summaryrefslogtreecommitdiff
path: root/SecurityPkg
diff options
context:
space:
mode:
authorFu Siyuan <siyuan.fu@intel.com>2013-09-12 05:31:26 +0000
committersfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>2013-09-12 05:31:26 +0000
commit3a186b06f1f1bdc9b4508b5479e0530e629dd68c (patch)
tree36ef26d947919f8ee72a54198d1bd20e06c700b9 /SecurityPkg
parent74b5fd7a112746e9166ff204db4331f0eeb2ba4c (diff)
downloadedk2-topics-3a186b06f1f1bdc9b4508b5479e0530e629dd68c.tar.gz
Return EFI_WRITE_PROTECTED when setting KEKDefault, PKDefault, dbDefault, dbxDefault and dbtDefault variable.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14662 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg')
-rw-r--r--SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
index 5ff48cff2..c99cd2310 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
@@ -2501,7 +2501,12 @@ IsReadOnlyVariable (
if ((StrCmp (VariableName, EFI_SETUP_MODE_NAME) == 0) ||
(StrCmp (VariableName, EFI_SIGNATURE_SUPPORT_NAME) == 0) ||
(StrCmp (VariableName, EFI_SECURE_BOOT_MODE_NAME) == 0) ||
- (StrCmp (VariableName, EFI_VENDOR_KEYS_VARIABLE_NAME) == 0)) {
+ (StrCmp (VariableName, EFI_VENDOR_KEYS_VARIABLE_NAME) == 0) ||
+ (StrCmp (VariableName, EFI_KEK_DEFAULT_VARIABLE_NAME) == 0) ||
+ (StrCmp (VariableName, EFI_PK_DEFAULT_VARIABLE_NAME) == 0) ||
+ (StrCmp (VariableName, EFI_DB_DEFAULT_VARIABLE_NAME) == 0) ||
+ (StrCmp (VariableName, EFI_DBX_DEFAULT_VARIABLE_NAME) == 0) ||
+ (StrCmp (VariableName, EFI_DBT_DEFAULT_VARIABLE_NAME) == 0)) {
return TRUE;
}
}