proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-06-05 09:47:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
325 Commits 1 Branch 3 Tags 11 MiB
750584c207
Commit Graph

131 Commits

Author SHA1 Message Date
Gary Ching-Pang Lin
5f00e44f9a Only launch MokManager when necessary 2012-09-11 16:34:25 +08:00
Gary Ching-Pang Lin
19e957f489 Retrieve attributes of variables 
We have to make sure the machine owner key is stored in a BS
variable.
 2012-09-11 16:31:05 +08:00
Gary Ching-Pang Lin
1fe0d49c9b Merge branch 'master' into mok-prototype3 
Conflicts:
	shim.c
 2012-09-07 18:22:34 +08:00
Gary Ching-Pang Lin
0d7c3dbde5 Load MokManager for MOK management 2012-09-07 18:11:45 +08:00
Gary Ching-Pang Lin
e235c85af1 Make the image loading process more generic 2012-09-07 17:43:21 +08:00
Peter Jones
3c2f1d6c3d Break out of our db checking loop at the appropriate time. 
The break in check_db_cert is at the wrong level due to a typo in
indentation, and as a result only the last cert in the list can
correctly match.  Rectify that.

Signed-off-by: Peter Jones <pjones@redhat.com>
 2012-09-06 12:13:44 -04:00
Matthew Garrett
3682a89543 Use the file size, not the image size field, for verification. 2012-09-06 12:13:44 -04:00
Peter Jones
178b5681b8 Allow specification of vendor_cert through a build command line option. 
This allows you to specify the vendor_cert as a file on the command line
during build.
 2012-09-06 12:13:44 -04:00
Matthew Garrett
590b34492d Handle slightly stranger device paths 2012-07-13 00:30:22 -04:00
Matthew Garrett
d3ee0bed5e Make path generation more sensible 2012-07-11 10:58:15 -04:00
Matthew Garrett
8c173876d1 Make sure ImageBase is set appropriately in the loaded_image protocol 2012-07-11 10:57:46 -04:00
Matthew Garrett
85bbd2c4cc Re-add whitelisting - needed for protocol validation 2012-07-05 16:39:25 -04:00
Matthew Garrett
cc1116ced6 Check whether secure boot is enabled before performing verify call 2012-07-05 12:51:12 -04:00
Matthew Garrett
96b0c2f981 Fix up blacklist checking 
This was not quite as bugfree as would be hoped for.
 2012-07-02 14:43:18 -04:00
Matthew Garrett
f9435d9664 Remove whitelisting - the firmware will handle it via LoadImage/StartImage 2012-07-02 13:49:32 -04:00
Matthew Garrett
6d3e62ef2f Fix type of buffersize 2012-07-02 11:54:21 -04:00
Matthew Garrett
c08d0ceb05 Fix get_variable 2012-06-25 17:46:11 -04:00
Matthew Garrett
1a109376ab Add black/white listing 2012-06-25 10:59:08 -04:00
Matthew Garrett
301f41f053 Fix cert size 2012-06-19 15:25:02 -04:00
Matthew Garrett
49ebaa4b91 Uninstall protocol on exit 2012-06-18 17:31:42 -04:00
Matthew Garrett
019b0c5c13 Check binary against blacklist 2012-06-18 17:31:42 -04:00
Matthew Garrett
03685963c5 Attempt to start image using LoadImage/StartImage first 2012-06-18 17:31:42 -04:00
Matthew Garrett
b6db0dd4db Check that platform is in user mode before doing any validation 2012-06-18 17:31:42 -04:00
Matthew Garrett
0db1af8aeb Minor cleanups 2012-06-07 14:00:48 -04:00
Matthew Garrett
7db60bd8c2 Rename variables 2012-06-05 10:56:45 -04:00
Matthew Garrett
f4b2473401 Install a protocol for sharing code with grub 2012-06-05 10:52:30 -04:00
Matthew Garrett
f898777d22 Some cleanups 2012-05-30 22:08:09 -04:00
Matthew Garrett
7f0553356c Add image verification 2012-05-30 18:36:46 -04:00
Matthew Garrett
9d56c38fd1 Fix path generation 2012-05-08 03:00:51 -04:00
Matthew Garrett
0e6b01958a Some additional paranoia 2012-04-11 17:13:07 -04:00
Matthew Garrett
b2fe178094 Initial commit 2012-04-11 13:59:55 -04:00