]> git.proxmox.com Git - efi-boot-shim.git/commitdiff
projects / efi-boot-shim.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 12e2d62)
Reject the binary when there is no key in MokList
authorGary Ching-Pang Lin <glin@suse.com>
Fri, 21 Sep 2012 07:10:31 +0000 (15:10 +0800)
committerGary Ching-Pang Lin <glin@suse.com>
Fri, 21 Sep 2012 07:10:31 +0000 (15:10 +0800)
shim.c patch | blob | blame | history

diff --git a/shim.c b/shim.c
index 43297297ff01e74ea5fdee4ac3b25544611bc9c0..73b2feb79f6da76999660ec60b33c418279d1097 100644 (file)
--- a/shim.c
+++ b/shim.c
@@ -617,8 +617,10 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
        }
 
        CopyMem(&MokNum, MokListData, sizeof(UINT32));
-       if (MokNum == 0)
+       if (MokNum == 0) {
+               status = EFI_ACCESS_DENIED;
                goto done;
+       }
 
        list = build_mok_list(MokNum,
                              (void *)MokListData + sizeof(UINT32),
shim, a first-stage UEFI bootloader adapted for Proxmox projects