diff options
| author | Peter Jones <pjones@redhat.com> | 2021-03-11 16:44:46 -0500 |
|---|---|---|
| committer | Javier Martinez Canillas <javier@dowhile0.org> | 2021-03-12 10:15:01 +0100 |
| commit | 076de43a0f871d9e6b6d48e013f01616e4fb1eea (patch) | |
| tree | c471e199cb69e6e66422f56427b589e916dae832 | |
| parent | b5a7c8ce6012ec8d5f9f2515537f918ef4ca9358 (diff) | |
| download | efi-boot-shim-076de43a0f871d9e6b6d48e013f01616e4fb1eea.tar.gz efi-boot-shim-076de43a0f871d9e6b6d48e013f01616e4fb1eea.zip | |
Make ENABLE_SHIM_DEVEL work better.
This fixes ENABLE_SHIM_DEVEL to actually work, and also makes our "goto
die" failure behavior change (to wait considerably longer) based on it.
Signed-off-by: Peter Jones <pjones@redhat.com>
| -rw-r--r-- | Makefile | 3 | ||||
| -rw-r--r-- | mok.c | 4 | ||||
| -rw-r--r-- | shim.c | 34 |
3 files changed, 41 insertions, 0 deletions
@@ -29,6 +29,9 @@ TARGETS += $(SHIMNAME).debug $(MMNAME).debug $(FBNAME).debug ifneq ($(origin ENABLE_SHIM_HASH),undefined) TARGETS += $(SHIMHASHNAME) endif +ifneq ($(origin ENABLE_SHIM_DEVEL),undefined) +CFLAGS += -DENABLE_SHIM_DEVEL +endif ifneq ($(origin ENABLE_SHIM_CERT),undefined) TARGETS += $(MMNAME).signed $(FBNAME).signed CFLAGS += -DENABLE_SHIM_CERT @@ -236,7 +236,11 @@ struct mok_state_variable mok_state_variables[] = { * we're enforcing that SBAT can't have an RT flag here because * there's no way to tell whether it's an authenticated variable. */ +#if !defined(ENABLE_SHIM_DEVEL) .no_attr = EFI_VARIABLE_RUNTIME_ACCESS, +#else + .no_attr = 0, +#endif .flags = MOK_MIRROR_DELETE_FIRST | MOK_VARIABLE_MEASURE, .pcr = 7, @@ -1846,6 +1846,35 @@ debug_hook(void) x = 1; } +typedef enum { + COLD_RESET, + EXIT_FAILURE, + EXIT_SUCCESS, // keep this one last +} devel_egress_action; + +void +devel_egress(devel_egress_action action UNUSED) +{ +#ifdef ENABLE_SHIM_DEVEL + char *reasons[] = { + [COLD_RESET] = "reset", + [EXIT_FAILURE] = "exit", + }; + if (action == EXIT_SUCCESS) + return; + + console_print(L"Waiting to %a...", reasons[action]); + for (size_t sleepcount = 0; sleepcount < 10; sleepcount++) { + console_print(L"%d...", 10 - sleepcount); + msleep(1000000); + } + console_print(L"\ndoing %a\n", action); + + if (action == COLD_RESET) + gRT->ResetSystem(EfiResetCold, EFI_SECURITY_VIOLATION, 0, NULL); +#endif +} + EFI_STATUS efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab) { @@ -1961,9 +1990,13 @@ efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab) die: console_print(L"Something has gone seriously wrong: %s: %r\n", msgs[msg], efi_status); +#if defined(ENABLE_SHIM_DEVEL) + devel_egress(COLD_RESET); +#else msleep(5000000); gRT->ResetSystem(EfiResetShutdown, EFI_SECURITY_VIOLATION, 0, NULL); +#endif } efi_status = shim_init(); @@ -1986,5 +2019,6 @@ die: efi_status = init_grub(image_handle); shim_fini(); + devel_egress(EFI_ERROR(efi_status) ? EXIT_FAILURE : EXIT_SUCCESS); return efi_status; } |