Javier Martinez Canillas 132ddc42c7 efi: Only register shim_lock verifier if shim_lock protocol is found and SB enabled ... The shim_lock module registers a verifier to call shim's verify, but the handler is registered even when the shim_lock protocol was not installed. This doesn't cause a NULL pointer dereference in shim_lock_write() because the shim_lock_init() function just returns GRUB_ERR_NONE if sl isn't set. But in that case there's no point to even register the shim_lock verifier since won't do anything. Additionally, it is only useful when Secure Boot is enabled. Finally, don't assume that the shim_lock protocol will always be present when the shim_lock_write() function is called, and check for it on every call to this function. Reported-by: Michael Chang <mchang@suse.com> Reported-by: Peter Jones <pjones@redhat.com> Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>		2020-12-12 01:17:25 +01:00
..
efifwsetup.c	efi: Return grub_efi_status_t from grub_efi_get_variable()	2020-12-11 13:54:54 +01:00
fixvideo.c	Remove nested functions from PCI iterators.	2013-01-13 01:10:41 +00:00
loadbios.c	verifiers: File type for fine-grained signature-verification controlling	2018-11-09 13:25:31 +01:00
lsefi.c	Fix a segfault in lsefi	2017-08-03 20:03:09 +02:00
lsefimmap.c	lsefimmap: support persistent memory and other UEFI 2.5 features	2015-12-17 21:00:44 +03:00
lsefisystab.c	calloc: Use calloc() at most places	2020-07-29 16:55:47 +02:00
lssal.c	* grub-core/commands/efi/lssal.c: Fix terminating condition.	2013-12-11 15:59:12 +01:00
shim_lock.c	efi: Only register shim_lock verifier if shim_lock protocol is found and SB enabled	2020-12-12 01:17:25 +01:00
smbios.c	smbios: Add a module for retrieving SMBIOS information	2019-07-11 21:06:12 +02:00
tpm.c	efi/tpm: Remove unused functions and structures	2020-09-18 22:31:29 +02:00