[PATCH] efi_loader: capsule: add a debug message in case of no key

AKASHI Takahiro takahiro.akashi at linaro.org
Mon May 10 10:19:31 CEST 2021


It will probably be a common error case that a certificate (public key)
is not provided by the system while capsule authentication is enabled.
So add a debug message.

Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org>
---
 lib/efi_loader/efi_capsule.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c
index 90893f85e22c..84ddaf50d13f 100644
--- a/lib/efi_loader/efi_capsule.c
+++ b/lib/efi_loader/efi_capsule.c
@@ -316,8 +316,10 @@ efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_s
 	}
 
 	ret = efi_get_public_key_data(&fdt_pkey, &pkey_len);
-	if (ret < 0)
+	if (ret < 0) {
+		debug("Public key/certificate not found\n");
 		goto out;
+	}
 
 	pkey = malloc(pkey_len);
 	if (!pkey)
-- 
2.31.0



More information about the U-Boot mailing list