函数源码

Linux Kernel

v5.5.9

Brick Technologies Co., Ltd

Source File:security\integrity\platform_certs\load_uefi.c Create Date:2022-07-27 21:55:00
首页 Copyright©Brick

31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#endif
 
/*
 * Look to see if a UEFI variable called MokIgnoreDB exists and return true if
 * it does.
 *
 * This UEFI variable is set by the shim if a user tells the shim to not use
 * the certs/hashes in the UEFI db variable for verification purposes.  If it
 * is set, we should ignore the db variable also and the true return indicates
 * this.
 */
static __init bool uefi_check_ignore_db(void)
{
    efi_status_t status;
    unsigned int db = 0;
    unsigned long size = sizeof(db);
    efi_guid_t guid = EFI_SHIM_LOCK_GUID;
 
    status = efi.get_variable(L"MokIgnoreDB", &guid, NULL, &size, &db);
    return status == EFI_SUCCESS;
}