#[repr(C)]pub struct ShimLock { /* private fields */ }
Expand description
The Shim lock protocol.
This protocol is not part of the UEFI specification, but is installed by the Shim bootloader which is commonly used by Linux distributions to support UEFI Secure Boot. Shim is built with an embedded certificate that is used to validate another EFI application before running it. That application may itself be a bootloader that needs to validate another EFI application before running it, and the shim lock protocol exists to support that.
Implementations
Verify that an EFI application is signed by the certificate embedded in shim.
The buffer’s size must fit in a u32
; if that condition is not
met then a BAD_BUFFER_SIZE
error will be returned and the shim
lock protocol will not be called.