Added secure boot in CSM module entrypoint, if UEFI secure boot is enabled, CSM module cannot be started.
Signed-off-by: Li Elvin <elvin.li@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13537 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -695,6 +695,7 @@ LegacyBiosInstall (
|
||||
UINT32 MemorySize;
|
||||
EFI_GCD_MEMORY_SPACE_DESCRIPTOR Descriptor;
|
||||
UINT64 Length;
|
||||
UINT8 *SecureBoot;
|
||||
|
||||
//
|
||||
// Load this driver's image to memory
|
||||
@@ -704,6 +705,20 @@ LegacyBiosInstall (
|
||||
return Status;
|
||||
}
|
||||
|
||||
//
|
||||
// When UEFI Secure Boot is enabled, CSM module will not start any more.
|
||||
//
|
||||
SecureBoot = NULL;
|
||||
GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID**)&SecureBoot, NULL);
|
||||
if ((SecureBoot != NULL) && (*SecureBoot == SECURE_BOOT_MODE_ENABLE)) {
|
||||
FreePool (SecureBoot);
|
||||
return EFI_SECURITY_VIOLATION;
|
||||
}
|
||||
|
||||
if (SecureBoot != NULL) {
|
||||
FreePool (SecureBoot);
|
||||
}
|
||||
|
||||
Private = &mPrivateData;
|
||||
ZeroMem (Private, sizeof (LEGACY_BIOS_INSTANCE));
|
||||
|
||||
|
Reference in New Issue
Block a user