4 files changed, 21 insertions, 4 deletions

diff --git a/csv.c b/csv.c
index d141f035..f6b37f15 100644
--- a/csv.c
+++ b/csv.c
@@ -55,8 +55,11 @@ parse_csv_data(char *data, char *data_end, size_t n_columns, list_t *list)
 	size_t max = 0;
 	char *end = data_end;
 
-	if (!data || !end || end <= data || !n_columns || !list)
+	if (!data || !end || end <= data || !n_columns || !list) {
+		dprint(L"data:0x%lx end:0x%lx n_columns:%lu list:0x%lx\n",
+		       data, end, n_columns, list);
 		return EFI_INVALID_PARAMETER;
+	}
 
 	max = (uintptr_t)end - (uintptr_t)line + (end > line ? 1 : 0);
 
diff --git a/pe.c b/pe.c
index 73b05a51..365e32aa 100644
--- a/pe.c
+++ b/pe.c
@@ -1054,6 +1054,8 @@ handle_image (void *data, unsigned int datasize,
 				SBATBase = base;
 				/* +1 because of size vs last byte location */
 				SBATSize = end - base + 1;
+				dprint(L"sbat section base:0x%lx size:0x%lx\n",
+				       SBATBase, SBATSize);
 			}
 		}
 
diff --git a/sbat.c b/sbat.c
index e102914c..6b7eb20a 100644
--- a/sbat.c
+++ b/sbat.c
@@ -18,14 +18,20 @@ parse_sbat_section(char *section_base, size_t section_size,
 	size_t n;
 	char *strtab;
 
-	if (!section_base || !section_size || !n_entries || !entriesp)
+	if (!section_base || !section_size || !n_entries || !entriesp) {
+		dprint(L"section_base:0x%lx section_size:0x%lx\n",
+		       section_base, section_size);
+		dprint(L"n_entries:0x%lx entriesp:0x%lx\n",
+		       n_entries, entriesp);
 		return EFI_INVALID_PARAMETER;
+	}
 
 	INIT_LIST_HEAD(&csv);
 
 	efi_status =
 		parse_csv_data(section_base, end, SBAT_SECTION_COLUMNS, &csv);
 	if (EFI_ERROR(efi_status)) {
+		dprint(L"parse_csv_data failed: %r\n", efi_status);
 		return efi_status;
 	}
 
@@ -38,6 +44,8 @@ parse_sbat_section(char *section_base, size_t section_size,
 
 		if (row->n_columns < SBAT_SECTION_COLUMNS) {
 			efi_status = EFI_INVALID_PARAMETER;
+			dprint(L"row->n_columns:%lu SBAT_SECTION_COLUMNS:%lu\n",
+			       row->n_columns, SBAT_SECTION_COLUMNS);
 			goto err;
 		}
 
@@ -45,6 +53,7 @@ parse_sbat_section(char *section_base, size_t section_size,
 		allocsz += sizeof(struct sbat_section_entry);
 		for (i = 0; i < row->n_columns; i++) {
 			if (row->columns[i][0] == '\000') {
+				dprint(L"row[%lu].columns[%lu][0] == '\\000'\n", n, i);
 				efi_status = EFI_INVALID_PARAMETER;
 				goto err;
 			}
@@ -120,7 +129,7 @@ verify_single_entry(struct sbat_section_entry *entry, struct sbat_var_entry *sba
 		sbat_var_gen = atoi((const char *)sbat_var_entry->component_generation);
 
 		if (sbat_gen < sbat_var_gen) {
-			dprint(L"component %a, generation %d, was revoked by %s variable",
+			dprint(L"component %a, generation %d, was revoked by %s variable\n",
 			       entry->component_name, sbat_gen, SBAT_VAR_NAME);
 			LogError(L"image did not pass SBAT verification\n");
 			return EFI_SECURITY_VIOLATION;
@@ -277,8 +286,10 @@ parse_sbat_var(list_t *entries)
 	UINTN datasize;
 	EFI_STATUS efi_status;
 
-	if (!entries)
+	if (!entries) {
+		dprint(L"entries is NULL\n");
 		return EFI_INVALID_PARAMETER;
+	}
 
 	efi_status = get_variable(SBAT_VAR_NAME, &data, &datasize, SHIM_LOCK_GUID);
 	if (EFI_ERROR(efi_status)) {
diff --git a/shim.c b/shim.c
index 5bed2446..b00fa5fc 100644
--- a/shim.c
+++ b/shim.c
@@ -1963,6 +1963,7 @@ efi_main (EFI_HANDLE passed_image_handle, EFI_SYSTEM_TABLE *passed_systab)
 			msg = SBAT_SELF_CHECK;
 			goto die;
 		}
+		dprint(L"SBAT self-check succeeded\n");
 	}
 
 	init_openssl();