proxmox-mirrors/fwupd
1
0
Fork 0
mirror of https://git.proxmox.com/git/fwupd synced 2025-08-12 09:48:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Skip the fwupdx64.efi BootXXXX entry when measuring system integrity

Browse Source 
This is created before the UEFI capsule plugin adds the new BootXXXX entry on
NVRAM systems.
This commit is contained in:
Richard Hughes 2022-12-20 11:51:19 +00:00
parent d4bfb0e53c
commit 3cbfbe1e09
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/fu-engine-helper.c
View File

@ -254,7 +254,17 @@ fu_engine_integrity_measure_uefi(GHashTable *self)
g_autoptr(GBytes) blob = g_autoptr(GBytes) blob =
fu_efivar_get_data_bytes(FU_EFIVAR_GUID_EFI_GLOBAL, name, NULL, NULL); fu_efivar_get_data_bytes(FU_EFIVAR_GUID_EFI_GLOBAL, name, NULL, NULL);
if (blob != NULL && g_bytes_get_size(blob) > 0) { if (blob != NULL && g_bytes_get_size(blob) > 0) {
const guint8 needle[] = "f\0w\0u\0p\0d";
g_autofree gchar *id = g_strdup_printf("UEFI:%s", name); g_autofree gchar *id = g_strdup_printf("UEFI:%s", name);
if (fu_memmem_safe(g_bytes_get_data(blob, NULL),
g_bytes_get_size(blob),
needle,
sizeof(needle),
NULL,
NULL)) {
g_debug("skipping %s as fwupd found", id);
continue;
}
fu_engine_integrity_add_measurement(self, id, blob); fu_engine_integrity_add_measurement(self, id, blob);
} }
} }