but SeValidateImageHeader isn't, which causes some modifications to still trip DSE. (Windows 10 22H2 10.0.19045.3570)

Implementation

No response

Mattiwatti commented 6 months ago

Hi,

Can you give some more information in order for me to reproduce this? I haven't personally experienced this before, and "some modifications" isn't enough detail for me to go on. What modifications specifically are you trying to make that are still being prevented by DSE due to SeValidateImageHeader not being modified?

If you can tell me how to reproduce this I will look into implementing a fix. (That part doesn't seem to be too hard, after taking a quick look at SeValidateImageHeader - mainly I just want to know what I'd be patching and why/when this patch is needed precisely).