diff options
| author | Heinrich Schuchardt <[email protected]> | 2024-04-03 17:33:35 +0200 |
|---|---|---|
| committer | Heinrich Schuchardt <[email protected]> | 2024-04-08 13:03:34 +0200 |
| commit | e0fa2cf39cedd9297c16bc4ea4ff5c512bb4e0ec (patch) | |
| tree | cfd0fe39618a3053d9d46173644d1d963acea0bc /lib | |
| parent | 3b51c3a0b03411b07f0acd8bf2361ba54043fdcf (diff) | |
efi_loader: handle EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS
We don't yet support EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS for file
based variables, but we should pass it to TEE based variable stores.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/efi_loader/efi_variable.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c index b2f8ebdd78e..6fe3792a12a 100644 --- a/lib/efi_loader/efi_variable.c +++ b/lib/efi_loader/efi_variable.c @@ -235,8 +235,12 @@ efi_status_t efi_set_variable_int(const u16 *variable_name, if (data_size && !data) return EFI_INVALID_PARAMETER; - /* EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated */ - if (attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) + /* + * EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated. + * We don't support EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS. + */ + if (attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \ + EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS)) return EFI_UNSUPPORTED; /* Make sure if runtime bit is set, boot service bit is set also */ |