If a variable already exists, efi_set_variable() should not change
the variable's attributes. This patch enforces it.
Signed-off-by: AKASHI Takahiro <takahiro.aka...@linaro.org>
---
lib/efi_loader/efi_variable.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c
index e3ec502ffb45..1bb3bbf3393e 100644
--- a/lib/efi_loader/efi_variable.c
+++ b/lib/efi_loader/efi_variable.c
@@ -450,12 +450,21 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
if (val) {
parse_attr(val, &attr);
+ /* We should not free val */
+ val = NULL;
if (attr & READ_ONLY) {
- /* We should not free val */
- val = NULL;
ret = EFI_WRITE_PROTECTED;
goto out;
}
+
+ /*
+ * attributes won't be changed
+ * TODO: take care of APPEND_WRITE once supported
+ */
+ if (attr != attributes) {
+ ret = EFI_INVALID_PARAMETER;
+ goto out;
+ }
}
val = malloc(2 * data_size + strlen("{ro,run,boot}(blob)") + 1);
--
2.21.0
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
