Don't append an empty cert list to MokListRT if vendor_cert_size is 0.

Signed-off-by: Peter Jones <pjones@redhat.com>
author: Peter Jones <pjones@redhat.com> 2014-10-01 22:47:20 -0400
committer: Peter Jones <pjones@redhat.com> 2014-10-02 00:02:43 -0400
commit: f14119502ee3301e1ae80b5ab7fbe1ba46580e23 (patch)
tree: 7d26ac78eb81850db9807c57e309bdfee3ad4020 /shim.c
parent: a846aedd0e9dfe26ca6afaf6a1db8a54c20363c1 (diff)
download: efi-boot-shim-f14119502ee3301e1ae80b5ab7fbe1ba46580e23.tar.gz
efi-boot-shim-f14119502ee3301e1ae80b5ab7fbe1ba46580e23.zip
1 files changed, 34 insertions, 29 deletions
diff --git a/shim.c b/shim.c
index 4baf8b1e..a282ee35 100644
--- a/shim.c
+++ b/shim.c
@@ -1698,37 +1698,42 @@ EFI_STATUS mirror_mok_list()
 	if (efi_status != EFI_SUCCESS)
 		DataSize = 0;
 
-	FullDataSize = DataSize
-		     + sizeof (*CertList)
-		     + sizeof (EFI_GUID)
-		     + vendor_cert_size
-		     ;
-	FullData = AllocatePool(FullDataSize);
-	if (!FullData) {
-		perror(L"Failed to allocate space for MokListRT\n");
-		return EFI_OUT_OF_RESOURCES;
-	}
-	p = FullData;
+	if (vendor_cert_size) {
+		FullDataSize = DataSize
+			     + sizeof (*CertList)
+			     + sizeof (EFI_GUID)
+			     + vendor_cert_size
+			     ;
+		FullData = AllocatePool(FullDataSize);
+		if (!FullData) {
+			perror(L"Failed to allocate space for MokListRT\n");
+			return EFI_OUT_OF_RESOURCES;
+		}
+		p = FullData;
 
-	if (efi_status == EFI_SUCCESS && DataSize > 0) {
-		CopyMem(p, Data, DataSize);
-		p += DataSize;
+		if (efi_status == EFI_SUCCESS && DataSize > 0) {
+			CopyMem(p, Data, DataSize);
+			p += DataSize;
+		}
+		CertList = (EFI_SIGNATURE_LIST *)p;
+		p += sizeof (*CertList);
+		CertData = (EFI_SIGNATURE_DATA *)p;
+		p += sizeof (EFI_GUID);
+
+		CertList->SignatureType = EFI_CERT_X509_GUID;
+		CertList->SignatureListSize = vendor_cert_size
+					      + sizeof (*CertList)
+					      + sizeof (*CertData)
+					      -1;
+		CertList->SignatureHeaderSize = 0;
+		CertList->SignatureSize = vendor_cert_size + sizeof (EFI_GUID);
+
+		CertData->SignatureOwner = SHIM_LOCK_GUID;
+		CopyMem(p, vendor_cert, vendor_cert_size);
+	} else {
+		FullDataSize = DataSize;
+		FullData = Data;
 	}
-	CertList = (EFI_SIGNATURE_LIST *)p;
-	p += sizeof (*CertList);
-	CertData = (EFI_SIGNATURE_DATA *)p;
-	p += sizeof (EFI_GUID);
-
-	CertList->SignatureType = EFI_CERT_X509_GUID;
-	CertList->SignatureListSize = vendor_cert_size
-				      + sizeof (*CertList)
-				      + sizeof (*CertData)
-				      -1;
-	CertList->SignatureHeaderSize = 0;
-	CertList->SignatureSize = vendor_cert_size + sizeof (EFI_GUID);
-
-	CertData->SignatureOwner = SHIM_LOCK_GUID;
-	CopyMem(p, vendor_cert, vendor_cert_size);
 
 	efi_status = uefi_call_wrapper(RT->SetVariable, 5, L"MokListRT",
 				       &shim_lock_guid,
author	Peter Jones <pjones@redhat.com>	2014-10-01 22:47:20 -0400
committer	Peter Jones <pjones@redhat.com>	2014-10-02 00:02:43 -0400
commit	f14119502ee3301e1ae80b5ab7fbe1ba46580e23 (patch)
tree	7d26ac78eb81850db9807c57e309bdfee3ad4020 /shim.c
parent	a846aedd0e9dfe26ca6afaf6a1db8a54c20363c1 (diff)
download	efi-boot-shim-f14119502ee3301e1ae80b5ab7fbe1ba46580e23.tar.gz efi-boot-shim-f14119502ee3301e1ae80b5ab7fbe1ba46580e23.zip