projects / platform / kernel / u-boot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f3a343d) | patch
efi_loader: don't load signature database from file
authorHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
Wed, 25 Aug 2021 17:13:24 +0000 (19:13 +0200)
committerHeinrich Schuchardt <xypron.glpk@gmx.de>
Sat, 4 Sep 2021 10:03:57 +0000 (12:03 +0200)
commit9ef82e29478c76f17b536f8f289fd0406067ab01
tree50276c339c16fc0dddce721de81515e980c4a89btree | snapshot
parentf3a343d7339acf1d531e438e15fef3c7975cfdcfcommit | diff
efi_loader: don't load signature database from file

The UEFI specification requires that the signature database may only be
stored in tamper-resistant storage. So these variable may not be read
from an unsigned file.

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
include/efi_variable.h diff | blob | history
lib/efi_loader/efi_var_common.c diff | blob | history
lib/efi_loader/efi_var_file.c diff | blob | history
lib/efi_loader/efi_variable.c diff | blob | history
Domain: System / Kernel;