arrfab / rpms / shim

Forked from rpms/shim 5 years ago
Clone
Source Code
GIT

Files

  1.   e97c8333a9cd000eb0adfb33dba7ba87d238802b
  2.   SOURCES
  3.   0039-Explain-the-logic-in-secure_mode-better.patch
Blob Blame History Raw 
From 86173dba42ad5ae002ac99cc515e60104da2245c Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 25 Jun 2014 10:46:19 -0400
Subject: [PATCH 39/74] Explain the logic in secure_mode() better.

I was getting confused reading it, and I wrote it, so clearly it needs
more commentry.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 shim.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/shim.c b/shim.c
index 72d6072..210e778 100644
--- a/shim.c
+++ b/shim.c
@@ -499,6 +499,12 @@ static BOOLEAN secure_mode (void)
 		return FALSE;
 	}
 
+	/* If we /do/ have "SecureBoot", but /don't/ have "SetupMode",
+	 * then the implementation is bad, but we assume that secure boot is
+	 * enabled according to the status of "SecureBoot".  If we have both
+	 * of them, then "SetupMode" may tell us additional data, and we need
+	 * to consider it.
+	 */
 	status = get_variable(L"SetupMode", &Data, &len, global_var);
 	if (status != EFI_SUCCESS)
 		return TRUE;
-- 
1.9.3

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation