1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
From ef641e4f7e5488238e5098c9955486ad6d55e94e Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Fri, 11 Apr 2025 16:11:48 +0100
Subject: [PATCH] Fix PK and KEK enumeration failure on some systems
Fixes https://github.com/fwupd/fwupd/issues/8677
---
libfwupdplugin/fu-efi-x509-device.c | 23 +++++++++++------------
plugins/uefi-pk/fu-uefi-pk-device.c | 20 +++++++++-----------
2 files changed, 20 insertions(+), 23 deletions(-)
diff --git a/libfwupdplugin/fu-efi-x509-device.c b/libfwupdplugin/fu-efi-x509-device.c
index bc5fccf8e..83b523254 100644
--- a/libfwupdplugin/fu-efi-x509-device.c
+++ b/libfwupdplugin/fu-efi-x509-device.c
@@ -30,6 +30,8 @@ fu_efi_x509_device_probe(FuDevice *device, GError **error)
{
FuEfiX509Device *self = FU_EFI_X509_DEVICE(device);
FuEfiX509DevicePrivate *priv = GET_PRIVATE(self);
+ const gchar *subject_name;
+ const gchar *subject_vendor;
/* sanity check */
if (priv->sig == NULL) {
@@ -37,22 +39,19 @@ fu_efi_x509_device_probe(FuDevice *device, GError **error)
return FALSE;
}
- /* these have to exist */
- fu_device_add_instance_strsafe(device,
- "VENDOR",
- fu_efi_x509_signature_get_subject_vendor(priv->sig));
- fu_device_add_instance_strsafe(device,
- "NAME",
- fu_efi_x509_signature_get_subject_name(priv->sig));
- if (!fu_device_build_instance_id(device, error, "UEFI", "VENDOR", "NAME", NULL))
- return FALSE;
- fu_device_set_name(device, fu_efi_x509_signature_get_subject_name(priv->sig));
- fu_device_set_vendor(device, fu_efi_x509_signature_get_subject_vendor(priv->sig));
+ /* the O= key may not exist */
+ subject_name = fu_efi_x509_signature_get_subject_name(priv->sig);
+ subject_vendor = fu_efi_x509_signature_get_subject_vendor(priv->sig);
+ fu_device_add_instance_strsafe(device, "VENDOR", subject_vendor);
+ fu_device_add_instance_strsafe(device, "NAME", subject_name);
+ fu_device_build_instance_id(device, NULL, "UEFI", "VENDOR", "NAME", NULL);
+ fu_device_set_name(device, subject_name != NULL ? subject_name : "Unknown");
+ fu_device_set_vendor(device, subject_vendor != NULL ? subject_vendor : "Unknown");
fu_device_set_version_raw(device, fu_firmware_get_version_raw(FU_FIRMWARE(priv->sig)));
fu_device_set_logical_id(device, fu_firmware_get_id(FU_FIRMWARE(priv->sig)));
fu_device_build_vendor_id(device,
"UEFI",
- fu_efi_x509_signature_get_subject_vendor(priv->sig));
+ subject_vendor != NULL ? subject_vendor : "UNKNOWN");
/* success */
fu_device_add_instance_strup(device, "CRT", fu_firmware_get_id(FU_FIRMWARE(priv->sig)));
diff --git a/plugins/uefi-pk/fu-uefi-pk-device.c b/plugins/uefi-pk/fu-uefi-pk-device.c
index c6ec116d2..c0b829927 100644
--- a/plugins/uefi-pk/fu-uefi-pk-device.c
+++ b/plugins/uefi-pk/fu-uefi-pk-device.c
@@ -48,6 +48,9 @@ fu_uefi_pk_device_check(FuUefiPkDevice *self, const gchar *str, GError **error)
static gboolean
fu_uefi_pk_device_parse_certificate(FuUefiPkDevice *self, FuEfiX509Signature *sig, GError **error)
{
+ const gchar *subject_name = fu_efi_x509_signature_get_subject_name(sig);
+ const gchar *subject_vendor = fu_efi_x509_signature_get_subject_vendor(sig);
+
/* look in issuer and subject */
if (fu_efi_x509_signature_get_issuer(sig) != NULL) {
if (!fu_uefi_pk_device_check(self, fu_efi_x509_signature_get_issuer(sig), error))
@@ -58,17 +61,12 @@ fu_uefi_pk_device_parse_certificate(FuUefiPkDevice *self, FuEfiX509Signature *si
return FALSE;
}
- /* these have to exist */
- fu_device_add_instance_strsafe(FU_DEVICE(self),
- "VENDOR",
- fu_efi_x509_signature_get_subject_vendor(sig));
- fu_device_add_instance_strsafe(FU_DEVICE(self),
- "NAME",
- fu_efi_x509_signature_get_subject_name(sig));
- if (!fu_device_build_instance_id(FU_DEVICE(self), error, "UEFI", "VENDOR", "NAME", NULL))
- return FALSE;
- fu_device_set_name(FU_DEVICE(self), fu_efi_x509_signature_get_subject_name(sig));
- fu_device_set_vendor(FU_DEVICE(self), fu_efi_x509_signature_get_subject_vendor(sig));
+ /* the O= key may not exist */
+ fu_device_add_instance_strsafe(FU_DEVICE(self), "VENDOR", subject_vendor);
+ fu_device_add_instance_strsafe(FU_DEVICE(self), "NAME", subject_name);
+ fu_device_build_instance_id(FU_DEVICE(self), NULL, "UEFI", "VENDOR", "NAME", NULL);
+ fu_device_set_name(FU_DEVICE(self), subject_name != NULL ? subject_name : "Unknown");
+ fu_device_set_vendor(FU_DEVICE(self), subject_vendor != NULL ? subject_vendor : "Unknown");
fu_device_set_version_raw(FU_DEVICE(self), fu_firmware_get_version_raw(FU_FIRMWARE(sig)));
/* success, certificate was parsed correctly */
--
2.43.0
|
