diff options
| author | Javier Martinez Canillas <javierm@redhat.com> | 2021-02-17 14:03:48 +0100 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2021-02-19 14:28:10 -0500 |
| commit | 8e34030ba544b4583c87e070d1a1e0e6b9ff5d60 (patch) | |
| tree | d2d5d80f1f814e519bc85c9e0ed2c768029e4a9f /include | |
| parent | 1919b566b05cf4fb582acf4f137764abeefd6b29 (diff) | |
| download | efi-boot-shim-8e34030ba544b4583c87e070d1a1e0e6b9ff5d60.tar.gz efi-boot-shim-8e34030ba544b4583c87e070d1a1e0e6b9ff5d60.zip | |
sbat: make shim to parse it's own .sbat section on init
This is needed for shim to verify itself when booting, to make sure that
shim binaries can't be executed anymore after been revoked by SBAT.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Diffstat (limited to 'include')
| -rw-r--r-- | include/pe.h | 3 | ||||
| -rw-r--r-- | include/sbat.h | 2 |
2 files changed, 5 insertions, 0 deletions
diff --git a/include/pe.h b/include/pe.h index 7f2236e4..79bf440c 100644 --- a/include/pe.h +++ b/include/pe.h @@ -15,6 +15,9 @@ read_header(void *data, unsigned int datasize, PE_COFF_LOADER_IMAGE_CONTEXT *context); EFI_STATUS +handle_sbat(char *SBATBase, size_t SBATSize); + +EFI_STATUS handle_image (void *data, unsigned int datasize, EFI_LOADED_IMAGE *li, EFI_IMAGE_ENTRY_POINT *entry_point, diff --git a/include/sbat.h b/include/sbat.h index 9230b587..ffde202d 100644 --- a/include/sbat.h +++ b/include/sbat.h @@ -6,6 +6,8 @@ #ifndef SBAT_H_ #define SBAT_H_ +extern UINTN _sbat, _esbat; + struct sbat_var { const CHAR8 *component_name; const CHAR8 *component_generation; |