shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-02-14 05:57:40 +03:00
Code

systemd-boot: Allow key enroll in AuditMode

Browse Source 
Since AuditMode automatically switches SetupMode on, it should be
authorized to enroll SecureBoot keys.

Signed-off-by: Nicolas Bouchinet <nicolas.bouchinet@ssi.gouv.fr>
This commit is contained in:
Nicolas Bouchinet 2024-05-03 11:42:09 +02:00 committed by Lennart Poettering
parent e4cea965d3
commit a23a59b324
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/boot/efi/boot.c
View File

@ -2480,7 +2480,7 @@ static EFI_STATUS secure_boot_discover_keys(Config *config, EFI_FILE *root_dir)
EFI_STATUS err;
_cleanup_(file_closep) EFI_FILE *keys_basedir = NULL;
if (secure_boot_mode() != SECURE_BOOT_SETUP)
if (!IN_SET(secure_boot_mode(), SECURE_BOOT_SETUP, SECURE_BOOT_AUDIT))
return EFI_SUCCESS;
/* the lack of a 'keys' directory is not fatal and is silently ignored */