\r
#include "EnrollDefaultKeys.h"\r
\r
-\r
/**\r
Fetch the X509 certificate (to be used as Platform Key and first Key Exchange\r
Key) from SMBIOS.\r
STATIC\r
EFI_STATUS\r
GetPkKek1 (\r
- OUT UINT8 **PkKek1,\r
- OUT UINTN *SizeOfPkKek1\r
+ OUT UINT8 **PkKek1,\r
+ OUT UINTN *SizeOfPkKek1\r
)\r
{\r
- CONST CHAR8 *Base64Cert;\r
- CHAR8 OvmfPkKek1AppPrefix[GUID_STRING_LENGTH + 1 + 1];\r
- EFI_STATUS Status;\r
- EFI_SMBIOS_PROTOCOL *Smbios;\r
- EFI_SMBIOS_HANDLE Handle;\r
- EFI_SMBIOS_TYPE Type;\r
- EFI_SMBIOS_TABLE_HEADER *Header;\r
- SMBIOS_TABLE_TYPE11 *OemStringsTable;\r
- UINTN Base64CertLen;\r
- UINTN DecodedCertSize;\r
- UINT8 *DecodedCert;\r
+ CONST CHAR8 *Base64Cert;\r
+ CHAR8 OvmfPkKek1AppPrefix[GUID_STRING_LENGTH + 1 + 1];\r
+ EFI_STATUS Status;\r
+ EFI_SMBIOS_PROTOCOL *Smbios;\r
+ EFI_SMBIOS_HANDLE Handle;\r
+ EFI_SMBIOS_TYPE Type;\r
+ EFI_SMBIOS_TABLE_HEADER *Header;\r
+ SMBIOS_TABLE_TYPE11 *OemStringsTable;\r
+ UINTN Base64CertLen;\r
+ UINTN DecodedCertSize;\r
+ UINT8 *DecodedCert;\r
\r
Base64Cert = NULL;\r
\r
//\r
// Format the application prefix, for OEM String matching.\r
//\r
- AsciiSPrint (OvmfPkKek1AppPrefix, sizeof OvmfPkKek1AppPrefix, "%g:",\r
- &gOvmfPkKek1AppPrefixGuid);\r
+ AsciiSPrint (\r
+ OvmfPkKek1AppPrefix,\r
+ sizeof OvmfPkKek1AppPrefix,\r
+ "%g:",\r
+ &gOvmfPkKek1AppPrefixGuid\r
+ );\r
\r
//\r
// Scan all "OEM Strings" tables.\r
//\r
- Status = gBS->LocateProtocol (&gEfiSmbiosProtocolGuid, NULL,\r
- (VOID **)&Smbios);\r
+ Status = gBS->LocateProtocol (\r
+ &gEfiSmbiosProtocolGuid,\r
+ NULL,\r
+ (VOID **)&Smbios\r
+ );\r
if (EFI_ERROR (Status)) {\r
AsciiPrint ("error: failed to locate EFI_SMBIOS_PROTOCOL: %r\n", Status);\r
return Status;\r
}\r
\r
Handle = SMBIOS_HANDLE_PI_RESERVED;\r
- Type = SMBIOS_TYPE_OEM_STRINGS;\r
+ Type = SMBIOS_TYPE_OEM_STRINGS;\r
for (Status = Smbios->GetNext (Smbios, &Handle, &Type, &Header, NULL);\r
!EFI_ERROR (Status);\r
- Status = Smbios->GetNext (Smbios, &Handle, &Type, &Header, NULL)) {\r
- CONST CHAR8 *OemString;\r
- UINTN Idx;\r
+ Status = Smbios->GetNext (Smbios, &Handle, &Type, &Header, NULL))\r
+ {\r
+ CONST CHAR8 *OemString;\r
+ UINTN Idx;\r
\r
if (Header->Length < sizeof *OemStringsTable) {\r
//\r
//\r
continue;\r
}\r
+\r
OemStringsTable = (SMBIOS_TABLE_TYPE11 *)Header;\r
\r
//\r
//\r
OemString = (CONST CHAR8 *)(OemStringsTable + 1);\r
for (Idx = 0; Idx < OemStringsTable->StringCount; ++Idx) {\r
- CHAR8 CandidatePrefix[sizeof OvmfPkKek1AppPrefix];\r
+ CHAR8 CandidatePrefix[sizeof OvmfPkKek1AppPrefix];\r
\r
//\r
// NUL-terminate the candidate prefix for case-insensitive comparison.\r
//\r
- AsciiStrnCpyS (CandidatePrefix, sizeof CandidatePrefix, OemString,\r
- GUID_STRING_LENGTH + 1);\r
+ AsciiStrnCpyS (\r
+ CandidatePrefix,\r
+ sizeof CandidatePrefix,\r
+ OemString,\r
+ GUID_STRING_LENGTH + 1\r
+ );\r
if (AsciiStriCmp (OvmfPkKek1AppPrefix, CandidatePrefix) == 0) {\r
//\r
// The current string matches the prefix.\r
Base64Cert = OemString + GUID_STRING_LENGTH + 1;\r
break;\r
}\r
+\r
OemString += AsciiStrSize (OemString);\r
}\r
\r
//\r
// No table with a matching string has been found.\r
//\r
- AsciiPrint ("error: OEM String with app prefix %g not found: %r\n",\r
- &gOvmfPkKek1AppPrefixGuid, Status);\r
+ AsciiPrint (\r
+ "error: OEM String with app prefix %g not found: %r\n",\r
+ &gOvmfPkKek1AppPrefixGuid,\r
+ Status\r
+ );\r
return EFI_NOT_FOUND;\r
}\r
\r
// Verify the base64 encoding, and determine the decoded size.\r
//\r
DecodedCertSize = 0;\r
- Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize);\r
+ Status = Base64Decode (Base64Cert, Base64CertLen, NULL, &DecodedCertSize);\r
switch (Status) {\r
- case EFI_BUFFER_TOO_SMALL:\r
- ASSERT (DecodedCertSize > 0);\r
- break;\r
- case EFI_SUCCESS:\r
- AsciiPrint ("error: empty certificate after app prefix %g\n",\r
- &gOvmfPkKek1AppPrefixGuid);\r
- return EFI_PROTOCOL_ERROR;\r
- default:\r
- AsciiPrint ("error: invalid base64 string after app prefix %g\n",\r
- &gOvmfPkKek1AppPrefixGuid);\r
- return EFI_PROTOCOL_ERROR;\r
+ case EFI_BUFFER_TOO_SMALL:\r
+ ASSERT (DecodedCertSize > 0);\r
+ break;\r
+ case EFI_SUCCESS:\r
+ AsciiPrint (\r
+ "error: empty certificate after app prefix %g\n",\r
+ &gOvmfPkKek1AppPrefixGuid\r
+ );\r
+ return EFI_PROTOCOL_ERROR;\r
+ default:\r
+ AsciiPrint (\r
+ "error: invalid base64 string after app prefix %g\n",\r
+ &gOvmfPkKek1AppPrefixGuid\r
+ );\r
+ return EFI_PROTOCOL_ERROR;\r
}\r
\r
//\r
//\r
// Decoding will succeed at this point.\r
//\r
- Status = Base64Decode (Base64Cert, Base64CertLen, DecodedCert,\r
- &DecodedCertSize);\r
+ Status = Base64Decode (\r
+ Base64Cert,\r
+ Base64CertLen,\r
+ DecodedCert,\r
+ &DecodedCertSize\r
+ );\r
ASSERT_EFI_ERROR (Status);\r
\r
- *PkKek1 = DecodedCert;\r
+ *PkKek1 = DecodedCert;\r
*SizeOfPkKek1 = DecodedCertSize;\r
return EFI_SUCCESS;\r
}\r
\r
-\r
/**\r
Enroll a set of certificates in a global variable, overwriting it.\r
\r
EFI_STATUS\r
EFIAPI\r
EnrollListOfCerts (\r
- IN CHAR16 *VariableName,\r
- IN EFI_GUID *VendorGuid,\r
- IN EFI_GUID *CertType,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN EFI_GUID *CertType,\r
...\r
)\r
{\r
- UINTN DataSize;\r
- SINGLE_HEADER *SingleHeader;\r
- REPEATING_HEADER *RepeatingHeader;\r
- VA_LIST Marker;\r
- CONST UINT8 *Cert;\r
- EFI_STATUS Status;\r
- UINT8 *Data;\r
- UINT8 *Position;\r
+ UINTN DataSize;\r
+ SINGLE_HEADER *SingleHeader;\r
+ REPEATING_HEADER *RepeatingHeader;\r
+ VA_LIST Marker;\r
+ CONST UINT8 *Cert;\r
+ EFI_STATUS Status;\r
+ UINT8 *Data;\r
+ UINT8 *Position;\r
\r
Status = EFI_SUCCESS;\r
\r
VA_START (Marker, CertType);\r
for (Cert = VA_ARG (Marker, CONST UINT8 *);\r
Cert != NULL;\r
- Cert = VA_ARG (Marker, CONST UINT8 *)) {\r
- UINTN CertSize;\r
+ Cert = VA_ARG (Marker, CONST UINT8 *))\r
+ {\r
+ UINTN CertSize;\r
\r
CertSize = VA_ARG (Marker, UINTN);\r
(VOID)VA_ARG (Marker, CONST EFI_GUID *);\r
\r
- if (CertSize == 0 ||\r
- CertSize > MAX_UINT32 - sizeof *RepeatingHeader ||\r
- DataSize > MAX_UINT32 - sizeof *RepeatingHeader - CertSize) {\r
+ if ((CertSize == 0) ||\r
+ (CertSize > MAX_UINT32 - sizeof *RepeatingHeader) ||\r
+ (DataSize > MAX_UINT32 - sizeof *RepeatingHeader - CertSize))\r
+ {\r
Status = EFI_INVALID_PARAMETER;\r
break;\r
}\r
+\r
DataSize += sizeof *RepeatingHeader + CertSize;\r
}\r
+\r
VA_END (Marker);\r
\r
if (DataSize == sizeof *SingleHeader) {\r
Status = EFI_INVALID_PARAMETER;\r
}\r
+\r
if (EFI_ERROR (Status)) {\r
goto Out;\r
}\r
Position = Data;\r
\r
SingleHeader = (SINGLE_HEADER *)Position;\r
- Status = gRT->GetTime (&SingleHeader->TimeStamp, NULL);\r
+ Status = gRT->GetTime (&SingleHeader->TimeStamp, NULL);\r
if (EFI_ERROR (Status)) {\r
goto FreeData;\r
}\r
+\r
SingleHeader->TimeStamp.Pad1 = 0;\r
SingleHeader->TimeStamp.Nanosecond = 0;\r
SingleHeader->TimeStamp.TimeZone = 0;\r
SingleHeader->TimeStamp.Daylight = 0;\r
SingleHeader->TimeStamp.Pad2 = 0;\r
-#if 0\r
- SingleHeader->dwLength = DataSize - sizeof SingleHeader->TimeStamp;\r
-#else\r
+ #if 0\r
+ SingleHeader->dwLength = DataSize - sizeof SingleHeader->TimeStamp;\r
+ #else\r
//\r
// This looks like a bug in edk2. According to the UEFI specification,\r
// dwLength is "The length of the entire certificate, including the length of\r
// the header, in bytes". That shouldn't stop right after CertType -- it\r
// should include everything below it.\r
//\r
- SingleHeader->dwLength = sizeof *SingleHeader\r
- - sizeof SingleHeader->TimeStamp;\r
-#endif\r
+ SingleHeader->dwLength = sizeof *SingleHeader\r
+ - sizeof SingleHeader->TimeStamp;\r
+ #endif\r
SingleHeader->wRevision = 0x0200;\r
SingleHeader->wCertificateType = WIN_CERT_TYPE_EFI_GUID;\r
CopyGuid (&SingleHeader->CertType, &gEfiCertPkcs7Guid);\r
VA_START (Marker, CertType);\r
for (Cert = VA_ARG (Marker, CONST UINT8 *);\r
Cert != NULL;\r
- Cert = VA_ARG (Marker, CONST UINT8 *)) {\r
- UINTN CertSize;\r
- CONST EFI_GUID *OwnerGuid;\r
+ Cert = VA_ARG (Marker, CONST UINT8 *))\r
+ {\r
+ UINTN CertSize;\r
+ CONST EFI_GUID *OwnerGuid;\r
\r
CertSize = VA_ARG (Marker, UINTN);\r
OwnerGuid = VA_ARG (Marker, CONST EFI_GUID *);\r
\r
RepeatingHeader = (REPEATING_HEADER *)Position;\r
CopyGuid (&RepeatingHeader->SignatureType, CertType);\r
- RepeatingHeader->SignatureListSize =\r
+ RepeatingHeader->SignatureListSize =\r
(UINT32)(sizeof *RepeatingHeader + CertSize);\r
RepeatingHeader->SignatureHeaderSize = 0;\r
RepeatingHeader->SignatureSize =\r
CopyMem (Position, Cert, CertSize);\r
Position += CertSize;\r
}\r
+\r
VA_END (Marker);\r
\r
ASSERT (Data + DataSize == Position);\r
\r
- Status = gRT->SetVariable (VariableName, VendorGuid,\r
+ Status = gRT->SetVariable (\r
+ VariableName,\r
+ VendorGuid,\r
(EFI_VARIABLE_NON_VOLATILE |\r
EFI_VARIABLE_BOOTSERVICE_ACCESS |\r
EFI_VARIABLE_RUNTIME_ACCESS |\r
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS),\r
- DataSize, Data);\r
+ DataSize,\r
+ Data\r
+ );\r
\r
FreeData:\r
FreePool (Data);\r
\r
Out:\r
if (EFI_ERROR (Status)) {\r
- AsciiPrint ("error: %a(\"%s\", %g): %r\n", __FUNCTION__, VariableName,\r
- VendorGuid, Status);\r
+ AsciiPrint (\r
+ "error: %a(\"%s\", %g): %r\n",\r
+ __FUNCTION__,\r
+ VariableName,\r
+ VendorGuid,\r
+ Status\r
+ );\r
}\r
+\r
return Status;\r
}\r
\r
-\r
/**\r
Read a UEFI variable into a caller-allocated buffer, enforcing an exact size.\r
\r
STATIC\r
EFI_STATUS\r
GetExact (\r
- IN CHAR16 *VariableName,\r
- IN EFI_GUID *VendorGuid,\r
- OUT VOID *Data,\r
- IN UINTN DataSize,\r
- IN BOOLEAN AllowMissing\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ OUT VOID *Data,\r
+ IN UINTN DataSize,\r
+ IN BOOLEAN AllowMissing\r
)\r
{\r
- UINTN Size;\r
- EFI_STATUS Status;\r
+ UINTN Size;\r
+ EFI_STATUS Status;\r
\r
- Size = DataSize;\r
+ Size = DataSize;\r
Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &Size, Data);\r
if (EFI_ERROR (Status)) {\r
- if (Status == EFI_NOT_FOUND && AllowMissing) {\r
+ if ((Status == EFI_NOT_FOUND) && AllowMissing) {\r
ZeroMem (Data, DataSize);\r
return EFI_SUCCESS;\r
}\r
\r
- AsciiPrint ("error: GetVariable(\"%s\", %g): %r\n", VariableName,\r
- VendorGuid, Status);\r
+ AsciiPrint (\r
+ "error: GetVariable(\"%s\", %g): %r\n",\r
+ VariableName,\r
+ VendorGuid,\r
+ Status\r
+ );\r
return Status;\r
}\r
\r
if (Size != DataSize) {\r
- AsciiPrint ("error: GetVariable(\"%s\", %g): expected size 0x%Lx, "\r
- "got 0x%Lx\n", VariableName, VendorGuid, (UINT64)DataSize, (UINT64)Size);\r
+ AsciiPrint (\r
+ "error: GetVariable(\"%s\", %g): expected size 0x%Lx, "\r
+ "got 0x%Lx\n",\r
+ VariableName,\r
+ VendorGuid,\r
+ (UINT64)DataSize,\r
+ (UINT64)Size\r
+ );\r
return EFI_PROTOCOL_ERROR;\r
}\r
\r
return EFI_SUCCESS;\r
}\r
\r
-\r
/**\r
Populate a SETTINGS structure from the underlying UEFI variables.\r
\r
STATIC\r
EFI_STATUS\r
GetSettings (\r
- OUT SETTINGS *Settings\r
+ OUT SETTINGS *Settings\r
)\r
{\r
- EFI_STATUS Status;\r
+ EFI_STATUS Status;\r
\r
- Status = GetExact (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid,\r
- &Settings->SetupMode, sizeof Settings->SetupMode, FALSE);\r
+ Status = GetExact (\r
+ EFI_SETUP_MODE_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &Settings->SetupMode,\r
+ sizeof Settings->SetupMode,\r
+ FALSE\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
\r
- Status = GetExact (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid,\r
- &Settings->SecureBoot, sizeof Settings->SecureBoot, FALSE);\r
+ Status = GetExact (\r
+ EFI_SECURE_BOOT_MODE_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &Settings->SecureBoot,\r
+ sizeof Settings->SecureBoot,\r
+ FALSE\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
\r
- Status = GetExact (EFI_SECURE_BOOT_ENABLE_NAME,\r
- &gEfiSecureBootEnableDisableGuid, &Settings->SecureBootEnable,\r
- sizeof Settings->SecureBootEnable, TRUE);\r
+ Status = GetExact (\r
+ EFI_SECURE_BOOT_ENABLE_NAME,\r
+ &gEfiSecureBootEnableDisableGuid,\r
+ &Settings->SecureBootEnable,\r
+ sizeof Settings->SecureBootEnable,\r
+ TRUE\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
\r
- Status = GetExact (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
- &Settings->CustomMode, sizeof Settings->CustomMode, FALSE);\r
+ Status = GetExact (\r
+ EFI_CUSTOM_MODE_NAME,\r
+ &gEfiCustomModeEnableGuid,\r
+ &Settings->CustomMode,\r
+ sizeof Settings->CustomMode,\r
+ FALSE\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
\r
- Status = GetExact (EFI_VENDOR_KEYS_VARIABLE_NAME, &gEfiGlobalVariableGuid,\r
- &Settings->VendorKeys, sizeof Settings->VendorKeys, FALSE);\r
+ Status = GetExact (\r
+ EFI_VENDOR_KEYS_VARIABLE_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ &Settings->VendorKeys,\r
+ sizeof Settings->VendorKeys,\r
+ FALSE\r
+ );\r
return Status;\r
}\r
\r
-\r
/**\r
Print the contents of a SETTINGS structure to the UEFI console.\r
\r
STATIC\r
VOID\r
PrintSettings (\r
- IN CONST SETTINGS *Settings\r
+ IN CONST SETTINGS *Settings\r
)\r
{\r
- AsciiPrint ("info: SetupMode=%d SecureBoot=%d SecureBootEnable=%d "\r
- "CustomMode=%d VendorKeys=%d\n", Settings->SetupMode, Settings->SecureBoot,\r
- Settings->SecureBootEnable, Settings->CustomMode, Settings->VendorKeys);\r
+ AsciiPrint (\r
+ "info: SetupMode=%d SecureBoot=%d SecureBootEnable=%d "\r
+ "CustomMode=%d VendorKeys=%d\n",\r
+ Settings->SetupMode,\r
+ Settings->SecureBoot,\r
+ Settings->SecureBootEnable,\r
+ Settings->CustomMode,\r
+ Settings->VendorKeys\r
+ );\r
}\r
\r
-\r
/**\r
Entry point function of this shell application.\r
**/\r
INTN\r
EFIAPI\r
ShellAppMain (\r
- IN UINTN Argc,\r
- IN CHAR16 **Argv\r
+ IN UINTN Argc,\r
+ IN CHAR16 **Argv\r
)\r
{\r
- INTN RetVal;\r
- EFI_STATUS Status;\r
- SETTINGS Settings;\r
- UINT8 *PkKek1;\r
- UINTN SizeOfPkKek1;\r
- BOOLEAN NoDefault;\r
-\r
- if (Argc == 2 && StrCmp (Argv[1], L"--no-default") == 0) {\r
+ INTN RetVal;\r
+ EFI_STATUS Status;\r
+ SETTINGS Settings;\r
+ UINT8 *PkKek1;\r
+ UINTN SizeOfPkKek1;\r
+ BOOLEAN NoDefault;\r
+\r
+ if ((Argc == 2) && (StrCmp (Argv[1], L"--no-default") == 0)) {\r
NoDefault = TRUE;\r
} else {\r
NoDefault = FALSE;\r
if (EFI_ERROR (Status)) {\r
return RetVal;\r
}\r
+\r
PrintSettings (&Settings);\r
\r
if (Settings.SetupMode != 1) {\r
// Set PkKek1 and SizeOfPkKek1 to suppress incorrect compiler/analyzer\r
// warnings.\r
//\r
- PkKek1 = NULL;\r
+ PkKek1 = NULL;\r
SizeOfPkKek1 = 0;\r
\r
//\r
//\r
if (Settings.CustomMode != CUSTOM_SECURE_BOOT_MODE) {\r
Settings.CustomMode = CUSTOM_SECURE_BOOT_MODE;\r
- Status = gRT->SetVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
- (EFI_VARIABLE_NON_VOLATILE |\r
- EFI_VARIABLE_BOOTSERVICE_ACCESS),\r
- sizeof Settings.CustomMode, &Settings.CustomMode);\r
+ Status = gRT->SetVariable (\r
+ EFI_CUSTOM_MODE_NAME,\r
+ &gEfiCustomModeEnableGuid,\r
+ (EFI_VARIABLE_NON_VOLATILE |\r
+ EFI_VARIABLE_BOOTSERVICE_ACCESS),\r
+ sizeof Settings.CustomMode,\r
+ &Settings.CustomMode\r
+ );\r
if (EFI_ERROR (Status)) {\r
- AsciiPrint ("error: SetVariable(\"%s\", %g): %r\n", EFI_CUSTOM_MODE_NAME,\r
- &gEfiCustomModeEnableGuid, Status);\r
+ AsciiPrint (\r
+ "error: SetVariable(\"%s\", %g): %r\n",\r
+ EFI_CUSTOM_MODE_NAME,\r
+ &gEfiCustomModeEnableGuid,\r
+ Status\r
+ );\r
goto FreePkKek1;\r
}\r
}\r
EFI_IMAGE_SECURITY_DATABASE,\r
&gEfiImageSecurityDatabaseGuid,\r
&gEfiCertX509Guid,\r
- PkKek1, SizeOfPkKek1, &gEfiCallerIdGuid,\r
- NULL);\r
+ PkKek1,\r
+ SizeOfPkKek1,\r
+ &gEfiCallerIdGuid,\r
+ NULL\r
+ );\r
} else {\r
Status = EnrollListOfCerts (\r
EFI_IMAGE_SECURITY_DATABASE,\r
&gEfiImageSecurityDatabaseGuid,\r
&gEfiCertX509Guid,\r
- mMicrosoftPca, mSizeOfMicrosoftPca, &gMicrosoftVendorGuid,\r
- mMicrosoftUefiCa, mSizeOfMicrosoftUefiCa, &gMicrosoftVendorGuid,\r
- NULL);\r
+ mMicrosoftPca,\r
+ mSizeOfMicrosoftPca,\r
+ &gMicrosoftVendorGuid,\r
+ mMicrosoftUefiCa,\r
+ mSizeOfMicrosoftUefiCa,\r
+ &gMicrosoftVendorGuid,\r
+ NULL\r
+ );\r
}\r
+\r
if (EFI_ERROR (Status)) {\r
goto FreePkKek1;\r
}\r
EFI_IMAGE_SECURITY_DATABASE1,\r
&gEfiImageSecurityDatabaseGuid,\r
&gEfiCertSha256Guid,\r
- mSha256OfDevNull, mSizeOfSha256OfDevNull, &gEfiCallerIdGuid,\r
- NULL);\r
+ mSha256OfDevNull,\r
+ mSizeOfSha256OfDevNull,\r
+ &gEfiCallerIdGuid,\r
+ NULL\r
+ );\r
if (EFI_ERROR (Status)) {\r
goto FreePkKek1;\r
}\r
EFI_KEY_EXCHANGE_KEY_NAME,\r
&gEfiGlobalVariableGuid,\r
&gEfiCertX509Guid,\r
- PkKek1, SizeOfPkKek1, &gEfiCallerIdGuid,\r
- NULL);\r
+ PkKek1,\r
+ SizeOfPkKek1,\r
+ &gEfiCallerIdGuid,\r
+ NULL\r
+ );\r
} else {\r
Status = EnrollListOfCerts (\r
EFI_KEY_EXCHANGE_KEY_NAME,\r
&gEfiGlobalVariableGuid,\r
&gEfiCertX509Guid,\r
- PkKek1, SizeOfPkKek1, &gEfiCallerIdGuid,\r
- mMicrosoftKek, mSizeOfMicrosoftKek, &gMicrosoftVendorGuid,\r
- NULL);\r
+ PkKek1,\r
+ SizeOfPkKek1,\r
+ &gEfiCallerIdGuid,\r
+ mMicrosoftKek,\r
+ mSizeOfMicrosoftKek,\r
+ &gMicrosoftVendorGuid,\r
+ NULL\r
+ );\r
}\r
+\r
if (EFI_ERROR (Status)) {\r
goto FreePkKek1;\r
}\r
EFI_PLATFORM_KEY_NAME,\r
&gEfiGlobalVariableGuid,\r
&gEfiCertX509Guid,\r
- PkKek1, SizeOfPkKek1, &gEfiGlobalVariableGuid,\r
- NULL);\r
+ PkKek1,\r
+ SizeOfPkKek1,\r
+ &gEfiGlobalVariableGuid,\r
+ NULL\r
+ );\r
if (EFI_ERROR (Status)) {\r
goto FreePkKek1;\r
}\r
// signatures.\r
//\r
Settings.CustomMode = STANDARD_SECURE_BOOT_MODE;\r
- Status = gRT->SetVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
- sizeof Settings.CustomMode, &Settings.CustomMode);\r
+ Status = gRT->SetVariable (\r
+ EFI_CUSTOM_MODE_NAME,\r
+ &gEfiCustomModeEnableGuid,\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
+ sizeof Settings.CustomMode,\r
+ &Settings.CustomMode\r
+ );\r
if (EFI_ERROR (Status)) {\r
- AsciiPrint ("error: SetVariable(\"%s\", %g): %r\n", EFI_CUSTOM_MODE_NAME,\r
- &gEfiCustomModeEnableGuid, Status);\r
+ AsciiPrint (\r
+ "error: SetVariable(\"%s\", %g): %r\n",\r
+ EFI_CUSTOM_MODE_NAME,\r
+ &gEfiCustomModeEnableGuid,\r
+ Status\r
+ );\r
goto FreePkKek1;\r
}\r
\r
if (EFI_ERROR (Status)) {\r
goto FreePkKek1;\r
}\r
+\r
PrintSettings (&Settings);\r
\r
- if (Settings.SetupMode != 0 || Settings.SecureBoot != 1 ||\r
- Settings.SecureBootEnable != 1 || Settings.CustomMode != 0 ||\r
- Settings.VendorKeys != 0) {\r
+ if ((Settings.SetupMode != 0) || (Settings.SecureBoot != 1) ||\r
+ (Settings.SecureBootEnable != 1) || (Settings.CustomMode != 0) ||\r
+ (Settings.VendorKeys != 0))\r
+ {\r
AsciiPrint ("error: unexpected\n");\r
goto FreePkKek1;\r
}\r