Changeset 98964 in vbox for trunk/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp

Timestamp:

Mar 14, 2023 2:40:37 PM (21 months ago)

Author:

vboxsync

Message:

Main/UefiVariableStore: Add API to add signatures to the MOK list (Machine Owner Key) in order to deploy signatures for the guest additions, bugref:10287

File:

• trunk/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp (modified) (1 diff)

trunk/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp

@@ -556 +556 @@
 
 
+HRESULT UefiVariableStore::addSignatureToMok(const std::vector<BYTE> &aData, const com::Guid &aOwnerUuid, SignatureType_T enmSignatureType)
+{
+    /* the machine needs to be mutable */
+    AutoMutableStateDependency adep(m->pMachine);
+    if (FAILED(adep.hrc())) return adep.hrc();
+
+    HRESULT hrc = i_retainUefiVariableStore(false /*fReadonly*/);
+    if (FAILED(hrc)) return hrc;
+
+    AutoWriteLock wlock(this COMMA_LOCKVAL_SRC_POS);
+
+    EFI_GUID GuidMokList = EFI_IMAGE_MOK_DATABASE_GUID;
+    hrc = i_uefiVarStoreAddSignatureToDbVec(&GuidMokList, "MokList", aData, aOwnerUuid, enmSignatureType);
+
+    i_releaseUefiVariableStore();
+    return hrc;
+}
+
+
+
+
 /**
  * Sets the given attributes for the given EFI variable store variable.