Fix a bunch of trivial trailing whitespace issues.

Signed-off-by: Peter Jones <pjones@redhat.com>
2025-08-05 14:57:13 +00:00 · 2021-02-14 11:21:27 -05:00 · 2021-02-14 11:21:27 -05:00 · a6c726fc81
commit a6c726fc81
parent d230d02f99
10 changed files with 66 additions and 68 deletions
--- a/MokVars.txt
+++ b/MokVars.txt
@ -2,13 +2,13 @@ Variables used by Shim and Mokmanager
 Request variables:
-MokPW: Set by MokUtil when setting a password. A SHA-256 hash of the 
+MokPW: Set by MokUtil when setting a password. A SHA-256 hash of the
-UCS-2 representation of the password. The user will be asked to 
+UCS-2 representation of the password. The user will be asked to
-re-enter the password to confirm. If the hash of the entered password 
+re-enter the password to confirm. If the hash of the entered password
-matches the contents of MokPW, the user will be prompted to copy MokPW 
+matches the contents of MokPW, the user will be prompted to copy MokPW
 into MokPWState. BS,RT,NV
-MokSB: Set by MokUtil when requesting a change in state of signature 
+MokSB: Set by MokUtil when requesting a change in state of signature
 validation. A packed structure as follows:
 typedef struct {
@ -17,15 +17,15 @@ typedef struct {
        CHAR16 Password[PASSWORD_MAX];
 } __attribute__ ((packed)) MokSBvar;
-If MokSBState is 0, the user will be prompted to disable signature 
+If MokSBState is 0, the user will be prompted to disable signature
-validation. Otherwise, the user will be prompted to enable it. PWLen 
+validation. Otherwise, the user will be prompted to enable it. PWLen
-is the length of the password, in characters. Password is a UCS-2 
+is the length of the password, in characters. Password is a UCS-2
-representation of the password. The user will be prompted to enter 
+representation of the password. The user will be prompted to enter
-three randomly chosen characters from the password. If successful, 
+three randomly chosen characters from the password. If successful,
-they will then be prompted to change the signature validation 
+they will then be prompted to change the signature validation
 according to MokSBState. BS,RT,NV
-MokDB: Set by MokUtil when requesting a change in state of validation 
+MokDB: Set by MokUtil when requesting a change in state of validation
 using db hashes and certs. A packed structure as follows:
 typedef struct {
@ -34,28 +34,28 @@ typedef struct {
        CHAR16 Password[PASSWORD_MAX];
 } __attribute__ ((packed)) MokDBvar;
-If MokDBState is 0, the user will be prompted to disable usage of db for 
+If MokDBState is 0, the user will be prompted to disable usage of db for
-validation. Otherwise, the user will be prompted to allow it. PWLen 
+validation. Otherwise, the user will be prompted to allow it. PWLen
-is the length of the password, in characters. Password is a UCS-2 
+is the length of the password, in characters. Password is a UCS-2
-representation of the password. The user will be prompted to enter 
+representation of the password. The user will be prompted to enter
-three randomly chosen characters from the password. If successful, 
+three randomly chosen characters from the password. If successful,
-they will then be prompted to change the signature validation 
+they will then be prompted to change the signature validation
 according to MokDBState. BS,RT,NV
-MokNew: Set by MokUtil when requesting the addition or removal of keys 
+MokNew: Set by MokUtil when requesting the addition or removal of keys
-from MokList. Is an EFI_SIGNATURE_LIST as described in the UEFI 
+from MokList. Is an EFI_SIGNATURE_LIST as described in the UEFI
 specification. BS,RT,NV
-MokAuth: A hash dependent upon the contents of MokNew and the sealing 
+MokAuth: A hash dependent upon the contents of MokNew and the sealing
-password. The user's password in UCS-2 form should be appended to the 
+password. The user's password in UCS-2 form should be appended to the
-contents of MokNew and a SHA-256 hash generated and stored in MokAuth. 
+contents of MokNew and a SHA-256 hash generated and stored in MokAuth.
-The hash will be regenerated by MokManager after the user is requested 
+The hash will be regenerated by MokManager after the user is requested
-to enter their password to confirm enrolment of the keys. If the hash 
+to enter their password to confirm enrolment of the keys. If the hash
 matches MokAuth, the user will be prompted to enrol the keys. BS,RT,NV
 State variables:
-MokList: A list of whitelisted keys and hashes. An EFI_SIGNATURE_LIST 
+MokList: A list of whitelisted keys and hashes. An EFI_SIGNATURE_LIST
 as described in the UEFI specification. BS,NV
 MokListRT: A copy of MokList made available to the kernel at runtime. RT
@ -65,15 +65,15 @@ as described in the UEFI specification. BS,NV
 MokListXRT: A copy of MokListX made available to the kernel at runtime. RT
-MokSBState: An 8-bit unsigned integer. If 1, shim will switch to 
+MokSBState: An 8-bit unsigned integer. If 1, shim will switch to
 insecure mode. BS,NV
-MokDBState: An 8-bit unsigned integer. If 1, shim will not use db for 
+MokDBState: An 8-bit unsigned integer. If 1, shim will not use db for
 verification. BS,NV
 MokIgnoreDB: An 8-bit unsigned integer.  This allows the OS to query whether
 or not to import DB certs for its own verification purposes.
-MokPWStore: A SHA-256 representation of the password set by the user 
+MokPWStore: A SHA-256 representation of the password set by the user
-via MokPW. The user will be prompted to enter this password in order 
+via MokPW. The user will be prompted to enter this password in order
 to interact with MokManager.
--- a/README.tpm
+++ b/README.tpm
@ -24,7 +24,7 @@ PCR8:
 - If you're using the grub2 TPM patchset we cary in Fedora, the kernel command
  line and all grub commands (including all of grub.cfg that gets run) are
  measured into PCR8.
-  
+
 PCR9:
 - If you're using the grub2 TPM patchset we carry in Fedora, the kernel,
  initramfs, and any multiboot modules loaded are measured into PCR9.
--- a/elf_x86_64_efi.lds
+++ b/elf_x86_64_efi.lds
@ -8,8 +8,8 @@ SECTIONS
  ImageBase = .;
  .hash : { *(.hash) }	/* this MUST come first! */
  . = ALIGN(4096);
-  .eh_frame : 
+  .eh_frame :
-  { 
+  {
    *(.eh_frame)
  }
  . = ALIGN(4096);
--- a/include/configtable.h
+++ b/include/configtable.h
@ -7,7 +7,7 @@
 typedef UINT32 EFI_IMAGE_EXECUTION_ACTION;
-#define EFI_IMAGE_EXECUTION_AUTHENTICATION      0x00000007 
+#define EFI_IMAGE_EXECUTION_AUTHENTICATION      0x00000007
 #define EFI_IMAGE_EXECUTION_AUTH_UNTESTED       0x00000000
 #define EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED     0x00000001
 #define EFI_IMAGE_EXECUTION_AUTH_SIG_PASSED     0x00000002
@ -26,24 +26,24 @@ typedef struct {
  ///
  UINT32                        InfoSize;
  ///
-  /// If this image was a UEFI device driver (for option ROM, for example) this is the 
+  /// If this image was a UEFI device driver (for option ROM, for example) this is the
-  /// null-terminated, user-friendly name for the device. If the image was for an application, 
+  /// null-terminated, user-friendly name for the device. If the image was for an application,
-  /// then this is the name of the application. If this cannot be determined, then a simple 
+  /// then this is the name of the application. If this cannot be determined, then a simple
  /// NULL character should be put in this position.
  /// CHAR16                    Name[];
  ///
  ///
-  /// For device drivers, this is the device path of the device for which this device driver 
+  /// For device drivers, this is the device path of the device for which this device driver
-  /// was intended. In some cases, the driver itself may be stored as part of the system 
+  /// was intended. In some cases, the driver itself may be stored as part of the system
-  /// firmware, but this field should record the device's path, not the firmware path. For 
+  /// firmware, but this field should record the device's path, not the firmware path. For
-  /// applications, this is the device path of the application. If this cannot be determined, 
+  /// applications, this is the device path of the application. If this cannot be determined,
  /// a simple end-of-path device node should be put in this position.
  /// EFI_DEVICE_PATH_PROTOCOL  DevicePath;
  ///
  ///
-  /// Zero or more image signatures. If the image contained no signatures, 
+  /// Zero or more image signatures. If the image contained no signatures,
  /// then this field is empty.
  ///
  ///EFI_SIGNATURE_LIST            Signature;
@ -54,14 +54,13 @@ typedef struct {
  ///
  /// Number of EFI_IMAGE_EXECUTION_INFO structures.
  ///
-  UINTN                     NumberOfImages; 
+  UINTN                     NumberOfImages;
  ///
  /// Number of image instances of EFI_IMAGE_EXECUTION_INFO structures.
  ///
  EFI_IMAGE_EXECUTION_INFO  InformationInfo[];
 } EFI_IMAGE_EXECUTION_INFO_TABLE;
 void *
 configtable_get_table(EFI_GUID *guid);
 EFI_IMAGE_EXECUTION_INFO_TABLE *
--- a/include/variables.h
+++ b/include/variables.h
@ -26,7 +26,7 @@ CreatePkX509SignatureList (
  IN	UINT8			    *X509Data,
  IN	UINTN			    X509DataSize,
  IN	EFI_GUID		    owner,
-  OUT   EFI_SIGNATURE_LIST          **PkCert 
+  OUT   EFI_SIGNATURE_LIST          **PkCert
 			   );
 EFI_STATUS
 CreateTimeBasedPayload (
--- a/include/wincert.h
+++ b/include/wincert.h
@ -8,28 +8,27 @@
 ///
 typedef struct {
  ///
-  /// The length of the entire certificate,  
+  /// The length of the entire certificate,
-  /// including the length of the header, in bytes.                                
+  /// including the length of the header, in bytes.
  ///
  UINT32  dwLength;
  ///
-  /// The revision level of the WIN_CERTIFICATE 
+  /// The revision level of the WIN_CERTIFICATE
-  /// structure. The current revision level is 0x0200.                                   
+  /// structure. The current revision level is 0x0200.
  ///
  UINT16  wRevision;
  ///
-  /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI      
+  /// The certificate type. See WIN_CERT_TYPE_xxx for the UEFI
-  /// certificate types. The UEFI specification reserves the range of 
+  /// certificate types. The UEFI specification reserves the range of
-  /// certificate type values from 0x0EF0 to 0x0EFF.                          
+  /// certificate type values from 0x0EF0 to 0x0EFF.
  ///
  UINT16  wCertificateType;
  ///
-  /// The following is the actual certificate. The format of   
+  /// The following is the actual certificate. The format of
  /// the certificate depends on wCertificateType.
  ///
  /// UINT8 bCertificate[ANYSIZE_ARRAY];
  ///
 } WIN_CERTIFICATE;
 #endif /* SHIM_WINCERT_H */
--- a/lib/configtable.c
+++ b/lib/configtable.c
@ -49,22 +49,22 @@ configtable_find_image(const EFI_DEVICE_PATH *DevicePath)
 		/* print what we have for debugging */
 		UINT8 *d = (UINT8 *)e; // + sizeof(UINT32)*2;
 		console_print(L"Data: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n",
-		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); 
+		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
 		d += 16;
 		console_print(L"Data: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n",
-		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); 
+		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
 		d += 16;
 		console_print(L"Data: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n",
-		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); 
+		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
 		d += 16;
 		console_print(L"Data: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n",
-		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); 
+		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
 		d += 16;
 		console_print(L"Data: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n",
-		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); 
+		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
 		d += 16;
 		console_print(L"Data: %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x\n",
-		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); 
+		      d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
 #endif
 		CHAR16 *name = (CHAR16 *)(e->Data);
 		int skip = 0;
@ -93,12 +93,12 @@ configtable_find_image(const EFI_DEVICE_PATH *DevicePath)
 		console_print(L"Device Path Size %d\n", Size);
 #endif
 		if (Size > e->InfoSize) {
-			/* parse error; the platform obviously has a 
+			/* parse error; the platform obviously has a
 			 * corrupted image table; bail */
 			console_print(L"Image Execution Information table corrupt\n");
 			break;
 		}
-		
+
 		if (CompareMem(dp, (void *)DevicePath, Size) == 0) {
 #ifdef DEBUG_CONFIG
 			console_print(L"***FOUND\n");
--- a/lib/execute.c
+++ b/lib/execute.c
@ -49,7 +49,7 @@ generate_path(CHAR16* name, EFI_LOADED_IMAGE *li, EFI_DEVICE_PATH **path, CHAR16
 	if (name[0] != '\\')
 		StrCat(*PathName, L"\\");
 	StrCat(*PathName, name);
-	
+
 	*path = FileDevicePath(li->DeviceHandle, *PathName);
 error:
--- a/lib/security_policy.c
+++ b/lib/security_policy.c
@ -54,7 +54,7 @@ extern EFI_STATUS thunk_security_policy_authentication(
 	const EFI_SECURITY_PROTOCOL *This,
 	UINT32 AuthenticationStatus,
 	const EFI_DEVICE_PATH_PROTOCOL *DevicePath
-						       ) 
+						       )
 __attribute__((unused));
 extern EFI_STATUS thunk_security2_policy_authentication(
@ -63,7 +63,7 @@ extern EFI_STATUS thunk_security2_policy_authentication(
 	VOID *FileBuffer,
 	UINTN FileSize,
 	BOOLEAN	BootPolicy
-						       ) 
+						       )
 __attribute__((unused));
 static __attribute__((used)) EFI_STATUS
@ -106,7 +106,7 @@ security_policy_authentication (
 	)
 {
 	EFI_STATUS efi_status, fail_status;
-	EFI_DEVICE_PATH *DevPath 
+	EFI_DEVICE_PATH *DevPath
 		= DuplicateDevicePath((EFI_DEVICE_PATH *)DevicePathConst),
 		*OrigDevPath = DevPath;
 	EFI_HANDLE h;
--- a/testplan.txt
+++ b/testplan.txt
@ -27,7 +27,7 @@ How to test a new shim build for RHEL/fedora:
 	-c "Red Hat Test Certificate"
 9) copy grub.cfg to our test directory:
    cp /boot/efi/EFI/redhat/grub.cfg /boot/efi/EFI/test/grub.cfg
-10) *move* \EFI\redhat\BOOT.CSV to \EFI\test 
+10) *move* \EFI\redhat\BOOT.CSV to \EFI\test
    rm -rf /boot/efi/EFI/BOOT/
    mkdir /boot/efi/EFI/BOOT/
    mv /boot/efi/EFI/redhat/BOOT.CSV /boot/efi/EFI/test/BOOT.CSV
@ -73,7 +73,7 @@ How to test a new shim build for RHEL/fedora:
    removed ‘Boot0002-8be4df61-93ca-11d2-aa0d-00e098032b8c’
    removed ‘Boot2001-8be4df61-93ca-11d2-aa0d-00e098032b8c’
    removed ‘BootOrder-8be4df61-93ca-11d2-aa0d-00e098032b8c’
-    [root@uefi efivars]# 
+    [root@uefi efivars]#
 25) reboot
 26) the system should run \EFI\BOOT\BOOTX64.EFI .  If it doesn't, you may just
    have an old machine.  In that case, go to the EFI shell and run: