|
|
d1e1c8 |
From 7a3638173e406ce7cbd682213606e3152244fcb2 Mon Sep 17 00:00:00 2001
|
|
|
d1e1c8 |
From: Gary Lin <glin@suse.com>
|
|
|
d1e1c8 |
Date: Wed, 19 Dec 2018 11:27:42 +0800
|
|
|
d1e1c8 |
Subject: [PATCH 23/62] shim: only include shim_cert.h in shim.c
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
The shim_cert array was declared as a static array, and every user of
|
|
|
d1e1c8 |
shim_cert.h would create a shim_cert array for its own and grow the file
|
|
|
d1e1c8 |
size. To remove the unnecessary duplicate shim_cert arrays, this commit
|
|
|
d1e1c8 |
declares shim_cert in shim.c while other users still can access the
|
|
|
d1e1c8 |
array through the external variables: build_cert and build_cert_size.
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
Signed-off-by: Gary Lin <glin@suse.com>
|
|
|
d1e1c8 |
Upstream-commit-id: 4e2d62f0f4e
|
|
|
d1e1c8 |
---
|
|
|
d1e1c8 |
shim.c | 11 +++++++++++
|
|
|
d1e1c8 |
shim.h | 7 ++++---
|
|
|
d1e1c8 |
2 files changed, 15 insertions(+), 3 deletions(-)
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
diff --git a/shim.c b/shim.c
|
|
|
d1e1c8 |
index e4d4fea226d..0a95f94b360 100644
|
|
|
d1e1c8 |
--- a/shim.c
|
|
|
d1e1c8 |
+++ b/shim.c
|
|
|
d1e1c8 |
@@ -34,6 +34,9 @@
|
|
|
d1e1c8 |
*/
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
#include "shim.h"
|
|
|
d1e1c8 |
+#if defined(ENABLE_SHIM_CERT)
|
|
|
d1e1c8 |
+#include "shim_cert.h"
|
|
|
d1e1c8 |
+#endif /* defined(ENABLE_SHIM_CERT) */
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
#include <openssl/err.h>
|
|
|
d1e1c8 |
#include <openssl/bn.h>
|
|
|
d1e1c8 |
@@ -75,6 +78,10 @@ UINT32 vendor_cert_size;
|
|
|
d1e1c8 |
UINT32 vendor_dbx_size;
|
|
|
d1e1c8 |
UINT8 *vendor_cert;
|
|
|
d1e1c8 |
UINT8 *vendor_dbx;
|
|
|
d1e1c8 |
+#if defined(ENABLE_SHIM_CERT)
|
|
|
d1e1c8 |
+UINT32 build_cert_size;
|
|
|
d1e1c8 |
+UINT8 *build_cert;
|
|
|
d1e1c8 |
+#endif /* defined(ENABLE_SHIM_CERT) */
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
/*
|
|
|
d1e1c8 |
* indicator of how an image has been verified
|
|
|
d1e1c8 |
@@ -2562,6 +2569,10 @@ efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab)
|
|
|
d1e1c8 |
vendor_dbx_size = cert_table.vendor_dbx_size;
|
|
|
d1e1c8 |
vendor_cert = (UINT8 *)&cert_table + cert_table.vendor_cert_offset;
|
|
|
d1e1c8 |
vendor_dbx = (UINT8 *)&cert_table + cert_table.vendor_dbx_offset;
|
|
|
d1e1c8 |
+#if defined(ENABLE_SHIM_CERT)
|
|
|
d1e1c8 |
+ build_cert_size = sizeof(shim_cert);
|
|
|
d1e1c8 |
+ build_cert = shim_cert;
|
|
|
d1e1c8 |
+#endif /* defined(ENABLE_SHIM_CERT) */
|
|
|
d1e1c8 |
CHAR16 *msgs[] = {
|
|
|
d1e1c8 |
L"import_mok_state() failed\n",
|
|
|
d1e1c8 |
L"shim_int() failed\n",
|
|
|
d1e1c8 |
diff --git a/shim.h b/shim.h
|
|
|
d1e1c8 |
index c26d5f06538..e4d40505f09 100644
|
|
|
d1e1c8 |
--- a/shim.h
|
|
|
d1e1c8 |
+++ b/shim.h
|
|
|
d1e1c8 |
@@ -122,9 +122,6 @@
|
|
|
d1e1c8 |
#include "include/variables.h"
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
#include "version.h"
|
|
|
d1e1c8 |
-#ifdef ENABLE_SHIM_CERT
|
|
|
d1e1c8 |
-#include "shim_cert.h"
|
|
|
d1e1c8 |
-#endif
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
INTERFACE_DECL(_SHIM_LOCK);
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
@@ -172,6 +169,10 @@ extern UINT32 vendor_cert_size;
|
|
|
d1e1c8 |
extern UINT32 vendor_dbx_size;
|
|
|
d1e1c8 |
extern UINT8 *vendor_cert;
|
|
|
d1e1c8 |
extern UINT8 *vendor_dbx;
|
|
|
d1e1c8 |
+#if defined(ENABLE_SHIM_CERT)
|
|
|
d1e1c8 |
+extern UINT32 build_cert_size;
|
|
|
d1e1c8 |
+extern UINT8 *build_cert;
|
|
|
d1e1c8 |
+#endif /* defined(ENABLE_SHIM_CERT) */
|
|
|
d1e1c8 |
|
|
|
d1e1c8 |
extern UINT8 user_insecure_mode;
|
|
|
d1e1c8 |
extern UINT8 ignore_db;
|
|
|
d1e1c8 |
--
|
|
|
d1e1c8 |
2.26.2
|
|
|
d1e1c8 |
|