proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-07-24 15:28:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Boot unsigned binaries if we're not in secure mode

Browse Source 
read_header would fail if the binary was unsigned, even if we weren't then
going to verify the signature. Move that check to the verify function
instead.
This commit is contained in:
Matthew Garrett 2012-10-24 00:10:29 -04:00
parent cbe214072b
commit 832e5161b5
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
shim.c
View File

@ -625,6 +625,11 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
WIN_CERTIFICATE_EFI_PKCS *cert;
unsigned int size = datasize;
if (context->SecDir->Size == 0) {
Print(L"Empty security header\n");
return EFI_INVALID_PARAMETER;
}
cert = ImageAddress (data, size, context->SecDir->VirtualAddress);
if (!cert) {
@ -737,11 +742,6 @@ static EFI_STATUS read_header(void *data, unsigned int datasize,
return EFI_INVALID_PARAMETER;
}
if (context->SecDir->Size == 0) {
Print(L"Empty security header\n");
return EFI_INVALID_PARAMETER;
}
return EFI_SUCCESS;
}