| Message ID | 20190524065903.21433-4-takahiro.akashi@linaro.org |
|---|---|
| State | Accepted, archived |
| Commit | a2c6983740104c8e608c411eff6a58e2f4feaede |
| Delegated to: | Heinrich Schuchardt |
| Headers | show |
| Series | efi_loader: variable: attributes may not be changed if a variable exists | expand |
On 5/24/19 8:59 AM, AKASHI Takahiro wrote: > If a variable already exists, efi_set_variable() should not change > the variable's attributes. This patch enforces it. > > Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > --- > lib/efi_loader/efi_variable.c | 13 +++++++++++-- > 1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c index e3ec502ffb45..1bb3bbf3393e 100644 --- a/lib/efi_loader/efi_variable.c +++ b/lib/efi_loader/efi_variable.c @@ -450,12 +450,21 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name, if (val) { parse_attr(val, &attr); + /* We should not free val */ + val = NULL; if (attr & READ_ONLY) { - /* We should not free val */ - val = NULL; ret = EFI_WRITE_PROTECTED; goto out; } + + /* + * attributes won't be changed + * TODO: take care of APPEND_WRITE once supported + */ + if (attr != attributes) { + ret = EFI_INVALID_PARAMETER; + goto out; + } } val = malloc(2 * data_size + strlen("{ro,run,boot}(blob)") + 1);
If a variable already exists, efi_set_variable() should not change the variable's attributes. This patch enforces it. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> --- lib/efi_loader/efi_variable.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-)