From patchwork Tue May 16 08:30:48 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Hu X-Patchwork-Id: 762831 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id 3wRrJ60N7Zz9s85; Tue, 16 May 2017 18:31:02 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from ) id 1dAXsi-00027T-Pr; Tue, 16 May 2017 08:31:00 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1dAXsd-000276-5G for fwts-devel@lists.ubuntu.com; Tue, 16 May 2017 08:30:55 +0000 Received: from [175.41.48.77] (helo=canonical.com) by youngberry.canonical.com with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1dAXsc-0005FT-D6; Tue, 16 May 2017 08:30:54 +0000 From: Ivan Hu To: fwts-devel@lists.ubuntu.com Subject: [PATCH 1/2] uefi: securebootcert: warnings for secure boot variables not exist instead of failures Date: Tue, 16 May 2017 16:30:48 +0800 Message-Id: <1494923449-19709-1-git-send-email-ivan.hu@canonical.com> X-Mailer: git-send-email 2.7.4 X-BeenThere: fwts-devel@lists.ubuntu.com X-Mailman-Version: 2.1.14 Precedence: list List-Id: Firmware Test Suite Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: fwts-devel-bounces@lists.ubuntu.com Sender: fwts-devel-bounces@lists.ubuntu.com Some firmwares like OVMF or EDKII may not create these UEFI variables when they are not enabled the secure boot, it won't affect any functions because the secure boot is not supported or enabled. So set the tests as warnings instead of failures for the readiness of secure boot. Signed-off-by: Ivan Hu Acked-by: Colin Ian King Acked-by: Alex Hung --- src/uefi/securebootcert/securebootcert.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/uefi/securebootcert/securebootcert.c b/src/uefi/securebootcert/securebootcert.c index 38f2405..b836855 100644 --- a/src/uefi/securebootcert/securebootcert.c +++ b/src/uefi/securebootcert/securebootcert.c @@ -456,11 +456,9 @@ static int securebootcert_test1(fwts_framework *fw) /* check all the secure boot variables be found */ if (!(var_found & VAR_SECUREBOOT_FOUND)) - fwts_failed(fw, LOG_LEVEL_HIGH, "SecureBootCertVariableNotFound", - "The secure boot variable SecureBoot not found."); + fwts_warning(fw, "The secure boot variable SecureBoot not found."); if (!(var_found & VAR_SETUPMODE_FOUND)) - fwts_failed(fw, LOG_LEVEL_HIGH, "SecureBootCertVariableNotFound", - "The secure boot variable SetupMode not found."); + fwts_warning(fw, "The secure boot variable SetupMode not found."); if (!(var_found & VAR_AUDITMODE_FOUND)) { fwts_warning(fw, "The secure boot variable AuditMode not found."); fwts_advice(fw,