ShimReplace.c - pub/scm/linux/kernel/git/jejb/efitools - Git at Google

 /*
  * Copyright 2016 <James.Bottomley@HansenPartnership.com>
  *
  * see COPYING file
  *
  * Replacement for shim.efi which is signed by your own key
  * and installs the shim protocol verifier for grub to use
  * so the secure boot chain is unbroken
  */

 #include <efi.h>
 #include <efilib.h>

 #include <console.h>
 #include <guid.h>
 #include <efiauthenticated.h>
 #include <execute.h>
 #include <shim_protocol.h>
 #include <pkcs7verify.h>

 static const CHAR16 *loader = L"\\grub.efi";
 static const CHAR16 *fallback = L"\\fallback.efi";

 EFI_STATUS
 efi_main (EFI_HANDLE image, EFI_SYSTEM_TABLE *systab)
 {
 	EFI_STATUS efi_status;
 	EFI_PKCS7_VERIFY_PROTOCOL *p7vp;
 	CHAR16 *error;
 	void *ptr;

 	InitializeLib(image, systab);

 	efi_status = pkcs7verify_get_protocol(image, &p7vp, &error);

 	if (efi_status != EFI_SUCCESS) {
 		console_error(error, efi_status);
 		return efi_status;
 	}

 	efi_status = shim_protocol_install(p7vp);
 	if (efi_status != EFI_SUCCESS)
 		console_error(L"Failed to install shim protocol", efi_status);


 	efi_status = BS->LocateProtocol(&MOK_OWNER,
 				    NULL, &ptr);
 	if (efi_status != EFI_SUCCESS)
 		console_error(L"Failed to locate shim protocol", efi_status);

 	efi_status = execute(image, loader);
 	if (efi_status == EFI_SUCCESS)
 		return efi_status;

 	console_error(L"Failed to start primary loader", efi_status);

 	efi_status = execute(image, fallback);

 	if (efi_status != EFI_SUCCESS)
 		console_error(L"Failed to start fallback loader", efi_status);

 	return efi_status;
 }
	/*
	* Copyright 2016 <James.Bottomley@HansenPartnership.com>
	*
	* see COPYING file
	*
	* Replacement for shim.efi which is signed by your own key
	* and installs the shim protocol verifier for grub to use
	* so the secure boot chain is unbroken
	*/

	#include <efi.h>
	#include <efilib.h>

	#include <console.h>
	#include <guid.h>
	#include <efiauthenticated.h>
	#include <execute.h>
	#include <shim_protocol.h>
	#include <pkcs7verify.h>

	static const CHAR16 *loader = L"\\grub.efi";
	static const CHAR16 *fallback = L"\\fallback.efi";

	EFI_STATUS
	efi_main (EFI_HANDLE image, EFI_SYSTEM_TABLE *systab)
	{
	EFI_STATUS efi_status;
	EFI_PKCS7_VERIFY_PROTOCOL *p7vp;
	CHAR16 *error;
	void *ptr;

	InitializeLib(image, systab);

	efi_status = pkcs7verify_get_protocol(image, &p7vp, &error);

	if (efi_status != EFI_SUCCESS) {
	console_error(error, efi_status);
	return efi_status;
	}

	efi_status = shim_protocol_install(p7vp);
	if (efi_status != EFI_SUCCESS)
	console_error(L"Failed to install shim protocol", efi_status);


	efi_status = BS->LocateProtocol(&MOK_OWNER,
	NULL, &ptr);
	if (efi_status != EFI_SUCCESS)
	console_error(L"Failed to locate shim protocol", efi_status);

	efi_status = execute(image, loader);
	if (efi_status == EFI_SUCCESS)
	return efi_status;

	console_error(L"Failed to start primary loader", efi_status);

	efi_status = execute(image, fallback);

	if (efi_status != EFI_SUCCESS)
	console_error(L"Failed to start fallback loader", efi_status);

	return efi_status;
	}