diff options
| author | Peter Jones <pjones@redhat.com> | 2013-09-09 14:43:04 -0400 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2013-10-01 14:03:16 -0400 |
| commit | 02388bcd58e73effdc828e8df9bbf5553c594835 (patch) | |
| tree | e1b16add71b17317fd017b95a068b8f12f2e4e28 /cert.S | |
| parent | 73de2ec2d81ea20ba9f55fc0c359abd43438ec11 (diff) | |
| download | efi-boot-shim-02388bcd58e73effdc828e8df9bbf5553c594835.tar.gz efi-boot-shim-02388bcd58e73effdc828e8df9bbf5553c594835.zip | |
Make vendor_cert/vendor_dbx actually replaceable by an external tool.
This moves them both to be computed at runtime from a pointer+offset
rather than just a pointer, so that their real address can be entirely
derived from the section they're in.
This means you can replace the whole .vendor_cert section with a new one
with certs that don't have the same size.
Diffstat (limited to 'cert.S')
| -rw-r--r-- | cert.S | 71 |
1 files changed, 51 insertions, 20 deletions
@@ -1,36 +1,67 @@ + .globl cert_table + .data + .align 16 + .type cert_table, @object + .size cert_table, 4 + .section .vendor_cert, "a", @progbits +cert_table: +#if defined(VENDOR_CERT_FILE) + .long vendor_cert_priv_end - vendor_cert_priv +#else + .long 0 +#endif +#if defined(VENDOR_DBX_FILE) + .long vendor_dbx_priv_end - vendor_dbx_priv +#else + .long 0 +#endif + .long vendor_cert_priv - cert_table + .long vendor_dbx_priv - cert_table #if defined(VENDOR_CERT_FILE) - .globl vendor_cert_size .data .align 1 - .type vendor_cert_size, @object - .size vendor_cert_size, 4 + .type vendor_cert_priv, @object + .size vendor_cert_priv, vendor_cert_priv_end-vendor_cert_priv .section .vendor_cert, "a", @progbits -vendor_cert_size: - .long .L0 - vendor_cert - .globl vendor_cert +vendor_cert_priv: +.incbin VENDOR_CERT_FILE +vendor_cert_priv_end: +#else + .bss + .type vendor_cert_priv, @object + .size vendor_cert_priv, 1 + .section .vendor_cert, "a", @progbits +vendor_cert_priv: + .zero 1 + + .data + .align 4 + .type vendor_cert_size_priv, @object + .size vendor_cert_size_priv, 4 + .section .vendor_cert, "a", @progbits +vendor_cert_priv_end: +#endif +#if defined(VENDOR_DBX_FILE) .data .align 1 - .type vendor_cert, @object - .size vendor_cert, .L0-vendor_cert + .type vendor_dbx_priv, @object + .size vendor_dbx_priv, vendor_dbx_priv_end-vendor_dbx_priv .section .vendor_cert, "a", @progbits -vendor_cert: -.incbin VENDOR_CERT_FILE -.L0: +vendor_dbx_priv: +.incbin VENDOR_DBX_FILE +vendor_dbx_priv_end: #else - .globl vendor_cert .bss - .type vendor_cert, @object - .size vendor_cert, 1 + .type vendor_dbx_priv, @object + .size vendor_dbx_priv, 1 .section .vendor_cert, "a", @progbits -vendor_cert: +vendor_dbx_priv: .zero 1 - .globl vendor_cert_size .data .align 4 - .type vendor_cert_size, @object - .size vendor_cert_size, 4 + .type vendor_dbx_size_priv, @object + .size vendor_dbx_size_priv, 4 .section .vendor_cert, "a", @progbits -vendor_cert_size: - .long 0 +vendor_dbx_priv_end: #endif |