|
 |
4210fa |
From 53a8f8721c7e26717a47b668309e3ecb1f78a250 Mon Sep 17 00:00:00 2001
|
|
|
4210fa |
From: Gary Ching-Pang Lin <glin@suse.com>
|
|
|
4210fa |
Date: Fri, 7 Mar 2014 16:56:14 +0800
|
|
|
4210fa |
Subject: [PATCH 32/74] MokManager: delete the BS+NV variables the right way
|
|
|
4210fa |
|
|
|
4210fa |
LibDeleteVariable assumes that the variable is RT+NV and it
|
|
|
4210fa |
won't work on a BS+NV variable.
|
|
|
4210fa |
|
|
|
4210fa |
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
|
|
|
4210fa |
---
|
|
|
4210fa |
MokManager.c | 28 +++++++++++++++++++++++++---
|
|
|
4210fa |
1 file changed, 25 insertions(+), 3 deletions(-)
|
|
|
4210fa |
|
|
|
4210fa |
diff --git a/MokManager.c b/MokManager.c
|
|
|
4210fa |
index c9fbbac..0ab308f 100644
|
|
|
4210fa |
--- a/MokManager.c
|
|
|
4210fa |
+++ b/MokManager.c
|
|
|
4210fa |
@@ -1112,7 +1112,16 @@ static INTN mok_sb_prompt (void *MokSB, UINTN MokSBSize) {
|
|
|
4210fa |
return -1;
|
|
|
4210fa |
}
|
|
|
4210fa |
} else {
|
|
|
4210fa |
- LibDeleteVariable(L"MokSBState", &shim_lock_guid);
|
|
|
4210fa |
+ efi_status = uefi_call_wrapper(RT->SetVariable,
|
|
|
4210fa |
+ 5, L"MokSBState",
|
|
|
4210fa |
+ &shim_lock_guid,
|
|
|
4210fa |
+ EFI_VARIABLE_NON_VOLATILE |
|
|
|
4210fa |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS,
|
|
|
4210fa |
+ 0, NULL);
|
|
|
4210fa |
+ if (efi_status != EFI_SUCCESS) {
|
|
|
4210fa |
+ console_notify(L"Failed to delete Secure Boot state");
|
|
|
4210fa |
+ return -1;
|
|
|
4210fa |
+ }
|
|
|
4210fa |
}
|
|
|
4210fa |
|
|
|
4210fa |
console_notify(L"The system must now be rebooted");
|
|
|
4210fa |
@@ -1224,7 +1233,16 @@ static INTN mok_db_prompt (void *MokDB, UINTN MokDBSize) {
|
|
|
4210fa |
return -1;
|
|
|
4210fa |
}
|
|
|
4210fa |
} else {
|
|
|
4210fa |
- LibDeleteVariable(L"MokDBState", &shim_lock_guid);
|
|
|
4210fa |
+ efi_status = uefi_call_wrapper(RT->SetVariable, 5,
|
|
|
4210fa |
+ L"MokDBState",
|
|
|
4210fa |
+ &shim_lock_guid,
|
|
|
4210fa |
+ EFI_VARIABLE_NON_VOLATILE |
|
|
|
4210fa |
+ EFI_VARIABLE_BOOTSERVICE_ACCESS,
|
|
|
4210fa |
+ 0, NULL);
|
|
|
4210fa |
+ if (efi_status != EFI_SUCCESS) {
|
|
|
4210fa |
+ console_notify(L"Failed to delete DB state");
|
|
|
4210fa |
+ return -1;
|
|
|
4210fa |
+ }
|
|
|
4210fa |
}
|
|
|
4210fa |
|
|
|
4210fa |
console_notify(L"The system must now be rebooted");
|
|
|
4210fa |
@@ -1261,7 +1279,11 @@ static INTN mok_pw_prompt (void *MokPW, UINTN MokPWSize) {
|
|
|
4210fa |
if (console_yes_no((CHAR16 *[]){L"Clear MOK password?", NULL}) == 0)
|
|
|
4210fa |
return 0;
|
|
|
4210fa |
|
|
|
4210fa |
- LibDeleteVariable(L"MokPWStore", &shim_lock_guid);
|
|
|
4210fa |
+ uefi_call_wrapper(RT->SetVariable, 5, L"MokPWStore",
|
|
|
4210fa |
+ &shim_lock_guid,
|
|
|
4210fa |
+ EFI_VARIABLE_NON_VOLATILE
|
|
|
4210fa |
+ | EFI_VARIABLE_BOOTSERVICE_ACCESS,
|
|
|
4210fa |
+ 0, NULL);
|
|
|
4210fa |
LibDeleteVariable(L"MokPW", &shim_lock_guid);
|
|
|
4210fa |
console_notify(L"The system must now be rebooted");
|
|
|
4210fa |
uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm, EFI_SUCCESS, 0,
|
|
|
4210fa |
--
|
|
|
4210fa |
1.9.3
|
|
|
4210fa |
|