]> git.baikalelectronics.ru Git - uboot.git/commit
projects / uboot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4fc6791) | patch
efi_loader: don't load Shim's MOK database from file
authorHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
Wed, 6 Oct 2021 12:10:14 +0000 (14:10 +0200)
committerHeinrich Schuchardt <xypron.glpk@gmx.de>
Thu, 21 Oct 2021 01:46:04 +0000 (03:46 +0200)
commit53214c182697e854a1f371388cfca24bdcc9951f
treee3d036dc6e0cc983157d7debb70e24605ab546e3tree | snapshot
parent4fc67914ad874ffd1cdacabe60194462ca6352bccommit | diff
efi_loader: don't load Shim's MOK database from file

When using a file to store UEFI variables we must make sure that secure
boot related variables are not loaded from this file. With commit
5f21ee001e42 ("efi_loader: don't load signature database from file")
this has already been implemented for variables defined in the UEFI
specification. As most Linux distributions use Shim we should do the same
for Shim's MOK database.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
lib/efi_loader/efi_var_file.c diff | blob | history
"Das U-Boot" Source Tree.