Unlock efi #1526
Unlock efi #1526
Conversation
|
efitools: case1
case2
|
|
please let me know if anything is unclear. I'd like to get this in - needs to be also integrated in scarthgap |
| @@ -43,10 +43,15 @@ python do_prepare_local_auths() { | |||
| dir = d.expand('${UEFI_SIGN_KEYDIR}/') | |||
|
|
|||
| import shutil | |||
| import os | |||
There was a problem hiding this comment.
typos in the commit message
There was a problem hiding this comment.
hi daiane, which commit?
There was a problem hiding this comment.
maybe my github displayed an old version when I commented. It's fixed now
There was a problem hiding this comment.
no no, I just fixed it after your review - I forced pushed the branch
| " | ||
|
|
||
| # UnLock needs the user keys |
There was a problem hiding this comment.
I would add a little bit more on the commit log as it looks like to me that the patch does more that only build the keys
And I'm not sure I understand what "build a key" is
Do we need to verify if the key files exists?
There was a problem hiding this comment.
the tool (unlock.efi) requires that the user provides the UEFI keys in order for the tool to be built - because the keys are later on embedded/compiled_in in the coff image.
the second commit checks if the all the keys have been provided
I'll rephrase :)
The UEFI key revocation tool requires the user to provide the keys that need to be revoked. If the keys are not provided, the userspace tools built by this recipe will still be deployed. Signed-off-by: Jorge Ramirez-Ortiz <[email protected]>
Instead of raising a Python exception, we can verify that all required keys are present and provide a helpful error message if any are missing. Signed-off-by: Jorge Ramirez-Ortiz <[email protected]> Signed-off-by: Jose Quaresma <[email protected]>
|
@angolini please let me know if this is enough and thanks for reviewing |
No description provided.