diff options
| author | Zhang, Chao B <chao.b.zhang@intel.com> | 2016-06-27 11:10:07 +0800 |
|---|---|---|
| committer | Zhang, Chao B <chao.b.zhang@intel.com> | 2016-06-28 09:08:39 +0800 |
| commit | 90fa53213ec458b5c4f8851c09aeb3de977531e5 (patch) | |
| tree | e6ac0d6d6499be2646b2f935b387d6a798d137fb /SecurityPkg/Library/AuthVariableLib/AuthService.c | |
| parent | 6b5677e1bb62c289fba7848bbfde08220fc37ba1 (diff) | |
| download | edk2-platforms-90fa53213ec458b5c4f8851c09aeb3de977531e5.tar.xz | |
SecurityPkg: AuthVariableLib: Cache UserPhysicalPresent in AuthVariableLib
AuthVariableLib is updated to cache the UserPhysicalPresent state to global variable. This avoids calling PlatformSecureLib during runtime and makes PhysicalPresent state consistent during one boot.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Diffstat (limited to 'SecurityPkg/Library/AuthVariableLib/AuthService.c')
| -rw-r--r-- | SecurityPkg/Library/AuthVariableLib/AuthService.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPkg/Library/AuthVariableLib/AuthService.c index 6e1e284801..1d49b6a16e 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -931,7 +931,7 @@ ProcessVarWithPk ( // Init state of Del. State may change due to secure check
//
Del = FALSE;
- if ((InCustomMode() && UserPhysicalPresent()) || (mPlatformMode == SETUP_MODE && !IsPk)) {
+ if ((InCustomMode() && mUserPhysicalPresent) || (mPlatformMode == SETUP_MODE && !IsPk)) {
Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
if (PayloadSize == 0) {
@@ -1049,7 +1049,7 @@ ProcessVarWithKek ( }
Status = EFI_SUCCESS;
- if (mPlatformMode == USER_MODE && !(InCustomMode() && UserPhysicalPresent())) {
+ if (mPlatformMode == USER_MODE && !(InCustomMode() && mUserPhysicalPresent)) {
//
// Time-based, verify against X509 Cert KEK.
//
@@ -1204,7 +1204,7 @@ ProcessVariable ( &OrgVariableInfo
);
- if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attributes, Data, DataSize, Attributes) && UserPhysicalPresent()) {
+ if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attributes, Data, DataSize, Attributes) && mUserPhysicalPresent) {
//
// Allow the delete operation of common authenticated variable at user physical presence.
//
@@ -1222,7 +1222,7 @@ ProcessVariable ( return Status;
}
- if (NeedPhysicallyPresent (VariableName, VendorGuid) && !UserPhysicalPresent()) {
+ if (NeedPhysicallyPresent (VariableName, VendorGuid) && !mUserPhysicalPresent) {
//
// This variable is protected, only physical present user could modify its value.
//
|