Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Clean up password setting

Permit clearing of the password, and avoid a case where choosing not to set
a password would result in an error message on exit. Fix the same problem
with MokSB.
  • Loading branch information...
commit 0e3ff89ac7983bed2feaaa47c699fbd6173293b0 1 parent cccc613
Matthew Garrett authored

Showing 1 changed file with 21 additions and 4 deletions. Show diff stats Hide diff stats

  1. +21 4 MokManager.c
25 MokManager.c
@@ -703,8 +703,6 @@ static INTN mok_sb_prompt (void *MokSB, void *data2, void *data3) {
703 703 UINT8 sbval = 1;
704 704 UINT8 pos1, pos2, pos3;
705 705
706   - LibDeleteVariable(L"MokSB", &shim_lock_guid);
707   -
708 706 if (MokSBSize != sizeof(MokSBvar)) {
709 707 Print(L"Invalid MokSB variable contents\n");
710 708 return -1;
@@ -776,6 +774,8 @@ static INTN mok_sb_prompt (void *MokSB, void *data2, void *data3) {
776 774 &shim_lock_guid);
777 775 }
778 776
  777 + LibDeleteVariable(L"MokSB", &shim_lock_guid);
  778 +
779 779 Print(L"Press a key to reboot system\n");
780 780 Pause();
781 781 uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
@@ -804,10 +804,25 @@ static INTN mok_pw_prompt (void *MokPW, void *data2, void *data3) {
804 804 return -1;
805 805 }
806 806
807   - LibDeleteVariable(L"MokPW", &shim_lock_guid);
808   -
809 807 uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
810 808
  809 + SetMem(hash, SHA256_DIGEST_SIZE, 0);
  810 +
  811 + if (CompareMem(MokPW, hash, SHA256_DIGEST_SIZE) == 0) {
  812 + Print(L"Clear MOK password? (y/n): ");
  813 +
  814 + do {
  815 + get_line (&length, line, 1, 1);
  816 +
  817 + if (line[0] == 'Y' || line[0] == 'y') {
  818 + LibDeleteVariable(L"MokPWStore", &shim_lock_guid);
  819 + LibDeleteVariable(L"MokPW", &shim_lock_guid);
  820 + }
  821 + } while (line[0] != 'N' && line[0] != 'n');
  822 +
  823 + return 0;
  824 + }
  825 +
811 826 while (fail_count < 3) {
812 827 Print(L"Confirm MOK passphrase: ");
813 828 get_line(&length, password, PASSWORD_MAX, 0);
@@ -857,6 +872,8 @@ static INTN mok_pw_prompt (void *MokPW, void *data2, void *data3) {
857 872 return -1;
858 873 }
859 874
  875 + LibDeleteVariable(L"MokPW", &shim_lock_guid);
  876 +
860 877 Print(L"Press a key to reboot system\n");
861 878 Pause();
862 879 uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,

0 comments on commit 0e3ff89

Please sign in to comment.
Something went wrong with that request. Please try again.