From 3f236fd3e46049018a08194e0cfdf84aed1a0d70e326639fabcab2376d557249 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Wed, 22 Jan 2014 06:52:14 +0000 Subject: [PATCH] Accepting request 214658 from home:gary_lin:branches:Base:System Update mokutil-mokx-support.patch to fix the test-key request check OBS-URL: https://build.opensuse.org/request/show/214658 OBS-URL: https://build.opensuse.org/package/show/Base:System/mokutil?expand=0&rev=14 --- mokutil-mokx-support.patch | 123 ++++++++++++++++++++++++++----------- mokutil.changes | 6 ++ mokutil.spec | 2 +- 3 files changed, 94 insertions(+), 37 deletions(-) diff --git a/mokutil-mokx-support.patch b/mokutil-mokx-support.patch index f2a5ab3..e065db1 100644 --- a/mokutil-mokx-support.patch +++ b/mokutil-mokx-support.patch @@ -1,7 +1,7 @@ From 65c8d2eb32beda5e90af891de3e5bda41a8aa6f1 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Mon, 21 Oct 2013 17:49:33 +0800 -Subject: [PATCH 01/18] Update TODO +Subject: [PATCH 01/20] Update TODO --- TODO | 16 ++-------------- @@ -32,13 +32,13 @@ index 373e48d..465835a 100644 +* Support MokX +* Import hash into MokNew, NokDel, MokXNew -- -1.8.1.4 +1.8.4 From 012d82be0468e876a10691fbabab2ed11b7a4954 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 22 Oct 2013 14:24:13 +0800 -Subject: [PATCH 02/18] Show the hashes in the database +Subject: [PATCH 02/20] Show the hashes in the database --- src/efi.h | 2 +- @@ -252,13 +252,13 @@ index df88e98..02f0211 100644 + +#endif /* SIGNATURE_H */ -- -1.8.1.4 +1.8.4 From 77a215f86139b21fd55dca4d032b7269f62b51c1 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 22 Oct 2013 14:34:21 +0800 -Subject: [PATCH 03/18] Don't allocate the MOK list until there is a node +Subject: [PATCH 03/20] Don't allocate the MOK list until there is a node --- src/mokutil.c | 9 +-------- @@ -290,13 +290,13 @@ index 62690ef..ec476dd 100644 if ((efi_guidcmp (CertList->SignatureType, EfiCertX509Guid) != 0) && (efi_guidcmp (CertList->SignatureType, EfiHashSha1Guid) != 0) && -- -1.8.1.4 +1.8.4 From befae0e92ea24e35208b07786857d195ce8aa086 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 22 Oct 2013 14:40:58 +0800 -Subject: [PATCH 04/18] Skip hashes while exporting MokListRT +Subject: [PATCH 04/20] Skip hashes while exporting MokListRT --- src/mokutil.c | 4 ++++ @@ -318,13 +318,13 @@ index ec476dd..04f7655 100644 fd = open (filename, O_CREAT | O_WRONLY, mode); if (fd == -1) { -- -1.8.1.4 +1.8.4 From 9cfc5f93e15e05dabf46a86e4f8e899e32443176 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 22 Oct 2013 16:05:33 +0800 -Subject: [PATCH 05/18] Match the hashes in the database +Subject: [PATCH 05/20] Match the hashes in the database --- src/mokutil.c | 162 +++++++++++++++++++++++++++++++++++++++------------------- @@ -571,13 +571,13 @@ index 04f7655..fa5d668 100644 ret = 0; } else { -- -1.8.1.4 +1.8.4 From 9ec6f6836a386d527cf62d6583c3ea5e394f62a5 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 22 Oct 2013 18:01:11 +0800 -Subject: [PATCH 06/18] Support MOK blacklist +Subject: [PATCH 06/20] Support MOK blacklist --- src/mokutil.c | 223 ++++++++++++++++++++++++++++++++++++++++++++++++++-------- @@ -1003,13 +1003,13 @@ index fa5d668..f10e6e8 100644 print_help (); break; -- -1.8.1.4 +1.8.4 From 73c2a558b6fa9fb42526d4d2ac5c7db40d402c8f Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Wed, 23 Oct 2013 10:41:58 +0800 -Subject: [PATCH 07/18] Fix the memory leakage +Subject: [PATCH 07/20] Fix the memory leakage --- src/mokutil.c | 12 ++++++++++++ @@ -1050,13 +1050,13 @@ index f10e6e8..bcc12ca 100644 if (key_file == NULL) { fprintf (stderr, "Could not allocate space: %m\n"); -- -1.8.1.4 +1.8.4 From 62162fc5a5c33c987e4b8106a9e98c3abf8288ae Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Wed, 23 Oct 2013 17:29:53 +0800 -Subject: [PATCH 08/18] Support import and delete a hash +Subject: [PATCH 08/20] Support import and delete a hash --- src/mokutil.c | 424 ++++++++++++++++++++++++++++++++++++++++++++-------------- @@ -1692,13 +1692,13 @@ index bcc12ca..b8edf74 100644 return ret; } -- -1.8.1.4 +1.8.4 From e852519aad00c669716c76db8908b89c6b5583e1 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Wed, 23 Oct 2013 17:42:05 +0800 -Subject: [PATCH 09/18] Reorganize issue_*_request +Subject: [PATCH 09/20] Reorganize issue_*_request --- src/mokutil.c | 75 +++++++++++++++++++---------------------------------------- @@ -1849,13 +1849,13 @@ index b8edf74..862cfbf 100644 if (old_req.Data) { memcpy (new_list + sig_list_size, old_req.Data, old_req.DataSize); -- -1.8.1.4 +1.8.4 From 8603b648095d847fbed56b956b0b5aeaa62f091a Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Wed, 23 Oct 2013 18:29:09 +0800 -Subject: [PATCH 10/18] Merge the hash into an existed signature list +Subject: [PATCH 10/20] Merge the hash into an existed signature list --- src/mokutil.c | 87 +++++++++++++++++++++++++++++++++++++++++++++++------------ @@ -1996,13 +1996,13 @@ index 862cfbf..f87ae7a 100644 free (new_list); -- -1.8.1.4 +1.8.4 From d933eba21ebad708d85ff23a715a14a7d67f51a9 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Thu, 24 Oct 2013 17:54:18 +0800 -Subject: [PATCH 11/18] Initialize the request variable to avoid the potential +Subject: [PATCH 11/20] Initialize the request variable to avoid the potential crash --- @@ -2032,13 +2032,13 @@ index f87ae7a..880c38f 100644 old_req.VendorGuid = SHIM_LOCK_GUID; if (read_variable (&old_req) == EFI_SUCCESS) { -- -1.8.1.4 +1.8.4 From 6c9d5519172ca5f87a08d1a46105c2a68b9f4db7 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Fri, 25 Oct 2013 18:29:07 +0800 -Subject: [PATCH 12/18] Make test-key and reset support MOK blacklist +Subject: [PATCH 12/20] Make test-key and reset support MOK blacklist --- src/mokutil.c | 22 +++++++++++++++------- @@ -2117,13 +2117,13 @@ index 880c38f..8ff4b41 100644 print_help (); break; -- -1.8.1.4 +1.8.4 From 0fdc023cf98addb23ae511b91c963619ec1e8e2d Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Wed, 30 Oct 2013 10:29:25 +0800 -Subject: [PATCH 13/18] Set the verbosity for shim and MokManager +Subject: [PATCH 13/20] Set the verbosity for shim and MokManager --- src/mokutil.c | 40 ++++++++++++++++++++++++++++++++++++++++ @@ -2223,13 +2223,13 @@ index 8ff4b41..cd3b622 100644 print_help (); break; -- -1.8.1.4 +1.8.4 From 96dfa331c2067c3a44d6086ec86e6abb87f3c30f Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 26 Nov 2013 12:36:12 +0800 -Subject: [PATCH 14/18] Update the help and manpage +Subject: [PATCH 14/20] Update the help and manpage --- man/mokutil.1 | 30 +++++++++++++++++++++++++++--- @@ -2321,13 +2321,13 @@ index cd3b622..a1f1213 100644 printf ("\n"); printf ("Supplimentary Options:\n"); -- -1.8.1.4 +1.8.4 From e2ea0acb875247d70626545d5f3837f2a422af2f Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 26 Nov 2013 12:40:57 +0800 -Subject: [PATCH 15/18] Make the help less verbose +Subject: [PATCH 15/20] Make the help less verbose It's all in the manpage anyway. --- @@ -2363,13 +2363,13 @@ index a1f1213..628df7d 100644 static int -- -1.8.1.4 +1.8.4 From 72dd17981660747bc84b7ce643451110529ece38 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 26 Nov 2013 16:26:16 +0800 -Subject: [PATCH 16/18] New options to list the firmware keys +Subject: [PATCH 16/20] New options to list the firmware keys --- man/mokutil.1 | 20 +++++++++++++ @@ -2594,13 +2594,13 @@ index 628df7d..6f5aec4 100644 case IMPORT | MOKX: case IMPORT | SIMPLE_HASH | MOKX: -- -1.8.1.4 +1.8.4 From 9820c083e2a9b605a59aae7bdf56992f63abf7b8 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 26 Nov 2013 16:49:14 +0800 -Subject: [PATCH 17/18] Add more short options +Subject: [PATCH 17/20] Add more short options --- man/mokutil.1 | 54 +++++++++++++++++++++++++++++------------------------- @@ -2837,13 +2837,13 @@ index 6f5aec4..6fe8ae2 100644 case '?': command |= HELP; -- -1.8.1.4 +1.8.4 From 0ff8112146c355c1bc4eec57cdeb0aed4cc4065c Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Tue, 26 Nov 2013 18:13:20 +0800 -Subject: [PATCH 18/18] Catch the error from strdup() +Subject: [PATCH 18/20] Catch the error from strdup() --- src/mokutil.c | 23 ++++++++++++++++++++++- @@ -2913,5 +2913,56 @@ index 6fe8ae2..27b9585 100644 command |= GENERATE_PW_HASH; break; -- -1.8.1.4 +1.8.4 + + +From f77d5e52b0318dbf8f92b2bd89aab0a3d5d77078 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Wed, 22 Jan 2014 13:46:24 +0800 +Subject: [PATCH 19/20] Fix the test-key request check + +--- + src/mokutil.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/mokutil.c b/src/mokutil.c +index 27b9585..dbec25b 100644 +--- a/src/mokutil.c ++++ b/src/mokutil.c +@@ -1776,7 +1776,7 @@ test_key (MokRequest req, const char *key_file) + goto error; + } + +- if (!is_valid_request (EfiCertX509Guid, key, read_size, req)) { ++ if (is_valid_request (EfiCertX509Guid, key, read_size, req)) { + printf ("%s is not enrolled\n", key_file); + ret = 0; + } else { +-- +1.8.4 + + +From d921883b2f8ce4e9e9304af5d9b44aac1e701e51 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Wed, 22 Jan 2014 13:51:36 +0800 +Subject: [PATCH 20/20] Update manpage for --test-key + +--- + man/mokutil.1 | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/man/mokutil.1 b/man/mokutil.1 +index 02b346f..ca9380d 100644 +--- a/man/mokutil.1 ++++ b/man/mokutil.1 +@@ -43,6 +43,7 @@ mokutil \- utility to manipulate machine owner keys + \fBmokutil\fR [--sb-state] + .br + \fBmokutil\fR [--test-key \fIkeyfile\fR | -t \fIkeyfile\fR] ++ ([--mokx | -X]) + .br + \fBmokutil\fR [--reset] + ([--hash-file \fIhashfile\fR | -f \fIhashfile\fR] | [--root-pw | -P] | +-- +1.8.4 diff --git a/mokutil.changes b/mokutil.changes index fdc2436..5d71638 100644 --- a/mokutil.changes +++ b/mokutil.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jan 22 05:55:45 UTC 2014 - glin@suse.com + +- Update mokutil-mokx-support.patch to fix the test-key request + check + ------------------------------------------------------------------- Thu Dec 5 02:11:40 UTC 2013 - glin@suse.com diff --git a/mokutil.spec b/mokutil.spec index 6eec95d..2129340 100644 --- a/mokutil.spec +++ b/mokutil.spec @@ -1,7 +1,7 @@ # # spec file for package mokutil # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed