diff options
author | Min M Xu <min.m.xu@intel.com> | 2022-06-29 10:33:09 +0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2022-09-06 07:21:42 +0000 |
commit | 70165fa6e2820e4a5d33737bc490b6241b9ac018 (patch) | |
tree | 40a4c2287b2359ee69dc63a4f58ee9b4fb39743f /OvmfPkg/Library/NvVarsFileLib | |
parent | ee91d9ef2493a96a4886c4a94651718c8c708401 (diff) | |
download | edk2-70165fa6e2820e4a5d33737bc490b6241b9ac018.zip edk2-70165fa6e2820e4a5d33737bc490b6241b9ac018.tar.gz edk2-70165fa6e2820e4a5d33737bc490b6241b9ac018.tar.bz2 |
OvmfPkg/NvVarsFileLib: Shortcut ConnectNvVarsToFileSystem in secure-boot
OvmfPkg/Library/NvVarsFileLib allows loading variables into emulated
varstore from a on-disk NvVars file. We can't allow that when secure
boot is active. So check secure-boot feature and shortcut the
ConnectNvVarsToFileSystem() function when sb is enabled.
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Diffstat (limited to 'OvmfPkg/Library/NvVarsFileLib')
-rw-r--r-- | OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c b/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c index 21b7152..72289da 100644 --- a/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c +++ b/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c @@ -28,6 +28,12 @@ ConnectNvVarsToFileSystem ( IN EFI_HANDLE FsHandle
)
{
+ #ifdef SECURE_BOOT_FEATURE_ENABLED
+
+ return EFI_UNSUPPORTED;
+
+ #else
+
EFI_STATUS Status;
//
@@ -46,6 +52,7 @@ ConnectNvVarsToFileSystem ( }
return Status;
+ #endif
}
/**
|