diff options
| author | Jan Setje-Eilers <jan.setjeeilers@oracle.com> | 2023-07-14 13:37:13 -0700 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2023-12-05 13:20:00 -0500 |
| commit | 577ceddc6b91ad1c34e116437f995ded0c673674 (patch) | |
| tree | 667a5582e56b43daac9cdad50ef0b89bb090048f | |
| parent | a967c0e7a0a27a310958f5b64a4c4ef8dc1b546e (diff) | |
| download | efi-boot-shim-577ceddc6b91ad1c34e116437f995ded0c673674.tar.gz efi-boot-shim-577ceddc6b91ad1c34e116437f995ded0c673674.zip | |
Print message when refusing to apply SbatLevel
If shim detects a self revocation in a new proposed SbatLevel
and refuses to apply this new set of revocations a message should
be printed even in non-verbose modes.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
| -rw-r--r-- | sbat.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -563,7 +563,9 @@ set_sbat_uefi_variable(char *sbat_var_previous, char *sbat_var_latest) char *sbat_end = (char *)&_esbat; efi_status = verify_sbat_section(sbat_start, sbat_end - sbat_start - 1); if (EFI_ERROR(efi_status)) { - dprint(L"shim SBAT self check fails for new SbatLevel, refusing to apply\n"); + CHAR16 *title = L"New SbatLevel would self-revoke current shim. Not applied"; + CHAR16 *message = L"Press any key to continue"; + console_countdown(title, message, 10); return efi_status; } #endif /* SHIM_UNIT_TEST */ |