[PATCH] make grub-install on efi idempotent by omitting PE timestamp

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] make grub-install on efi idempotent by omitting PE timestamp

From:	Daniel Kahn Gillmor
Subject:	[PATCH] make grub-install on efi idempotent by omitting PE timestamp
Date:	Fri, 20 Mar 2015 10:39:39 -0400
User-agent:	Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu)

I'm using grub-efi on a debian amd64 system, with the ESP mounted at
/boot/efi.

when i run:

  grub-install

the digest of /boot/efi/EFI/debian/grubx64.efi changes:

address@hidden:~# sha1sum /boot/efi/EFI/debian/grubx64.efi 
eafbe63218ecb7f7e69522e55ff7bc9551002c08  /boot/efi/EFI/debian/grubx64.efi
address@hidden:~# grub-install
Installing for x86_64-efi platform.
Installation finished. No error reported.
address@hidden:~# sha1sum /boot/efi/EFI/debian/grubx64.efi 
b3ec06be87d356479e652e6515814ed4fd8f35cc  /boot/efi/EFI/debian/grubx64.efi
address@hidden:~#

I compared the two versions, and it looks like they only differ in the
PE timestamp:

address@hidden:~# cp /boot/efi/EFI/debian/grubx64.efi{,.bak}
address@hidden:~# grub-install
Installing for x86_64-efi platform.
Installation finished. No error reported.
address@hidden:~# sha1sum /boot/efi/EFI/debian/grubx64.efi{,.bak}
a2fe7412a8fff69b033c5b11eb3a78927ea084e1  /boot/efi/EFI/debian/grubx64.efi
b3ec06be87d356479e652e6515814ed4fd8f35cc  /boot/efi/EFI/debian/grubx64.efi.bak
address@hidden:~# diff -u <(hd < /boot/efi/EFI/debian/grubx64.efi.bak ) <(hd < 
/boot/efi/EFI/debian/grubx64.efi )
--- /dev/fd/63  2015-03-20 09:32:36.784878070 -0400
+++ /dev/fd/62  2015-03-20 09:32:36.784878070 -0400
@@ -6,7 +6,7 @@
 00000050  69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
 00000060  74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
 00000070  6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|
-00000080  50 45 00 00 64 86 04 00  30 21 0c 55 00 00 00 00  |PE..d...0!.U....|
+00000080  50 45 00 00 64 86 04 00  42 21 0c 55 00 00 00 00  |PE..d...B!.U....|
 00000090  00 00 00 00 f0 00 0e 02  0b 02 00 00 00 96 00 00  |................|
 000000a0  00 2c 01 00 00 00 00 00  00 04 00 00 00 04 00 00  |.,..............|
 000000b0  00 00 00 00 00 00 00 00  00 02 00 00 00 02 00 00  |................|
address@hidden:~#

These are definitely timestamps, as the two files were generated about
20 seconds apart, and 0x42 - 0x30 = 0x12 = 18.  Here's the
timestamp-to-date conversion:

$ date -d address@hidden(printf '%d' 0x550c2130)
Fri Mar 20 09:31:28 EDT 2015
$

This seems like a spurious change to me, and one that makes it harder to
do things like compare checksums to make sure no one has tampered with
the bootloader, or keeping a signature valid for the bootloader as blob.

Is there a reason to embed the timestamps here?  in practice, PE
executables seem to be able to work with an all-zero timestamp
(e.g. see ld's --no-insert-timestamp option).

It looks like we're also embedding the timestamp for UBOOT images.

This should be fixable with the following change, which covers both efi
(first hunk) and uboot (second hunk):

----------
diff --git a/util/mkimage.c b/util/mkimage.c
index 7821dc5..4b0f4de 100644
--- a/util/mkimage.c
+++ b/util/mkimage.c
@@ -1439,7 +1439,7 @@ grub_install_generate_image (const char *dir, const char 
*prefix,
        c->machine = grub_host_to_target16 (image_target->pe_target);
 
        c->num_sections = grub_host_to_target16 (4);
-       c->time = grub_host_to_target32 (time (0));
+       c->time = grub_host_to_target32 (0);
        c->characteristics = grub_host_to_target16 (GRUB_PE32_EXECUTABLE_IMAGE
                                                    | 
GRUB_PE32_LINE_NUMS_STRIPPED
                                                    | 
((image_target->voidp_sizeof == 4)
@@ -1782,7 +1782,7 @@ grub_install_generate_image (const char *dir, const char 
*prefix,
 
       memset (hdr, 0, sizeof (*hdr));
       hdr->ih_magic = grub_cpu_to_be32_compile_time (GRUB_UBOOT_IH_MAGIC);
-      hdr->ih_time = grub_cpu_to_be32 (time (0));
+      hdr->ih_time = grub_cpu_to_be32 (0);
       hdr->ih_size = grub_cpu_to_be32 (core_size);
       hdr->ih_load = grub_cpu_to_be32 (image_target->link_addr);
       hdr->ih_ep = grub_cpu_to_be32 (image_target->link_addr);
----------

I notice that we're already embedding 0 for the timestamp for MIPS_ARC
on util/mkimage:1859, so this isn't without precedent.

If we want to get fancier, we could make an --embed-timestamp=SECONDS
option to grub-install, which would allow the user to explicitly set the
timestamp to a known value, or an --embed-current-timestamp option to
actually use the output of time(0), but i wouldn't get that fancy
without first hearing a strong argument for why we need an embedded
timestamp in the first place.

what do you think?

         --dkg

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] make grub-install on efi idempotent by omitting PE timestamp, Daniel Kahn Gillmor <=
- Re: [PATCH] make grub-install on efi idempotent by omitting PE timestamp, Vladimir 'φ-coder/phcoder' Serbinenko, 2015/03/20
  - Re: [PATCH] make grub-install on efi idempotent by omitting PE timestamp, Daniel Kahn Gillmor, 2015/03/20

Prev by Date: Re: [PATCH v2] Add a module for retrieving SMBIOS information
Next by Date: Re: [PATCH] make grub-install on efi idempotent by omitting PE timestamp
Previous by thread: Re: GnuTLS Self-Test Question
Next by thread: Re: [PATCH] make grub-install on efi idempotent by omitting PE timestamp
Index(es):
- Date
- Thread