Foxboron
commented
2 days ago Ah, this error is supposed to be ignored and not bubbled up. So this can easily be fixed.
Open pietrushnic opened 2 days ago
Foxboron
commented
2 days ago Ah, this error is supposed to be ignored and not bubbled up. So this can easily be fixed.
pietrushnic
commented
2 days ago @Foxboron, if I would like to contribute a fix for this bug, where should I start with setting up a development environment and testing? IIUC, should this be fixed in go-uefi or here?
It seems to bubble from here
Or maybe check for that error here and ignore/print the warning that such a signature/hash already exists.
Foxboron
commented
2 days ago I think it should be fixed in sbctl. I think it's usefull to have some semantic error if you try to include an existing hash.
Fixing it in tpm.go is a good idea. You can either use ExistsInList and just don't run Append on true. Or just check the error for ErrSigDataExists and ignore bubbling it up. Both are valid approaching IMO.
Thanks for contributing :) I'll try and get a new release out the door soon'ish as well.
When in Setup Mode on Odroid-H4+ with AMI BIOS, it seems I have two OptionROMs, which hashes I would like to enroll to db:
Trying to enroll using:
Unfortunately, it fails with the:
The error could be more precise. In the AMI Setup Mode, the BIOS DB is deleted, so the critical question is where the signature exists. I assume it doesn't mean "signature" but a hash of a given OptionROM. Or maybe the error is because there are two events in the event log about the same component.
Does sbctl mean dbDefault?
Can any tools help look into this issue and give you more context?