shim/shim-reboot-after-changes.patch

From 10f0f58b03b3bcc56797744f25be15b226b51a50 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Mon, 10 Dec 2012 17:54:05 +0800
Subject: [PATCH 1/2] Clear the screen before erasing keys

---
 MokManager.c |    1 +
 1 file changed, 1 insertion(+)

diff --git a/MokManager.c b/MokManager.c
index 5802d27..c6f84d8 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -675,6 +675,7 @@ static INTN mok_deletion_prompt (void *MokNew, void *data2, void *data3) {
 	UINT32 length;
 	EFI_STATUS efi_status;
 
+	uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
 	Print(L"Erase all stored keys? (y/N): ");
 
 	get_line (&length, line, 1, 1);
-- 
1.7.10.4


From 510dafda53cd56210d7ff634b1c630d3645150f0 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Mon, 10 Dec 2012 18:24:45 +0800
Subject: [PATCH 2/2] Reboot the system after enrolling/erasing keys

---
 MokManager.c |   25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/MokManager.c b/MokManager.c
index c6f84d8..7d6650e 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -637,6 +637,7 @@ static EFI_STATUS store_keys (void *MokNew, UINTN MokNewSize, int authenticate)
 }
 
 static UINTN mok_enrollment_prompt (void *MokNew, UINTN MokNewSize, int auth) {
+	EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
 	CHAR16 line[1];
 	UINT32 length;
 	EFI_STATUS efi_status;
@@ -657,6 +658,19 @@ static UINTN mok_enrollment_prompt (void *MokNew, UINTN MokNewSize, int auth) {
 				Print(L"Failed to enroll keys\n");
 				return -1;
 			}
+
+			if (auth) {
+				LibDeleteVariable(L"MokNew", &shim_lock_guid);
+				LibDeleteVariable(L"MokAuth", &shim_lock_guid);
+
+				Print(L"\nPress a key to reboot system\n");
+				Pause();
+				uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
+						  EFI_SUCCESS, 0, NULL);
+				Print(L"Failed to reboot\n");
+				return -1;
+			}
+
 			return 0;
 		}
 	} while (line[0] != 'N' && line[0] != 'n');
@@ -671,6 +685,7 @@ static INTN mok_enrollment_prompt_callback (void *MokNew, void *data2,
 }
 
 static INTN mok_deletion_prompt (void *MokNew, void *data2, void *data3) {
+	EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
 	CHAR16 line[1];
 	UINT32 length;
 	EFI_STATUS efi_status;
@@ -687,6 +702,16 @@ static INTN mok_deletion_prompt (void *MokNew, void *data2, void *data3) {
 			Print(L"Failed to erase keys\n");
 			return -1;
 		}
+
+		LibDeleteVariable(L"MokNew", &shim_lock_guid);
+		LibDeleteVariable(L"MokAuth", &shim_lock_guid);
+
+		Print(L"\nPress a key to reboot system\n");
+		Pause();
+		uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
+				  EFI_SUCCESS, 0, NULL);
+		Print(L"Failed to reboot\n");
+		return -1;
 	}
 
 	return 0;
-- 
1.7.10.4