From 61e989446849205d3e9eef2544f6d9bd87142933 Mon Sep 17 00:00:00 2001
From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Date: Mon, 26 Jun 2023 18:41:50 -0700
Subject: [PATCH] Verify signature before verifying sbat levels

Verifying the validity of a files signature can protect from
an attacker creating a file that exploits a potential issue
in the sbat validation. If the signature is not checked first,
an attacker can just create a file with a valid .sbat section
and can still attack the signature validation.

Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
---
 shim.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/shim.c b/shim.c
index 17afcabbc..01e5e5608 100644
--- a/shim.c
+++ b/shim.c
@@ -753,11 +753,11 @@ verify_buffer (char *data, int datasize,
 {
 	EFI_STATUS efi_status;
 
-	efi_status = verify_buffer_sbat(data, datasize, context);
+	efi_status = verify_buffer_authenticode(data, datasize, context, sha256hash, sha1hash);
 	if (EFI_ERROR(efi_status))
 		return efi_status;
 
-	return verify_buffer_authenticode(data, datasize, context, sha256hash, sha1hash);
+	return verify_buffer_sbat(data, datasize, context);
 }
 
 static int