diff options
| author | Jan Setje-Eilers <jan.setjeeilers@oracle.com> | 2023-12-13 17:59:28 -0800 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2024-01-22 14:17:20 -0500 |
| commit | 30a4f3751a8da09ab0853f1a384b80096828cc34 (patch) | |
| tree | b5d5120a61585a47484dde20c90252d41f31eb9d /include | |
| parent | c46c975591b99a4c7374b3f14bcd500f316d0b73 (diff) | |
| download | efi-boot-shim-30a4f3751a8da09ab0853f1a384b80096828cc34.tar.gz efi-boot-shim-30a4f3751a8da09ab0853f1a384b80096828cc34.zip | |
Rename "previous" revocations to "automatic"
When the term previous was introduced for revocations to be
automatically applied there was a hope that everytime a new
revocation was built into shim, the previous revocation could
be applied automatically. Further experience has shown the
real world to be more complex than that. The automatic payload
will realistically contain a set of revocations governed by
both the cadence at which a distro's customer base updates
as well as the severity of the issue being revoked.
This is not a functional change.
Signed-off-by: Jan Setje-Eilers <Jan.SetjeEilers@oracle.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/sbat.h | 8 | ||||
| -rw-r--r-- | include/sbat_var_defs.h | 16 |
2 files changed, 12 insertions, 12 deletions
diff --git a/include/sbat.h b/include/sbat.h index 20009ada..4be0cbb1 100644 --- a/include/sbat.h +++ b/include/sbat.h @@ -33,10 +33,10 @@ #define SSP_POLICY L"SSPPolicy" #define SSP_POLICY8 "SSPPolicy" -#define POLICY_LATEST 1 -#define POLICY_PREVIOUS 2 -#define POLICY_RESET 3 -#define POLICY_NOTREAD 255 +#define POLICY_LATEST 1 +#define POLICY_AUTOMATIC 2 +#define POLICY_RESET 3 +#define POLICY_NOTREAD 255 extern UINTN _sbat, _esbat; diff --git a/include/sbat_var_defs.h b/include/sbat_var_defs.h index 8e643a4e..bd54cf5d 100644 --- a/include/sbat_var_defs.h +++ b/include/sbat_var_defs.h @@ -13,9 +13,9 @@ SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_ORIGINAL_DATE "\n" #if defined(ENABLE_SHIM_DEVEL) -#define SBAT_VAR_PREVIOUS_DATE "2021030218" -#define SBAT_VAR_PREVIOUS \ - SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" +#define SBAT_VAR_AUTOMATIC_DATE "2021030218" +#define SBAT_VAR_AUTOMATIC \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_AUTOMATIC_DATE "\n" #define SBAT_VAR_LATEST_DATE "2022050100" #define SBAT_VAR_LATEST_REVOCATIONS "component,2\nothercomponent,2\n" @@ -25,12 +25,12 @@ #else /* !ENABLE_SHIM_DEVEL */ /* * At this point we do not want shim to automatically apply a - * previous revocation unless it is delivered by a separately - * installed signed revocations binary. + * revocation unless it is delivered by a separately installed + * signed revocations binary. */ -#define SBAT_VAR_PREVIOUS_DATE "2021030218" -#define SBAT_VAR_PREVIOUS \ - SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_PREVIOUS_DATE "\n" +#define SBAT_VAR_AUTOMATIC_DATE "2021030218" +#define SBAT_VAR_AUTOMATIC \ + SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_AUTOMATIC_DATE "\n" /* * Revocations for January 2024 shim CVEs |