I've worked well with VmWare Workstation UEFI firmware and IDA GDB debugger stub. I recently done a Windows 8 UEFI analysis (available here: http://www.itsec.it/2012/09/18/uefi-technology-say-hello-to-the-windows-8-bootkit/).
Now I would like to investigate on Secureboot. I am able only to use a physical machine (ASUS). I was wondering if someone knows how to insert Secureboot module (SecurityPkg module in EDK specs 2.3.1) in VmWare EFI firmware...
I've still tried to compile UEDK 2010 "firmware.fv" and to import it in a "vmx" descriptor file adding the following lines:
efi64.filename = "myEfiFv.rom"
...but the VM doesn't start. I figured out that VMWare uefi firmware image is different from standard one (the 2 files compared equals only in EFI_FIRMWARE_VOLUME_HEADER structure).
Some of you know how to change EFI Firmware with the aim in supporting Ms SecureBoot?
Thanks very much in advance...
OK. I know entire Secureboot related stuff... But my question is another: How to enable SecureBoot in VmWare workstation? I know that is needed another UEFI bios (the incorporated one doesn't include SecurityPkg module). How to compile a firmware file with UEDK 2010 compatible with VmWare?
You are always taking on the fun projects!
There are no currently-released VMware products that include support for UEFI Secure Boot. We don't include SecurityPkg, and our Variable Services implementation supports neither EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS nor EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS. Our release plans are confidential, so I can't say when you'll see a release which does include Secure Boot support.
It will be a huge task if you want to build your own [U]EFI firmware to run in a VMware virtual machine: Our EFI ROM images contain a quantity of VMware platform-specific code that is not included in the publicly-available EDK/UDK codebases which you'd need to replicate in order to have ROMs that booted at all.
Sorry, this doesn't help much with your project.
I would like to special thank you for right answer, as usual...
I think that your job in Firmware development is just a bit more fun than mine... Isn't it?
I've always been curious and attracted to all low-level programming (especially BIOS, EFI, and all related stuff... Did you ever heard something about the BIOS rootkit for example??), but unfortunally with the tools we have here in Italy it would be a bit a mess to let grow this kind of projects...
Now I know that I can't try to bypass SecureBoot with Workstation, it's a good fact knowing it, at least... I will save some hours in trying it!
According to eg0n post (available here: http://communities.vmware.com/thread/390128) it would be very great if in version 10 of Workstation there will be implemented SecurityPkg and SourceLevelDebugPkg (both have source code downloadable... I think that they do not require a big development effort, as my personal opinion). The latter one is very usefull in debugging EFI images. I say this, because, at the time of this post, IDA has still some issues with GDB low level EFI debugging (in detail a kind of Symbol lookup problem. I've just signaled this problem to all the good staff @ hex-rays)
Do you think that maybe I could wait something new about these in future?? :-)
Have a nice day! (also if here now it's midnight o'clock).