Skip to content

Commit 05998e2

Browse files
histriohistrio
committed
Secure boot check removed
1 parent e406441 commit 05998e2

File tree

1 file changed

+0
-36
lines changed

1 file changed

+0
-36
lines changed

kc-compat.py

Lines changed: 0 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -39,29 +39,6 @@ def inside_vz_container():
3939
return os.path.exists('/proc/vz/veinfo') and not os.path.exists('/proc/vz/version')
4040

4141

42-
def _get_last_byte_from(filename):
43-
""" Reading the last byte from the varfile
44-
:return: last byte in a file as unsigned int or None if file was empty
45-
"""
46-
with open(filename, 'rb') as f:
47-
last, = struct.unpack("B", f.read()[-1:])
48-
return last
49-
50-
51-
def is_secure_boot():
52-
""" Detects Secure Boot
53-
:return: True if Secure Boot is enabled, false otherwise
54-
"""
55-
efivars_location = "/sys/firmware/efi/efivars/"
56-
if not os.path.isdir(efivars_location):
57-
return False
58-
for filename in os.listdir(efivars_location):
59-
if filename.startswith('SecureBoot'):
60-
varfile = os.path.join(efivars_location, filename)
61-
return _get_last_byte_from(varfile) == 1
62-
return False
63-
64-
6542
def inside_lxc_container():
6643
return '/lxc/' in open('/proc/1/cgroup').read()
6744

@@ -80,26 +57,13 @@ def myprint(silent, message):
8057
print(message)
8158

8259

83-
def kmod_is_signed():
84-
try:
85-
url = 'https://patches.kernelcare.com/' + get_kernel_hash() + '/latest.v2'
86-
latest = urlopen(url).read().decode('utf-8')
87-
url = 'https://patches.kernelcare.com/' + get_kernel_hash() + '/' + latest + '/kcare.ko'
88-
return urlopen(url).read()[-28:] == b'~Module signature appended~\n'
89-
except Exception:
90-
return False
91-
92-
9360
def main():
9461
"""
9562
if --silent or -q argument provided, don't print anything, just use exit code
9663
otherwise print results (COMPATIBLE or UNSUPPORTED)
9764
else exit with 0 if COMPATIBLE, 1 or more otherwise
9865
"""
9966
silent = len(sys.argv) > 1 and (sys.argv[1] == '--silent' or sys.argv[1] == '-q')
100-
if is_secure_boot() and not kmod_is_signed():
101-
myprint(silent, "UNSUPPORTED; SECURE BOOT")
102-
return 3
10367
if inside_vz_container() or inside_lxc_container():
10468
myprint(silent, "UNSUPPORTED; INSIDE CONTAINER")
10569
return 2

0 commit comments

Comments
 (0)