diff options
| -rw-r--r-- | Makefile | 8 | ||||
| -rw-r--r-- | globals.c | 31 | ||||
| -rw-r--r-- | lib/console.c | 2 | ||||
| -rw-r--r-- | shim.c | 20 |
4 files changed, 35 insertions, 26 deletions
@@ -38,12 +38,12 @@ CFLAGS += -DENABLE_SHIM_CERT else TARGETS += $(MMNAME) $(FBNAME) endif -OBJS = shim.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o pe.o httpboot.o csv.o load-options.o +OBJS = shim.o globals.o mok.o netboot.o cert.o replacements.o tpm.o version.o errlog.o sbat.o sbat_data.o pe.o httpboot.o csv.o load-options.o KEYS = shim_cert.h ocsp.* ca.* shim.crt shim.csr shim.p12 shim.pem shim.key shim.cer -ORIG_SOURCES = shim.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h) -MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o errlog.o sbat_data.o +ORIG_SOURCES = shim.c globals.c mok.c netboot.c replacements.c tpm.c errlog.c sbat.c pe.c httpboot.c shim.h version.h $(wildcard include/*.h) +MOK_OBJS = MokManager.o PasswordCrypt.o crypt_blowfish.o errlog.o sbat_data.o globals.o ORIG_MOK_SOURCES = MokManager.c PasswordCrypt.c crypt_blowfish.c shim.h $(wildcard include/*.h) -FALLBACK_OBJS = fallback.o tpm.o errlog.o sbat_data.o +FALLBACK_OBJS = fallback.o tpm.o errlog.o sbat_data.o globals.o ORIG_FALLBACK_SRCS = fallback.c SBATPATH = $(TOPDIR)/data/sbat.csv diff --git a/globals.c b/globals.c new file mode 100644 index 00000000..476e2e9c --- /dev/null +++ b/globals.c @@ -0,0 +1,31 @@ +// SPDX-License-Identifier: BSD-2-Clause-Patent +/* + * globals.c - global shim state + * Copyright Peter Jones <pjones@redhat.com> + */ + +#include "shim.h" + +UINT32 vendor_authorized_size = 0; +UINT8 *vendor_authorized = NULL; + +UINT32 vendor_deauthorized_size = 0; +UINT8 *vendor_deauthorized = NULL; + +#if defined(ENABLE_SHIM_CERT) +UINT32 build_cert_size; +UINT8 *build_cert; +#endif /* defined(ENABLE_SHIM_CERT) */ + +/* + * indicator of how an image has been verified + */ +verification_method_t verification_method; +int loader_is_participating; + +UINT8 user_insecure_mode; +UINT8 ignore_db; + +UINT32 verbose = 0; + +// vim:fenc=utf-8:tw=75:noet diff --git a/lib/console.c b/lib/console.c index 5193b578..2a669228 100644 --- a/lib/console.c +++ b/lib/console.c @@ -655,8 +655,6 @@ console_reset(void) co->ClearScreen(co); } -UINT32 verbose = 0; - VOID setup_verbosity(VOID) { @@ -52,28 +52,8 @@ extern struct { UINT32 vendor_deauthorized_offset; } cert_table; -UINT32 vendor_authorized_size = 0; -UINT8 *vendor_authorized = NULL; - -UINT32 vendor_deauthorized_size = 0; -UINT8 *vendor_deauthorized = NULL; - -#if defined(ENABLE_SHIM_CERT) -UINT32 build_cert_size; -UINT8 *build_cert; -#endif /* defined(ENABLE_SHIM_CERT) */ - -/* - * indicator of how an image has been verified - */ -verification_method_t verification_method; -int loader_is_participating; - #define EFI_IMAGE_SECURITY_DATABASE_GUID { 0xd719b2cb, 0x3d3a, 0x4596, { 0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f }} -UINT8 user_insecure_mode; -UINT8 ignore_db; - typedef enum { DATA_FOUND, DATA_NOT_FOUND, |