From: Gary Ching-Pang Lin <glin@suse.com>
Date: Fri, 25 Oct 2013 10:30:48 +0000 (+0800)
Subject: MokManager: Write the hash list properly
X-Git-Tag: proxmox/15.7-1+pmx1~66^2~434
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=6068f510993a3e3cb41811f6ae82ab06fdcb0faa;p=efi-boot-shim.git

MokManager: Write the hash list properly

also return to the previous entry in the list

Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
---

diff --git a/MokManager.c b/MokManager.c
index 4555f62..6992a7d 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -471,12 +471,12 @@ static void show_efi_hash (void *Mok, UINTN MokSize)
 	for (i=0; i<hash_num; i++) {
 		menu_strings[i] = PoolPrint(L"View hash %d", i);
 	}
-	menu_strings[i] = StrDuplicate(L"Continue");
+	menu_strings[i] = StrDuplicate(L"Back");
 	menu_strings[i+1] = NULL;
 
 	while (key_num < hash_num) {
 		key_num = console_select((CHAR16 *[]){ L"[Hash List]", NULL },
-					 menu_strings, 0);
+					 menu_strings, key_num);
 
 		if (key_num < 0 || key_num >= hash_num)
 			break;
@@ -561,7 +561,7 @@ static EFI_STATUS list_keys (void *KeyList, UINTN KeyListSize, CHAR16 *title)
 
 	while (key_num < MokNum) {
 		key_num = console_select((CHAR16 *[]){ title, NULL },
-					 menu_strings, 0);
+					 menu_strings, key_num);
 
 		if (key_num < 0 || key_num >= MokNum)
 			break;
@@ -954,6 +954,7 @@ static EFI_STATUS write_back_mok_list (MokListNode *list, INTN key_num,
 				       BOOLEAN MokX)
 {
 	EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
+	EFI_GUID CertType = X509_GUID;
 	EFI_STATUS efi_status;
 	EFI_SIGNATURE_LIST *CertList;
 	EFI_SIGNATURE_DATA *CertData;
@@ -990,17 +991,24 @@ static EFI_STATUS write_back_mok_list (MokListNode *list, INTN key_num,
 			   sizeof(EFI_SIGNATURE_LIST));
 
 		CertList->SignatureType = list[i].Type;
-		CertList->SignatureListSize = list[i].MokSize +
-					      sizeof(EFI_SIGNATURE_LIST) +
-					      sizeof(EFI_SIGNATURE_DATA) - 1;
 		CertList->SignatureHeaderSize = 0;
-		CertList->SignatureSize = list[i].MokSize + sizeof(EFI_GUID);
 
-		CertData->SignatureOwner = shim_lock_guid;
-		CopyMem(CertData->SignatureData, list[i].Mok, list[i].MokSize);
+		if (CompareGuid(&(list[i].Type), &CertType) == 0) {
+			CertList->SignatureListSize = list[i].MokSize +
+						      sizeof(EFI_SIGNATURE_LIST) +
+						      sizeof(EFI_GUID);
+			CertList->SignatureSize = list[i].MokSize + sizeof(EFI_GUID);
 
-		ptr = (uint8_t *)ptr + sizeof(EFI_SIGNATURE_LIST) +
-		      sizeof(EFI_GUID) + list[i].MokSize;
+			CertData->SignatureOwner = shim_lock_guid;
+			CopyMem(CertData->SignatureData, list[i].Mok, list[i].MokSize);
+		} else {
+			CertList->SignatureListSize = list[i].MokSize +
+						      sizeof(EFI_SIGNATURE_LIST);
+			CertList->SignatureSize = SHA256_DIGEST_SIZE + sizeof(EFI_GUID);
+
+			CopyMem(CertData, list[i].Mok, list[i].MokSize);
+		}
+		ptr = (uint8_t *)ptr + CertList->SignatureListSize;
 	}
 
 	efi_status = uefi_call_wrapper(RT->SetVariable, 5, db_name,