shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2025-01-03 05:18:24 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2615 from nikita-dubrovskii/handle_errors

Browse Source
This commit is contained in:
Jonathan Lebon 2022-05-25 13:38:23 -04:00 committed by GitHub
commit 9aca8816c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/libostree/ostree-bootloader-zipl.c
View File

@ -110,12 +110,21 @@ _ostree_bootloader_zipl_write_config (OstreeBootloader *bootloader,
return TRUE; return TRUE;
} }
static gboolean _ostree_secure_execution_is_enabled (GCancellable *cancellable) { static gboolean _ostree_secure_execution_is_enabled (gboolean *out_enabled,
gsize len = 0; GCancellable *cancellable,
g_autofree char *data = glnx_file_get_contents_utf8_at (-1, SECURE_EXECUTION_SYSFS_FLAG, &len, cancellable, NULL); GError **error)
{
*out_enabled = FALSE;
glnx_autofd int fd = -1;
if (!ot_openat_ignore_enoent (AT_FDCWD, SECURE_EXECUTION_SYSFS_FLAG, &fd, error))
return FALSE;
if (fd == -1)
return TRUE; //ENOENT --> SecureExecution is disabled
g_autofree char *data = glnx_fd_readall_utf8 (fd, NULL, cancellable, error);
if (!data) if (!data)
return FALSE; return FALSE;
return strstr (data, "1") != NULL; *out_enabled = strstr (data, "1") != NULL;
return TRUE;
} }
static gboolean static gboolean
@ -338,13 +347,16 @@ _ostree_bootloader_zipl_post_bls_sync (OstreeBootloader *bootloader,
return TRUE; return TRUE;
/* Try with Secure Execution */ /* Try with Secure Execution */
if ( _ostree_secure_execution_is_enabled (cancellable) ) gboolean se_enabled = FALSE;
if ( !_ostree_secure_execution_is_enabled (&se_enabled, cancellable, error))
return FALSE;
if (se_enabled)
{ {
g_autoptr(GPtrArray) keys = NULL; g_autoptr(GPtrArray) keys = NULL;
if (!_ostree_secure_execution_get_keys (&keys, cancellable, error)) if (!_ostree_secure_execution_get_keys (&keys, cancellable, error))
return FALSE; return FALSE;
if (!keys || keys->len == 0) if (!keys || keys->len == 0)
return glnx_throw (error, "s390x SE: no keys"); return glnx_throw (error, "s390x SE: no keys");
return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error); return _ostree_secure_execution_enable (self, bootversion, keys, cancellable, error);
} }
/* Fallback to non-SE setup */ /* Fallback to non-SE setup */