arrfab / rpms / shim

Forked from rpms/shim 5 years ago
Clone
Blob Blame History Raw
From e5f161147de6bea68e09f33bc294c6ab644d9a78 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Thu, 31 Oct 2013 17:32:13 +0800
Subject: [PATCH 42/74] Simplify the checking of SB and DB states

MokSBState and MokDBState are just 1 byte variables, so a UINT8
local variable is sufficient to include the content.

Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>

Conflicts:
	shim.c
---
 shim.c | 26 ++++++++++----------------
 1 file changed, 10 insertions(+), 16 deletions(-)

diff --git a/shim.c b/shim.c
index fe73ec1..ea8eba8 100644
--- a/shim.c
+++ b/shim.c
@@ -1609,16 +1609,15 @@ static EFI_STATUS check_mok_sb (void)
 {
 	EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
 	EFI_STATUS status = EFI_SUCCESS;
-	UINT8 *MokSBState = NULL;
-	UINTN MokSBStateSize = 0;
+	UINT8 MokSBState;
+	UINTN MokSBStateSize = sizeof(MokSBState);
 	UINT32 attributes;
 
 	user_insecure_mode = 0;
 	ignore_db = 0;
 
-	status = get_variable_attr(L"MokSBState", &MokSBState, &MokSBStateSize,
-				   shim_lock_guid, &attributes);
-
+	status = uefi_call_wrapper(RT->GetVariable, 5, L"MokSBState", &shim_lock_guid,
+				   &attributes, &MokSBStateSize, &MokSBState);
 	if (status != EFI_SUCCESS)
 		return EFI_ACCESS_DENIED;
 
@@ -1633,13 +1632,11 @@ static EFI_STATUS check_mok_sb (void)
 		}
 		status = EFI_ACCESS_DENIED;
 	} else {
-		if (*(UINT8 *)MokSBState == 1) {
+		if (MokSBState == 1) {
 			user_insecure_mode = 1;
 		}
 	}
 
-	FreePool(MokSBState);
-
 	return status;
 }
 
@@ -1651,13 +1648,12 @@ static EFI_STATUS check_mok_db (void)
 {
 	EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
 	EFI_STATUS status = EFI_SUCCESS;
-	UINT8 *MokDBState = NULL;
-	UINTN MokDBStateSize = 0;
+	UINT8 MokDBState;
+	UINTN MokDBStateSize = sizeof(MokDBStateSize);
 	UINT32 attributes;
 
-	status = get_variable_attr(L"MokDBState", &MokDBState, &MokDBStateSize,
-			shim_lock_guid, &attributes);
-
+	status = uefi_call_wrapper(RT->GetVariable, 5, L"MokDBState", &shim_lock_guid,
+				   &attributes, &MokDBStateSize, &MokDBState);
 	if (status != EFI_SUCCESS)
 		return EFI_ACCESS_DENIED;
 
@@ -1674,13 +1670,11 @@ static EFI_STATUS check_mok_db (void)
 		}
 		status = EFI_ACCESS_DENIED;
 	} else {
-		if (*(UINT8 *)MokDBState == 1) {
+		if (MokDBState == 1) {
 			ignore_db = 1;
 		}
 	}
 
-	FreePool(MokDBState);
-
 	return status;
 }
 
-- 
1.9.3