diff options
| -rw-r--r-- | SecurityPkg/Library/AuthVariableLib/AuthService.c | 8 | ||||
| -rw-r--r-- | SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h | 1 | ||||
| -rw-r--r-- | SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c | 7 |
3 files changed, 4 insertions, 12 deletions
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPkg/Library/AuthVariableLib/AuthService.c index 0dd62b0741..1f9ba15384 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -928,7 +928,7 @@ ProcessVarWithPk ( }
Del = FALSE;
- if ((InCustomMode() && mUserPhysicalPresent) || (mPlatformMode == SETUP_MODE && !IsPk)) {
+ if ((InCustomMode() && UserPhysicalPresent()) || (mPlatformMode == SETUP_MODE && !IsPk)) {
Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
if (PayloadSize == 0) {
@@ -1046,7 +1046,7 @@ ProcessVarWithKek ( }
Status = EFI_SUCCESS;
- if (mPlatformMode == USER_MODE && !(InCustomMode() && mUserPhysicalPresent)) {
+ if (mPlatformMode == USER_MODE && !(InCustomMode() && UserPhysicalPresent())) {
//
// Time-based, verify against X509 Cert KEK.
//
@@ -1201,7 +1201,7 @@ ProcessVariable ( &OrgVariableInfo
);
- if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attributes, Data, DataSize, Attributes) && mUserPhysicalPresent) {
+ if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attributes, Data, DataSize, Attributes) && UserPhysicalPresent()) {
//
// Allow the delete operation of common authenticated variable at user physical presence.
//
@@ -1219,7 +1219,7 @@ ProcessVariable ( return Status;
}
- if (NeedPhysicallyPresent (VariableName, VendorGuid) && !mUserPhysicalPresent) {
+ if (NeedPhysicallyPresent (VariableName, VendorGuid) && !UserPhysicalPresent()) {
//
// This variable is protected, only physical present user could modify its value.
//
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h index 4d6915bcaa..add05c21cc 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h +++ b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h @@ -125,7 +125,6 @@ extern UINT8 *mCertDbStore; extern UINT32 mMaxCertDbSize;
extern UINT32 mPlatformMode;
extern UINT8 mVendorKeyState;
-extern BOOLEAN mUserPhysicalPresent;
extern VOID *mHashCtx;
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c index 69eac134cb..00ec1710fc 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c @@ -35,7 +35,6 @@ UINT8 *mCertDbStore; UINT32 mMaxCertDbSize;
UINT32 mPlatformMode;
UINT8 mVendorKeyState;
-BOOLEAN mUserPhysicalPresent;
EFI_GUID mSignatureSupport[] = {EFI_CERT_SHA1_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_X509_GUID};
@@ -408,12 +407,6 @@ AuthVariableLibInitialize ( AuthVarLibContextOut->AddressPointer = mAuthVarAddressPointer;
AuthVarLibContextOut->AddressPointerCount = sizeof (mAuthVarAddressPointer) / sizeof (mAuthVarAddressPointer[0]);
- //
- // Cache UserPhysicalPresent State.
- // Platform should report PhysicalPresent before this point
- //
- mUserPhysicalPresent = UserPhysicalPresent();
-
return Status;
}
|