diff options
Diffstat (limited to 'shim.c')
| -rw-r--r-- | shim.c | 13 |
1 files changed, 11 insertions, 2 deletions
@@ -1308,7 +1308,12 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize, return efi_status; /* Measure the binary into the TPM */ - tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize, sha1hash, 4); + efi_status = tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)data, datasize, sha1hash, 4); +#ifdef REQUIRE_TPM + if (efi_status != EFI_SUCCESS) { + return efi_status; + } +#endif if (secure_mode ()) { efi_status = verify_buffer(data, datasize, &context, @@ -1818,7 +1823,11 @@ EFI_STATUS shim_verify (void *buffer, UINT32 size) goto done; /* Measure the binary into the TPM */ - tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)buffer, size, sha1hash, 4); + status = tpm_log_pe((EFI_PHYSICAL_ADDRESS)(UINTN)buffer, size, sha1hash, 4); +#ifdef REQUIRE_TPM + if (status != EFI_SUCCESS) + goto done; +#endif if (!secure_mode()) goto done; |