From 72582fd5e0438295e84a6ea0d2d25ee7236d11f4 Mon Sep 17 00:00:00 2001
From: Manuel Thalmann <m@nuth.ch>
Date: Mon, 23 Jan 2023 16:53:28 +0100
Subject: [PATCH] Refactor secure-boot script

---
 .../SurfaceBook2/SecureBoot/install.sh        | 48 ++++++++++++-------
 1 file changed, 32 insertions(+), 16 deletions(-)

diff --git a/scripts/Devices/SurfaceBook2/SecureBoot/install.sh b/scripts/Devices/SurfaceBook2/SecureBoot/install.sh
index e2f63f5b..1fdf3ac8 100755
--- a/scripts/Devices/SurfaceBook2/SecureBoot/install.sh
+++ b/scripts/Devices/SurfaceBook2/SecureBoot/install.sh
@@ -23,21 +23,37 @@ else
 
     # Initialize variables
     src="./boot/efi/EFI/fedora";
-    esp=/boot/efi;
-    defaultBootDir="$esp/EFI/BOOT";
-    microsoftBootDir="$esp/EFI/Microsoft/Boot";
+    efiDirName="/EFI";
+    bootDirName="$efiDirName/BOOT";
+    microsoftDirName="$efiDirName/Microsoft/Boot";
+    systemdDirName="$efiDirName/systemd";
 
-    systemdDirName=/EFI/systemd;
-    systemdFullName="$esp$systemdDirName";
-    systemdFile="$systemdFullName/systemd-bootx64.efi";
-    bootFile="$defaultBootDir/grubx64.efi";
+    shimBaseName="shimx64.efi";
+    mokManagerBaseName="mmx64.efi";
+    keyToolBaseName="KeyTool.efi";
+    shellBaseName="Shell.efi";
+
+    defaultFileName="$bootDirName/BOOTx64.efi";
+    systemdFileName="$systemdDirName/systemd-bootx64.efi";
+    grubFileName="$bootDirName/grubx64.efi";
+    mokManagerFileName="$bootDirName/$mokManagerBaseName";
+    keyToolFileName="$systemdDirName/$keyToolBaseName";
+    shellFileName="$systemdDirName/$shellBaseName";
+
+    espPath=/boot/efi;
+    bootPath="$espPath$bootDirName";
+    defaultPath="$esp$defaultFileName";
+    microsoftPath="$espPath$microsoftDirName";
+    systemdPath="$espPath$systemdDirName/systemd-bootx64.efi";
+    shellPath="$espPath$shellFileName";
+    grubPath="$espPath$grubFileName";
 
     # Set up files
-    cp "$systemdFile" "$bootFile";
-    cp "$src/shimx64.efi" "$defaultBootDir/BOOTx64.efi";
-    cp "$src/mmx64.efi" "$defaultBootDir";
+    cp "$systemdPath" "$grubPath";
+    cp "$src/$shimBaseName" "$defaultPath";
+    cp "$src/$mokManagerBaseName" "$bootPath";
     cp /usr/lib/efitools/x86_64-linux-gnu/KeyTool.efi /boot/efi/EFI/systemd/;
-    wget https://github.com/tianocore/edk2-archive/raw/master/ShellBinPkg/UefiShell/X64/Shell.efi -O "$systemdFullName/Shell.efi";
+    wget https://github.com/tianocore/edk2-archive/raw/master/ShellBinPkg/UefiShell/X64/Shell.efi -O "$shellPath";
 
     {
         echo "sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md";
@@ -46,10 +62,10 @@ else
 
     # No idea where the `10000000` comes from...
     # Taken from https://github.com/rhboot/shim/issues/376#issuecomment-964137621
-    objcopy --set-section-alignment '.sbat=512' --add-section .sbat=sbat.csv --change-section-address .sbat+10000000 "$bootFile";
+    objcopy --set-section-alignment '.sbat=512' --add-section .sbat=sbat.csv --change-section-address .sbat+10000000 "$grubPath";
 
     # Add boot entries
-    efibootmgr --unicode --disk /dev/nvme0n1 --part 0 --create --label "Shim" --loader /EFI/BOOT/BOOTx64.efi;
+    efibootmgr --unicode --disk /dev/nvme0n1 --part 0 --create --label "Shim" --loader "$defaultFileName";
 
     # Configure systemd-boot
     {
@@ -58,17 +74,17 @@ else
 
     {
         echo "title MokManager";
-        echo "efi   /EFI/BOOT/mmx64.efi";
+        echo "efi   $mokManagerFileName";
     } > /boot/efi/loader/entries/MokManager.conf;
 
     {
         echo "title KeyTool";
-        echo "efi   /EFI/systemd/KeyTool.efi";
+        echo "efi   $keyToolFileName";
     } > /boot/efi/loader/entries/KeyTool.conf;
 
     {
         echo "title UEFI Shell";
-        echo "efi   /EFI/systemd/Shell.efi";
+        echo "efi   $shellFileName";
     } > /boot/efi/loader/entries/Shell.conf:
 
     # Install surface MOK