arrfab / rpms / shim

Forked from rpms/shim 4 years ago
Clone
Source Code
GIT

Files

  1.   e97c8333a9cd000eb0adfb33dba7ba87d238802b
  2.   SOURCES
  3.   0032-MokManager-delete-the-BS-NV-variables-the-right-way.patch
Blob Blame History Raw 
From 53a8f8721c7e26717a47b668309e3ecb1f78a250 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Fri, 7 Mar 2014 16:56:14 +0800
Subject: [PATCH 32/74] MokManager: delete the BS+NV variables the right way

LibDeleteVariable assumes that the variable is RT+NV and it
won't work on a BS+NV variable.

Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
---
 MokManager.c | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/MokManager.c b/MokManager.c
index c9fbbac..0ab308f 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -1112,7 +1112,16 @@ static INTN mok_sb_prompt (void *MokSB, UINTN MokSBSize) {
 			return -1;
 		}
 	} else {
-		LibDeleteVariable(L"MokSBState", &shim_lock_guid);
+		efi_status = uefi_call_wrapper(RT->SetVariable,
+					       5, L"MokSBState",
+					       &shim_lock_guid,
+					       EFI_VARIABLE_NON_VOLATILE |
+					       EFI_VARIABLE_BOOTSERVICE_ACCESS,
+					       0, NULL);
+		if (efi_status != EFI_SUCCESS) {
+			console_notify(L"Failed to delete Secure Boot state");
+			return -1;
+		}
 	}
 
 	console_notify(L"The system must now be rebooted");
@@ -1224,7 +1233,16 @@ static INTN mok_db_prompt (void *MokDB, UINTN MokDBSize) {
 			return -1;
 		}
 	} else {
-		LibDeleteVariable(L"MokDBState", &shim_lock_guid);
+		efi_status = uefi_call_wrapper(RT->SetVariable, 5,
+					       L"MokDBState",
+					       &shim_lock_guid,
+					       EFI_VARIABLE_NON_VOLATILE |
+					       EFI_VARIABLE_BOOTSERVICE_ACCESS,
+					       0, NULL);
+		if (efi_status != EFI_SUCCESS) {
+			console_notify(L"Failed to delete DB state");
+			return -1;
+		}
 	}
 
 	console_notify(L"The system must now be rebooted");
@@ -1261,7 +1279,11 @@ static INTN mok_pw_prompt (void *MokPW, UINTN MokPWSize) {
 		if (console_yes_no((CHAR16 *[]){L"Clear MOK password?", NULL}) == 0)
 			return 0;
 
-		LibDeleteVariable(L"MokPWStore", &shim_lock_guid);
+		uefi_call_wrapper(RT->SetVariable, 5, L"MokPWStore",
+				  &shim_lock_guid,
+				  EFI_VARIABLE_NON_VOLATILE
+				  | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+				  0, NULL);
 		LibDeleteVariable(L"MokPW", &shim_lock_guid);
 		console_notify(L"The system must now be rebooted");
 		uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm, EFI_SUCCESS, 0,
-- 
1.9.3

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation