Verification by vendor cert -- dead code?

[polarina]

shim/shim.c

Line 542 in 7ba7440

tpm_measure_variable(L"Shim", SHIM_LOCK_GUID,

How is this code-path reachable?

The vendor cert is addended into MokListRT, thus when loading a vendor signed executable, the certificate check succeeds in check_allowlist in shim.c, measuring the matching certificate under the name MokListRT into PCR7. The success condition in the #if defined(VENDOR_CERT_FILE) section in verify_one_signature never executes for valid executables.

Under PCR7, I am only able to get a measurement named under MokListRT in the eventlog, never Shim.

[polarina]

Is it possible this is a regression introduced by commit 092c2b2? Previously MokList was referenced, not MokListRT, which generally wouldn't contain copies of the vendor_cert certificates.

The https://github.com/rhboot/shim/blob/main/README.tpm file states that these measurements are done under the MokList and Shim names, which is not the reality today.

[dennis-tseng99]

In the world, no every case result is what we expected. For example, when check_allowlist() returns EFU_NOT_FOUND or other errors just because the NVRAM DB or NVRAM MokListRT memory hardware is broken right at when get_variable() is running, the lines of #if defined(VENDOR_CERT_FILE) will be executed.

verify_one_signature()    
    check_allowlist(): 
        check_db_hash(L"db",...)
            get_variable()
            check_db_hash_in_ram()
        check_db_cert(L"db",...)
            get_variable()
                get_variable_attr() 
            check_db_cert_in_ram() 
                AuthenticodeVerify()
                tpm_measure_variable()
        check_db_cert(L"MokListRT",...)
    
    #if defined(VENDOR_CERT_FILE)
    .....
    tpm_measure_variable()