On Tue, 14 Jul 2020 at 14:14, <ilias.apalodi...@linaro.org> wrote: > > On Tue, Jul 14, 2020 at 12:06:56PM +0200, Heinrich Schuchardt wrote: > > Update the UEFI secure state when variable 'PK' is updated in the TEE > > variables implementation. > > > > Signed-off-by: Heinrich Schuchardt <xypron.g...@gmx.de> > > --- > > lib/efi_loader/efi_variable_tee.c | 8 ++++++++ > > 1 file changed, 8 insertions(+) > > > > diff --git a/lib/efi_loader/efi_variable_tee.c > > b/lib/efi_loader/efi_variable_tee.c > > index 24e0663ebd..1046e0d470 100644 > > --- a/lib/efi_loader/efi_variable_tee.c > > +++ b/lib/efi_loader/efi_variable_tee.c > > @@ -557,6 +557,10 @@ efi_status_t efi_set_variable_int(u16 *variable_name, > > const efi_guid_t *vendor, > > var_property.maxsize = var_acc->data_size; > > ret = set_property_int(variable_name, name_size, vendor, > > &var_property); > > } > > + > > + if (alt_ret == EFI_SUCCESS ret == EFI_SUCCESS && > > + !u16_strcmp(variable_name, L"PK")) > > + ret = efi_init_secure_state(); > > There's an && missing here. In any case don't check for both alt_ret and ret, > just goto out; if the above set_property_int() fails and you should be able to > check for 'ret' only.
Actually if you add the goto out, no check at all is required, just your strcmp > > > out: > > free(comm_buf); > > return alt_ret == EFI_SUCCESS ? ret : alt_ret; > > @@ -716,5 +720,9 @@ efi_status_t efi_init_variables(void) > > MM_VARIABLE_COMMUNICATE_SIZE + > > max_payload_size; > > > > + ret = efi_init_secure_state(); > > + if (ret != EFI_SUCCESS) > > + return ret; > > + > > return EFI_SUCCESS; > > } > > -- > > 2.27.0 > > > > Thanks > /Ilias
