File shim-reboot-after-changes.patch of Package shim
From 10f0f58b03b3bcc56797744f25be15b226b51a50 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Mon, 10 Dec 2012 17:54:05 +0800
Subject: [PATCH 1/2] Clear the screen before erasing keys
---
MokManager.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/MokManager.c b/MokManager.c
index 5802d27..c6f84d8 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -675,6 +675,7 @@ static INTN mok_deletion_prompt (void *MokNew, void *data2, void *data3) {
UINT32 length;
EFI_STATUS efi_status;
+ uefi_call_wrapper(ST->ConOut->ClearScreen, 1, ST->ConOut);
Print(L"Erase all stored keys? (y/N): ");
get_line (&length, line, 1, 1);
--
1.7.10.4
From 510dafda53cd56210d7ff634b1c630d3645150f0 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Mon, 10 Dec 2012 18:24:45 +0800
Subject: [PATCH 2/2] Reboot the system after enrolling/erasing keys
---
MokManager.c | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/MokManager.c b/MokManager.c
index c6f84d8..7d6650e 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -637,6 +637,7 @@ static EFI_STATUS store_keys (void *MokNew, UINTN MokNewSize, int authenticate)
}
static UINTN mok_enrollment_prompt (void *MokNew, UINTN MokNewSize, int auth) {
+ EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
CHAR16 line[1];
UINT32 length;
EFI_STATUS efi_status;
@@ -657,6 +658,19 @@ static UINTN mok_enrollment_prompt (void *MokNew, UINTN MokNewSize, int auth) {
Print(L"Failed to enroll keys\n");
return -1;
}
+
+ if (auth) {
+ LibDeleteVariable(L"MokNew", &shim_lock_guid);
+ LibDeleteVariable(L"MokAuth", &shim_lock_guid);
+
+ Print(L"\nPress a key to reboot system\n");
+ Pause();
+ uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
+ EFI_SUCCESS, 0, NULL);
+ Print(L"Failed to reboot\n");
+ return -1;
+ }
+
return 0;
}
} while (line[0] != 'N' && line[0] != 'n');
@@ -671,6 +685,7 @@ static INTN mok_enrollment_prompt_callback (void *MokNew, void *data2,
}
static INTN mok_deletion_prompt (void *MokNew, void *data2, void *data3) {
+ EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
CHAR16 line[1];
UINT32 length;
EFI_STATUS efi_status;
@@ -687,6 +702,16 @@ static INTN mok_deletion_prompt (void *MokNew, void *data2, void *data3) {
Print(L"Failed to erase keys\n");
return -1;
}
+
+ LibDeleteVariable(L"MokNew", &shim_lock_guid);
+ LibDeleteVariable(L"MokAuth", &shim_lock_guid);
+
+ Print(L"\nPress a key to reboot system\n");
+ Pause();
+ uefi_call_wrapper(RT->ResetSystem, 4, EfiResetWarm,
+ EFI_SUCCESS, 0, NULL);
+ Print(L"Failed to reboot\n");
+ return -1;
}
return 0;
--
1.7.10.4