Added secure boot in CSM module entrypoint, if UEFI secure boot is enabled, CSM module cannot be started.

Signed-off-by: Li Elvin <elvin.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13537 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
li-elvin
2012-07-17 09:25:26 +00:00
parent 05a643f91d
commit 0f8b02980e
3 changed files with 18 additions and 2 deletions

View File

@@ -695,6 +695,7 @@ LegacyBiosInstall (
UINT32 MemorySize;
EFI_GCD_MEMORY_SPACE_DESCRIPTOR Descriptor;
UINT64 Length;
UINT8 *SecureBoot;
//
// Load this driver's image to memory
@@ -704,6 +705,20 @@ LegacyBiosInstall (
return Status;
}
//
// When UEFI Secure Boot is enabled, CSM module will not start any more.
//
SecureBoot = NULL;
GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID**)&SecureBoot, NULL);
if ((SecureBoot != NULL) && (*SecureBoot == SECURE_BOOT_MODE_ENABLE)) {
FreePool (SecureBoot);
return EFI_SECURITY_VIOLATION;
}
if (SecureBoot != NULL) {
FreePool (SecureBoot);
}
Private = &mPrivateData;
ZeroMem (Private, sizeof (LEGACY_BIOS_INSTANCE));