From a557b614a0ce2cf39d6bdfb3e464834b0d570895 Mon Sep 17 00:00:00 2001 From: Joseph Kogut Date: Thu, 12 Sep 2024 11:44:47 -0700 Subject: [PATCH] common: fix return in commit_apply-dbx HUP hook This code was moved from rollback-health into a hostapp-update commit hook, where it now runs outside of a function. Replace the invalid return statements with exits. Change-type: patch Signed-off-by: Joseph Kogut --- .../files/95-secureboot/1-fwd_commit_apply-dbx | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta-balena-common/recipes-support/hostapp-update-hooks/files/95-secureboot/1-fwd_commit_apply-dbx b/meta-balena-common/recipes-support/hostapp-update-hooks/files/95-secureboot/1-fwd_commit_apply-dbx index 27c789a04b..33f25f60f0 100644 --- a/meta-balena-common/recipes-support/hostapp-update-hooks/files/95-secureboot/1-fwd_commit_apply-dbx +++ b/meta-balena-common/recipes-support/hostapp-update-hooks/files/95-secureboot/1-fwd_commit_apply-dbx @@ -31,20 +31,20 @@ CURRENT_DB_ESL="/resin-boot/balena-keys/db.esl" if [ ! -d "${EFI_DIR}" ]; then # Not an EFI system, nothing to do - return + exit fi SECUREBOOT_VAL=$(efivar -p -n "${SECUREBOOT_VAR}" | tail -n 1 | sed -e "${EFIVAR_RE}") if [ "${SECUREBOOT_VAL}" -ne 1 ]; then # Secure boot disabled, nothing to do - return + exit fi if [ ! -d "${PENDING_DBX_DIR}" ]; then # Unexpected state - the directory should have been created by HUP # With it missing, there is nothing we can do echo "Rollback: Directory '${PENDING_DBX_DIR}' should exist but it does not" - return + exit 1 fi echo "Rollback: Applying pending DBX updates to prevent formerly allowed OS versions to boot"