mirror of
https://git.proxmox.com/git/efi-boot-shim
synced 2025-06-13 04:04:33 +00:00
Fix filesystem enrollment
We would always enrol a single key, deleting any existing keys in the database. Fix that up.
This commit is contained in:
Matthew Garrett
parent
27db5b66aa
commit
cfa77df48e
40
MokManager.c
40
MokManager.c
@ -678,6 +678,7 @@ static void run_menu (struct menu_item *items, UINTN count) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static UINTN file_callback (void *data, void *data2) {
|
static UINTN file_callback (void *data, void *data2) {
|
||||||
|
EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
|
||||||
EFI_FILE_INFO *buffer = NULL;
|
EFI_FILE_INFO *buffer = NULL;
|
||||||
UINTN buffersize = 0, readsize;
|
UINTN buffersize = 0, readsize;
|
||||||
EFI_STATUS status;
|
EFI_STATUS status;
|
||||||
@ -685,8 +686,12 @@ static UINTN file_callback (void *data, void *data2) {
|
|||||||
CHAR16 *filename = data;
|
CHAR16 *filename = data;
|
||||||
EFI_FILE *parent = data2;
|
EFI_FILE *parent = data2;
|
||||||
EFI_GUID file_info_guid = EFI_FILE_INFO_ID;
|
EFI_GUID file_info_guid = EFI_FILE_INFO_ID;
|
||||||
void *mokbuffer = NULL;
|
void *mokbuffer = NULL, *mok;
|
||||||
void *filebuffer;
|
UINTN MokSize = 0, MokNewSize;
|
||||||
|
MokListNode *MokNew;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
mok = LibGetVariableAndSize(L"MokList", &shim_lock_guid, &MokSize);
|
||||||
|
|
||||||
status = uefi_call_wrapper(parent->Open, 5, parent, &file, filename,
|
status = uefi_call_wrapper(parent->Open, 5, parent, &file, filename,
|
||||||
EFI_FILE_MODE_READ, 0);
|
EFI_FILE_MODE_READ, 0);
|
||||||
@ -709,21 +714,34 @@ static UINTN file_callback (void *data, void *data2) {
|
|||||||
|
|
||||||
readsize = buffer->FileSize;
|
readsize = buffer->FileSize;
|
||||||
|
|
||||||
mokbuffer = AllocateZeroPool(readsize + (2 * sizeof(UINT32)));
|
if (mok) {
|
||||||
if (!mokbuffer)
|
MokNewSize = MokSize + readsize + sizeof(UINT32);
|
||||||
goto out;
|
mokbuffer = AllocateZeroPool(MokNewSize);
|
||||||
|
|
||||||
((UINT32 *)mokbuffer)[0] = 1;
|
if (!mokbuffer)
|
||||||
((UINT32 *)mokbuffer)[1] = readsize;
|
goto out;
|
||||||
filebuffer = (UINT32 *)mokbuffer + 2;
|
|
||||||
|
|
||||||
status = uefi_call_wrapper(file->Read, 3, file, &readsize, filebuffer);
|
CopyMem(mokbuffer, mok, MokSize);
|
||||||
|
((UINT32 *)mokbuffer)[0]++;
|
||||||
|
MokNew = (MokListNode *)(((char *)mokbuffer) + MokSize);
|
||||||
|
} else {
|
||||||
|
MokNewSize = readsize + (2 * sizeof(UINT32));
|
||||||
|
mokbuffer = AllocateZeroPool(MokNewSize);
|
||||||
|
|
||||||
|
if (!mokbuffer)
|
||||||
|
goto out;
|
||||||
|
((UINT32 *)mokbuffer)[0]=1;
|
||||||
|
MokNew = (MokListNode *)(((UINT32 *)mokbuffer) + 1);
|
||||||
|
}
|
||||||
|
|
||||||
|
MokNew->MokSize = readsize;
|
||||||
|
|
||||||
|
status = uefi_call_wrapper(file->Read, 3, file, &readsize, &MokNew->Mok);
|
||||||
|
|
||||||
if (status != EFI_SUCCESS)
|
if (status != EFI_SUCCESS)
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
mok_enrollment_prompt(mokbuffer,
|
mok_enrollment_prompt(mokbuffer, MokNewSize, FALSE);
|
||||||
(void *)buffer->FileSize + (2 * sizeof(UINT32)));
|
|
||||||
out:
|
out:
|
||||||
if (buffer)
|
if (buffer)
|
||||||
FreePool(buffer);
|
FreePool(buffer);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user