proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-06-14 03:09:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

shim: initialize OpenSSL after parsing SBAT data

Browse Source 
A following patch will make shim to verify its .sbat section and it
should be done before doing the OpenSSL initialization. But having
the debugger attached may be useful at this point.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
This commit is contained in:
Javier Martinez Canillas 2021-02-18 01:12:49 +01:00 committed by Peter Jones
parent 4c9654fb68
commit 1919b566b0
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
shim.c
View File

@ -1887,7 +1887,6 @@ efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab)
vendor_authorized, vendor_authorized_size);
dprint(L"vendor_deauthorized:0x%08lx vendor_deauthorized_size:%lu\n",
vendor_deauthorized, vendor_deauthorized_size);
init_openssl();
/*
* if SHIM_DEBUG is set, wait for a debugger to attach.
@ -1909,6 +1908,8 @@ efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab)
goto die;
}
init_openssl();
/*
* Before we do anything else, validate our non-volatile,
* boot-services-only state variables are what we think they are.