verify_pcr_export: bump kenv_mvallen if needed
The loader.ve.hashed list can easily exceed KENV_MVALLEN. If so, bump kenv_mvallen to a multiple of KENV_MVALLEN to accommodate the value. Reviewed by: stevek MFC after: 1 week
This commit is contained in:
parent
d33a155527
commit
c88c40a35e
@ -31,6 +31,7 @@ __FBSDID("$FreeBSD$");
|
||||
#include <sys/param.h>
|
||||
#include <string.h>
|
||||
#include <sys/queue.h>
|
||||
#include <sys/kenv.h>
|
||||
|
||||
#include "libsecureboot.h"
|
||||
#include <verify_file.h>
|
||||
@ -532,6 +533,19 @@ verify_pcr_export(void)
|
||||
DEBUG_PRINTF(1,
|
||||
("%s: setenv(loader.ve.hashed, %s\n",
|
||||
__func__, hinfo));
|
||||
if ((hlen = strlen(hinfo)) > KENV_MVALLEN) {
|
||||
/*
|
||||
* bump kenv_mvallen
|
||||
* roundup to multiple of KENV_MVALLEN
|
||||
*/
|
||||
char mvallen[16];
|
||||
|
||||
hlen += KENV_MVALLEN -
|
||||
(hlen % KENV_MVALLEN);
|
||||
if (snprintf(mvallen, sizeof(mvallen),
|
||||
"%d", (int) hlen) < sizeof(mvallen))
|
||||
setenv("kenv_mvallen", mvallen, 1);
|
||||
}
|
||||
free(hinfo);
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user