ACK: [PATCH 1/2] uefi: securebootcert: warnings for secure boot variables not exist instead of failures
Colin Ian King
colin.king at canonical.com
Tue May 16 08:35:03 UTC 2017
On 16/05/17 09:30, Ivan Hu wrote:
> Some firmwares like OVMF or EDKII may not create these UEFI variables when
> they are not enabled the secure boot, it won't affect any functions because the
> secure boot is not supported or enabled. So set the tests as warnings instead
> of failures for the readiness of secure boot.
>
> Signed-off-by: Ivan Hu <ivan.hu at canonical.com>
> ---
> src/uefi/securebootcert/securebootcert.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/src/uefi/securebootcert/securebootcert.c b/src/uefi/securebootcert/securebootcert.c
> index 38f2405..b836855 100644
> --- a/src/uefi/securebootcert/securebootcert.c
> +++ b/src/uefi/securebootcert/securebootcert.c
> @@ -456,11 +456,9 @@ static int securebootcert_test1(fwts_framework *fw)
>
> /* check all the secure boot variables be found */
> if (!(var_found & VAR_SECUREBOOT_FOUND))
> - fwts_failed(fw, LOG_LEVEL_HIGH, "SecureBootCertVariableNotFound",
> - "The secure boot variable SecureBoot not found.");
> + fwts_warning(fw, "The secure boot variable SecureBoot not found.");
> if (!(var_found & VAR_SETUPMODE_FOUND))
> - fwts_failed(fw, LOG_LEVEL_HIGH, "SecureBootCertVariableNotFound",
> - "The secure boot variable SetupMode not found.");
> + fwts_warning(fw, "The secure boot variable SetupMode not found.");
> if (!(var_found & VAR_AUDITMODE_FOUND)) {
> fwts_warning(fw, "The secure boot variable AuditMode not found.");
> fwts_advice(fw,
>
Thanks Ivan
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the fwts-devel
mailing list