Skip to content

Instantly share code, notes, and snippets.

Avatar
💥
Come spend some time in the trenches...

Pete Batard pbatard

💥
Come spend some time in the trenches...
View GitHub Profile
@pbatard
pbatard / SB_Submit.md
Last active Oct 11, 2021
UEFI:NTFS Secure Boot submission
View SB_Submit.md

From Pre-submission testing for UEFI submissions

  • Submission has been tested accordindly: We added our own DB cert (on a NUC 10i7FNK for x64 as well as on a Raspberry Pi 4 for AARCH64) before submitting for signing and have validated that, when Secure Boot is enabled:
    • The UEFI:NTFS bootloader will not load an NTFS driver that isn't Secure Boot signed. This relies on the fact that if Secure Boot is enabled and per UEFI specs (Version 2.9, Section 7.4), LoadImage() will return EFI_SECURITY_VIOLATION for binaries that do not pass Secure Boot validation. This validates that it is not possible for a malicious actor to load an arbitrary driver, instead of the one we submit for signing.
    • The target bootloader we attempt to chain load from the NTFS partition will not load if it isn't Secure Boot signed (for the same reasons as above, since we also use `LoadImage
@pbatard
pbatard / edk2.md
Last active Mar 18, 2020
Pete's quick edk2/edk2-platform submission guide
View edk2.md

Preamble

This guide is meant as a complement to Laszlo's more official guide, in order to fill some missing bits and pieces.

This assumes that you cloned the edk2, edk2-platforms and edk2-non-osi repository and set up tianocore.template, edk2.diff.order and so on.

Commits validation

@pbatard
pbatard / RufusMaintainer.md
Last active Oct 23, 2021
Rufus Maintainer's Corner
View RufusMaintainer.md

Github stats Github stats Github stats Github stats Github stats Github stats

  • Make sure all milestones issues have been addressed
  • Make sure the ChangeLog is up t
View gist:5cb2f4c0ec5f9983fd32
From 4fe257a4aeae6a30563c4b904c29a31ec8452152 Mon Sep 17 00:00:00 2001
From: Pete Batard <pete@akeo.ie>
Date: Sun, 17 Aug 2014 19:00:35 +0100
Subject: [PATCH] Fix the use of DirectInput with (broken) Unity
---
Source/SharpDX/Utilities.cs | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Source/SharpDX/Utilities.cs b/Source/SharpDX/Utilities.cs
@pbatard
pbatard / xusb.diff
Created Jul 5, 2012
FX3 firmware upload patch for xusb
View xusb.diff
--- D:/__PROJECTS/_INTERNAL/20120118_USB3.0/LibUSBx/libusbx-1.0.12-rc1/examples/xusb.c.orig Mon Jun 18 12:00:44 2012
+++ D:/__PROJECTS/_INTERNAL/20120118_USB3.0/LibUSBx/libusbx-1.0.12-rc1/examples/xusb.c Mon Jun 18 17:04:39 2012
@@ -47,14 +47,13 @@
#define false (!true)
#endif
-
// Future versions of libusbx will use usb_interface instead of interface
// in libusb_config_descriptor => catter for that
#define usb_interface interface
@pbatard
pbatard / Prevent-memory-leaks-on-realloc-failures.patch
Created Jul 5, 2012
improvement on the earlier patch with usbi_reallocf
View Prevent-memory-leaks-on-realloc-failures.patch
From c85a751dfd6519d126772bab7796e96c4c63351f Mon Sep 17 00:00:00 2001
From: Pete Batard <pete@akeo.ie>
Date: Thu, 7 Jun 2012 19:27:43 +0100
Subject: [PATCH] All: Prevent memory leaks on realloc failures
* p = realloc(p, new_size) does not free the original buffer in case of
a realloc failure.
* reallocf() can be used to do so, but is not available on all platforms.
* This patch introduces usbi_reallocf() in libusbi.h and use that instead of realloc
* Issue and original patch submitted by Moritz Lipp (trac #27)
View 0001-Free-altsetting-upon-failed-realloc.patch
From 16cebba315614cd527976f6625b3ac7661ed2f47 Mon Sep 17 00:00:00 2001
From: Moritz Lipp <mlq@pwmt.org>
Date: Thu, 7 Jun 2012 01:08:53 +0200
Subject: [PATCH] Free 'altsetting' upon failed realloc
If the reallocation of 'altsetting' fails the variable gets set to NULL
while the memory it originally pointed to remains untouched. This patch
resolves this common error by introducing a temporary variable that is
used to catch the failed reallocation and freeing the previously
allocated memory.