Skip to content

Commit

Permalink
MokManager: Stop using EFI_VARIABLE_APPEND_WRITE
Browse files Browse the repository at this point in the history 
When writing MokList with EFI_VARIABLE_APPEND_WRITE, some HP laptops
may just return EFI_SUCCESS without writing the content into the flash,
so we have no way to detect if MokList is updated or not. Now we always
read MokList first and write it back with the new content.

#105

Signed-off-by: Gary Lin <[email protected]>
  • Loading branch information
@lcp @vathpela
lcp authored and vathpela committed Jul 18, 2018
1 parent a98c20b commit f442c84
Showing 1 changed file with 3 additions and 8 deletions.
11 changes: 3 additions & 8 deletions MokManager.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -880,14 +880,9 @@ static EFI_STATUS write_db(CHAR16 * db_name, void *MokNew, UINTN MokNewSize)
UINTN old_size;
UINTN new_size;

efi_status = gRT->SetVariable(db_name, &SHIM_LOCK_GUID,
EFI_VARIABLE_NON_VOLATILE |
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_APPEND_WRITE,
MokNewSize, MokNew);
if (!EFI_ERROR(efi_status) || efi_status != EFI_INVALID_PARAMETER) {
return efi_status;
}
/* Do not use EFI_VARIABLE_APPEND_WRITE due to faulty firmwares.
* ref: https://github.com/rhboot/shim/issues/55
* https://github.com/rhboot/shim/issues/105 */

efi_status = get_variable_attr(db_name, (UINT8 **)&old_data, &old_size,
SHIM_LOCK_GUID, &attributes);
Expand Down

0 comments on commit f442c84

Please sign in to comment.