summaryrefslogtreecommitdiff
path: root/OvmfPkg/Library
diff options
context:
space:
mode:
authorMin M Xu <min.m.xu@intel.com>2022-06-29 10:33:09 +0800
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2022-09-06 07:21:42 +0000
commit70165fa6e2820e4a5d33737bc490b6241b9ac018 (patch)
tree40a4c2287b2359ee69dc63a4f58ee9b4fb39743f /OvmfPkg/Library
parentee91d9ef2493a96a4886c4a94651718c8c708401 (diff)
downloadedk2-70165fa6e2820e4a5d33737bc490b6241b9ac018.zip
edk2-70165fa6e2820e4a5d33737bc490b6241b9ac018.tar.gz
edk2-70165fa6e2820e4a5d33737bc490b6241b9ac018.tar.bz2
OvmfPkg/NvVarsFileLib: Shortcut ConnectNvVarsToFileSystem in secure-boot
OvmfPkg/Library/NvVarsFileLib allows loading variables into emulated varstore from a on-disk NvVars file. We can't allow that when secure boot is active. So check secure-boot feature and shortcut the ConnectNvVarsToFileSystem() function when sb is enabled. Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Suggested-by: Gerd Hoffmann <kraxel@redhat.com> Acked-by: Gerd Hoffmann <kraxel@redhat.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Diffstat (limited to 'OvmfPkg/Library')
-rw-r--r--OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c b/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c
index 21b7152..72289da 100644
--- a/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c
+++ b/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c
@@ -28,6 +28,12 @@ ConnectNvVarsToFileSystem (
IN EFI_HANDLE FsHandle
)
{
+ #ifdef SECURE_BOOT_FEATURE_ENABLED
+
+ return EFI_UNSUPPORTED;
+
+ #else
+
EFI_STATUS Status;
//
@@ -46,6 +52,7 @@ ConnectNvVarsToFileSystem (
}
return Status;
+ #endif
}
/**
generated by cgit v1.1 at 2024-07-17 00:35:37 +0000