search

nix-community / lanzaboote

Secure Boot for NixOS [maintainers=@blitz @raitobezarius @nikstur]
GNU General Public License v3.0
830 stars 46 forks source link

Goblin 0.7.1 fails to parse our PE files #237

Open blitz opened 10 months ago

blitz commented 10 months ago

When upgrading to goblin 0.7.1, the UEFI stub dies, because it fails to parse its own PE file:

vm-test-run-lanzaboote-systemd-boot-loader-config> machine # [ WARN]: linux-bootloader/src/pe_section.rs@028: Parsing PE failed Malformed entity: Unable to extract certificate. Probably cert_size:1599360838 is malformed!
vm-test-run-lanzaboote-systemd-boot-loader-config> machine # [PANIC]: panicked at 'Failed to extract configuration from binary. Did you run lzbt?: Error { status: INVALID_PARAMETER, data: () }', stub/src/thin.rs:121:10

Looks like it's introduced with: https://github.com/m4b/goblin/pull/354

Blocks #196.

/cc @RaitoBezarius

RaitoBezarius commented 10 months ago

It's fixed on master, we just need a goblin release.

Le dim. 15 oct. 2023, 14:38, Julian Stecklina @.***> a écrit :

When upgrading to goblin 0.7.1, the UEFI stub dies, because it fails to parse its own PE file:

vm-test-run-lanzaboote-systemd-boot-loader-config> machine # [ WARN]: @.***: Parsing PE failed Malformed entity: Unable to extract certificate. Probably cert_size:1599360838 is malformed! vm-test-run-lanzaboote-systemd-boot-loader-config> machine # [PANIC]: panicked at 'Failed to extract configuration from binary. Did you run lzbt?: Error { status: INVALID_PARAMETER, data: () }', stub/src/thin.rs:121:10

Looks like it's introduced with: m4b/goblin#354 https://github.com/m4b/goblin/pull/354

Blocks #196 https://github.com/nix-community/lanzaboote/pull/196.

/cc @RaitoBezarius https://github.com/RaitoBezarius

— Reply to this email directly, view it on GitHub https://github.com/nix-community/lanzaboote/issues/237, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACMZREZ4DXU4HNZLNLJ333X7PRMBAVCNFSM6AAAAAA6BAT6BSVHI2DSMVQWIX3LMV43ASLTON2WKOZRHE2DGOBZGMYDGMY . You are receiving this because you were mentioned.Message ID: @.***>

nikstur commented 3 months ago

Seems to still fail with 0.8.2:

panicked at stub/src/thin.rs:96:10:\r\nFailed to extract configuration from binary. Did you run lzbt?: Error '
Failed to extract configuration from binary. Did you run lzbt?: Error { status: INVALID_PARAMETER, data: () }