sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c0984d1ff28325a8f1c76e23a79141cbb12c3e4f
system76-edk2/OvmfPkg/Library/NvVarsFileLib/NvVarsFileLib.c
Min M Xu 70165fa6e2 OvmfPkg/NvVarsFileLib: Shortcut ConnectNvVarsToFileSystem in secure-boot 
OvmfPkg/Library/NvVarsFileLib allows loading variables into emulated
varstore from a on-disk NvVars file.  We can't allow that when secure
boot is active.  So check secure-boot feature and shortcut the
ConnectNvVarsToFileSystem() function when sb is enabled.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Suggested-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2022-09-06 07:21:42 +00:00

81 lines
1.9 KiB
C
Raw Blame History

/** @file
Save Non-Volatile Variables to a file system.
Copyright (c) 2009, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "NvVarsFileLib.h"
#include <Library/DebugLib.h>
#include <Library/NvVarsFileLib.h>
EFI_HANDLE mNvVarsFileLibFsHandle = NULL;
/**
Attempts to connect the NvVarsFileLib to the specified file system.
@param[in] FsHandle - Handle for a gEfiSimpleFileSystemProtocolGuid instance
@return The EFI_STATUS while attempting to connect the NvVarsFileLib
to the file system instance.
@retval EFI_SUCCESS - The given file system was connected successfully
**/
EFI_STATUS
EFIAPI
ConnectNvVarsToFileSystem (
IN EFI_HANDLE FsHandle
)
{
#ifdef SECURE_BOOT_FEATURE_ENABLED
return EFI_UNSUPPORTED;
#else
EFI_STATUS Status;
//
// We might fail to load the variable, since the file system initially
// will not have the NvVars file.
//
LoadNvVarsFromFs (FsHandle);
//
// We must be able to save the variables successfully to the file system
// to have connected successfully.
//
Status = SaveNvVarsToFs (FsHandle);
if (!EFI_ERROR (Status)) {
mNvVarsFileLibFsHandle = FsHandle;
}
return Status;
#endif
}
/**
Update non-volatile variables stored on the file system.
@return The EFI_STATUS while attempting to update the variable on
the connected file system.
@retval EFI_SUCCESS - The non-volatile variables were saved to the disk
@retval EFI_NOT_STARTED - A file system has not been connected
**/
EFI_STATUS
EFIAPI
UpdateNvVarsOnFileSystem (
)
{
if (mNvVarsFileLibFsHandle == NULL) {
//
// A file system had not been connected to the library.
//
return EFI_NOT_STARTED;
} else {
return SaveNvVarsToFs (mNvVarsFileLibFsHandle);
}
}
Reference in New Issue View Git Blame Copy Permalink