Fix shellcheck warnings

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>

image/measured-boot/measure_util.sh

@@ -5,11 +5,14 @@
 
 # This script contains shared functions for pcr calculation.
 
+set -euo pipefail
+shopt -s inherit_errexit
+
 pcr_extend() {
     local CURRENT_PCR="$1"
     local EXTEND_WITH="$2"
     local HASH_FUNCTION="$3"
-    ( echo -n "$CURRENT_PCR" | xxd -r -p ; echo -n "$EXTEND_WITH" | xxd -r -p; ) | ${HASH_FUNCTION} | cut -d " " -f 1
+    ( echo -n "${CURRENT_PCR}" | xxd -r -p ; echo -n "${EXTEND_WITH}" | xxd -r -p; ) | ${HASH_FUNCTION} | cut -d " " -f 1
 }
 
 extract () {

image/measured-boot/precalculate_pcr_4.sh

@@ -7,6 +7,7 @@
 # Usage: precalculate_pcr_4.sh <path to image> <path to output file>
 
 set -euo pipefail
+shopt -s inherit_errexit
 source "$(dirname "$0")/measure_util.sh"
 
 ev_efi_action_sha256=3d6772b4f84ed47595d72a2c4c5ffd15f5bb72c7507fe26f2aaee2c69d5633ba
@@ -46,8 +47,8 @@ trap 'cleanup "${DIR}"' EXIT
 extract "$1" "/efi/EFI/BOOT/BOOTX64.EFI" "${DIR}/01-shim.efi"
 extract "$1" "/efi/EFI/BOOT/grubx64.efi" "${DIR}/02-sd-boot.efi"
 extract "$1" "/efi/EFI/Linux" "${DIR}/uki"
-sudo chown -R "$USER:$USER" "${DIR}/uki"
-cp ${DIR}/uki/*.efi "${DIR}/03-uki.efi"
+sudo chown -R "${USER}:${USER}" "${DIR}/uki"
+cp "${DIR}"/uki/*.efi "${DIR}/03-uki.efi"
 
 shim_authentihash=$(authentihash "${DIR}/01-shim.efi")
 sd_boot_authentihash=$(authentihash "${DIR}/02-sd-boot.efi")

image/measured-boot/precalculate_pcr_8.sh

@@ -10,6 +10,7 @@
 # Usage: precalculate_pcr_8.sh <path to image> <path to output file>
 
 set -euo pipefail
+shopt -s inherit_errexit
 source "$(dirname "$0")/measure_util.sh"
 
 get_cmdline_from_uki () {
@@ -20,7 +21,8 @@ get_cmdline_from_uki () {
 
 cmdline_measure () {
     local path="$1"
-    local tmp=$(mktemp)
+    local tmp
+    tmp=$(mktemp)
     # convert to utf-16le and add a null terminator
     iconv -f utf-8 -t utf-16le "${path}" -o "${tmp}"
     truncate -s +2 "${tmp}"
@@ -46,8 +48,8 @@ DIR=$(mktempdir)
 trap 'cleanup "${DIR}"' EXIT
 
 extract "${IMAGE}" "/efi/EFI/Linux" "${DIR}/uki"
-sudo chown -R "$USER:$USER" "${DIR}/uki"
-cp ${DIR}/uki/*.efi "${DIR}/03-uki.efi"
+sudo chown -R "${USER}:${USER}" "${DIR}/uki"
+cp "${DIR}"/uki/*.efi "${DIR}/03-uki.efi"
 get_cmdline_from_uki "${DIR}/03-uki.efi" "${DIR}/cmdline"
 cmdline=$(cat "${DIR}/cmdline")
 
@@ -56,7 +58,7 @@ cleanup "${DIR}"
 
 expected_pcr_8=0000000000000000000000000000000000000000000000000000000000000000
 expected_pcr_8=$(pcr_extend "${expected_pcr_8}" "${cmdline_hash}" "sha256sum")
-if [ "${CSP}" == "azure" ]; then
+if [[ "${CSP}" == "azure" ]]; then
     # Azure displays the boot menu
     # triggering an extra measurement of the kernel command line.
     expected_pcr_8=$(pcr_extend "${expected_pcr_8}" "${cmdline_hash}" "sha256sum")

image/measured-boot/precalculate_pcr_9.sh

@@ -8,6 +8,8 @@
 # Usage: precalculate_pcr_9.sh <path to image> <path to output file>
 
 set -euo pipefail
+shopt -s inherit_errexit
+
 source "$(dirname "$0")/measure_util.sh"
 
 get_initrd_from_uki () {
@@ -36,8 +38,8 @@ DIR=$(mktempdir)
 trap 'cleanup "${DIR}"' EXIT
 
 extract "$1" "/efi/EFI/Linux" "${DIR}/uki"
-sudo chown -R "$USER:$USER" "${DIR}/uki"
-cp ${DIR}/uki/*.efi "${DIR}/03-uki.efi"
+sudo chown -R "${USER}:${USER}" "${DIR}/uki"
+cp "${DIR}"/uki/*.efi "${DIR}/03-uki.efi"
 get_initrd_from_uki "${DIR}/03-uki.efi" "${DIR}/initrd"
 
 initrd_hash=$(initrd_measure "${DIR}/initrd")