diff options
author | Star Zeng <star.zeng@intel.com> | 2015-02-02 03:18:10 +0000 |
---|---|---|
committer | lzeng14 <lzeng14@Edk2> | 2015-02-02 03:18:10 +0000 |
commit | c4b5cc4318f80e025196fb8fc2795184e1451661 (patch) | |
tree | 71142799b3ff79867db48ca245b5cb4f2c9fdf67 | |
parent | 00ab76e0fed1884e978750e406e7b9a51842dfd8 (diff) | |
download | edk2-platforms-c4b5cc4318f80e025196fb8fc2795184e1451661.tar.xz |
SecurityPkg Variable: Before EndOfDxe, just record the current boot VarErrorFlag to local variable.
And leave the variable error flag in NV flash as the last boot variable error flag.
After EndOfDxe in InitializeVarErrorFlag (), the variable error flag in NV flash
will be initialized to this local current boot variable error flag.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16685 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r-- | SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c index 7a42d971e0..83d69899f7 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c @@ -58,7 +58,10 @@ BOOLEAN mEndOfDxe = FALSE; ///
BOOLEAN mEnableLocking = TRUE;
-/**
+//
+// It will record the current boot error flag before EndOfDxe.
+//
+VAR_ERROR_FLAG mCurrentBootVarErrFlag = VAR_ERROR_FLAG_NO_ERROR;
SecureBoot Hook for auth variable update.
@@ -579,6 +582,17 @@ RecordVarErrorFlag ( }
);
+ if (!mEndOfDxe) {
+ //
+ // Before EndOfDxe, just record the current boot variable error flag to local variable,
+ // and leave the variable error flag in NV flash as the last boot variable error flag.
+ // After EndOfDxe in InitializeVarErrorFlag (), the variable error flag in NV flash
+ // will be initialized to this local current boot variable error flag.
+ //
+ mCurrentBootVarErrFlag &= Flag;
+ return;
+ }
+
//
// Record error flag (it should have be initialized).
//
@@ -637,7 +651,7 @@ InitializeVarErrorFlag ( return;
}
- Flag = VAR_ERROR_FLAG_NO_ERROR;
+ Flag = mCurrentBootVarErrFlag;
DEBUG ((EFI_D_INFO, "Initialize variable error flag (%02x)\n", Flag));
Status = FindVariable (
|