98d3ce77b4
The old code forced region size to be aligned to the PECOFF file alignment parameter, which is correct according to the spec. However, the major UEFI platforms do not align up when checking the signature, so if the PECOFF binary being signed already contains a signature, realigning the sections will make the existing signature invalid. Fix this by relaxing the rule about aligning up (also eliminates complaints about some pecoff sections being misaligned). Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> |
||
|---|---|---|
| docs | ||
| lib | ||
| src | ||
| tests | ||
| .gitmodules | ||
| autogen.sh | ||
| configure.ac | ||
| COPYING | ||
| LICENSE.GPLv3 | ||
| Makefile.am | ||
| NEWS | ||
| README | ||
sbsigntool - Signing utility for UEFI secure boot Copyright (C) 2102 Jeremy Kerr <jeremy.kerr@canonical.com> Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. See file ./INSTALL for building and installation instructions. Main git repository: git://kernel.ubuntu.com/jk/sbsigntool.git sbsigntool is free software. See the file COPYING for copying conditions.