Configuring a system with CONFIG_EFI_CAPSULE_AUTHENTICATE=y but without a method to retrieve the public key data is a misconfiguration. We should get a build failure for it. Therefore remove the weak efi_get_public_key_data() implementation.

Signed-off-by: Heinrich Schuchardt xypron.glpk@gmx.de --- lib/efi_loader/efi_capsule.c | 10 ---------- 1 file changed, 10 deletions(-)

diff --git a/lib/efi_loader/efi_capsule.c b/lib/efi_loader/efi_capsule.c index 6ee883d5b1..9ead0d2c78 100644 --- a/lib/efi_loader/efi_capsule.c +++ b/lib/efi_loader/efi_capsule.c @@ -208,16 +208,6 @@ skip: const efi_guid_t efi_guid_capsule_root_cert_guid = EFI_FIRMWARE_MANAGEMENT_CAPSULE_ID_GUID;

-__weak int efi_get_public_key_data(void **pkey, efi_uintn_t *pkey_len) -{ - /* The platform is supposed to provide - * a method for getting the public key - * stored in the form of efi signature - * list - */ - return 0; -} - efi_status_t efi_capsule_authenticate(const void *capsule, efi_uintn_t capsule_size, void **image, efi_uintn_t *image_size) { -- 2.30.2