[PATCH v3 RESEND] efi: Do not import certificates from UEFI Secure Boot for T2 Macs
Aditya Garg
gargaditya08 at live.com
Tue Apr 12 15:40:57 UTC 2022
> dmi_first_match() is called here at the beginning of load_uefi_certs().
> Only if it succeeds would uefi_check_ignore_db(), get_cert_list(),
> uefi_check_ignore_db(), or
> load_moklist_certs() be called. Is there a need for adding a call to
> dmi_first_match() in any of these other functions?
I’ll test this out.
>
> thanks,
>
> Mimi
>
>>>
>>> Like in all the other cases, there should be some sort of message. At
>>> minimum, there should be a pr_info().
>>>
>>>>
>>>> if (!efi_rt_services_supported(EFI_RT_SUPPORTED_GET_VARIABLE))
>>>> return false;
>>>
>
>
More information about the Linux-security-module-archive
mailing list