Blame SOURCES/0023-shim-only-include-shim_cert.h-in-shim.c.patch

d84fc6
From 7a3638173e406ce7cbd682213606e3152244fcb2 Mon Sep 17 00:00:00 2001
d84fc6
From: Gary Lin <glin@suse.com>
d84fc6
Date: Wed, 19 Dec 2018 11:27:42 +0800
d84fc6
Subject: [PATCH 23/62] shim: only include shim_cert.h in shim.c
d84fc6
d84fc6
The shim_cert array was declared as a static array, and every user of
d84fc6
shim_cert.h would create a shim_cert array for its own and grow the file
d84fc6
size. To remove the unnecessary duplicate shim_cert arrays, this commit
d84fc6
declares shim_cert in shim.c while other users still can access the
d84fc6
array through the external variables: build_cert and build_cert_size.
d84fc6
d84fc6
Signed-off-by: Gary Lin <glin@suse.com>
d84fc6
Upstream-commit-id: 4e2d62f0f4e
d84fc6
---
d84fc6
 shim.c | 11 +++++++++++
d84fc6
 shim.h |  7 ++++---
d84fc6
 2 files changed, 15 insertions(+), 3 deletions(-)
d84fc6
d84fc6
diff --git a/shim.c b/shim.c
d84fc6
index e4d4fea226d..0a95f94b360 100644
d84fc6
--- a/shim.c
d84fc6
+++ b/shim.c
d84fc6
@@ -34,6 +34,9 @@
d84fc6
  */
d84fc6
 
d84fc6
 #include "shim.h"
d84fc6
+#if defined(ENABLE_SHIM_CERT)
d84fc6
+#include "shim_cert.h"
d84fc6
+#endif /* defined(ENABLE_SHIM_CERT) */
d84fc6
 
d84fc6
 #include <openssl/err.h>
d84fc6
 #include <openssl/bn.h>
d84fc6
@@ -75,6 +78,10 @@ UINT32 vendor_cert_size;
d84fc6
 UINT32 vendor_dbx_size;
d84fc6
 UINT8 *vendor_cert;
d84fc6
 UINT8 *vendor_dbx;
d84fc6
+#if defined(ENABLE_SHIM_CERT)
d84fc6
+UINT32 build_cert_size;
d84fc6
+UINT8 *build_cert;
d84fc6
+#endif /* defined(ENABLE_SHIM_CERT) */
d84fc6
 
d84fc6
 /*
d84fc6
  * indicator of how an image has been verified
d84fc6
@@ -2562,6 +2569,10 @@ efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab)
d84fc6
 	vendor_dbx_size = cert_table.vendor_dbx_size;
d84fc6
 	vendor_cert = (UINT8 *)&cert_table + cert_table.vendor_cert_offset;
d84fc6
 	vendor_dbx = (UINT8 *)&cert_table + cert_table.vendor_dbx_offset;
d84fc6
+#if defined(ENABLE_SHIM_CERT)
d84fc6
+	build_cert_size = sizeof(shim_cert);
d84fc6
+	build_cert = shim_cert;
d84fc6
+#endif /* defined(ENABLE_SHIM_CERT) */
d84fc6
 	CHAR16 *msgs[] = {
d84fc6
 		L"import_mok_state() failed\n",
d84fc6
 		L"shim_int() failed\n",
d84fc6
diff --git a/shim.h b/shim.h
d84fc6
index c26d5f06538..e4d40505f09 100644
d84fc6
--- a/shim.h
d84fc6
+++ b/shim.h
d84fc6
@@ -122,9 +122,6 @@
d84fc6
 #include "include/variables.h"
d84fc6
 
d84fc6
 #include "version.h"
d84fc6
-#ifdef ENABLE_SHIM_CERT
d84fc6
-#include "shim_cert.h"
d84fc6
-#endif
d84fc6
 
d84fc6
 INTERFACE_DECL(_SHIM_LOCK);
d84fc6
 
d84fc6
@@ -172,6 +169,10 @@ extern UINT32 vendor_cert_size;
d84fc6
 extern UINT32 vendor_dbx_size;
d84fc6
 extern UINT8 *vendor_cert;
d84fc6
 extern UINT8 *vendor_dbx;
d84fc6
+#if defined(ENABLE_SHIM_CERT)
d84fc6
+extern UINT32 build_cert_size;
d84fc6
+extern UINT8 *build_cert;
d84fc6
+#endif /* defined(ENABLE_SHIM_CERT) */
d84fc6
 
d84fc6
 extern UINT8 user_insecure_mode;
d84fc6
 extern UINT8 ignore_db;
d84fc6
-- 
d84fc6
2.26.2
d84fc6