efi_loader: update secure state

Update the UEFI secure state when variable 'PK' is updated in the TEE variables implementation. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
2024-12-04 01:53:27 +08:00 · 2020-07-14 08:14:08 +02:00 · 2020-07-14 08:14:08 +02:00 · 1a7b0f6e4e
commit 1a7b0f6e4e
parent 012c56ac76
1 changed files with 10 additions and 0 deletions
--- a/lib/efi_loader/efi_variable_tee.c
+++ b/lib/efi_loader/efi_variable_tee.c
@ -557,6 +557,12 @@ efi_status_t efi_set_variable_int(u16 *variable_name, const efi_guid_t *vendor,
 		var_property.maxsize = var_acc->data_size;
 		ret = set_property_int(variable_name, name_size, vendor, &var_property);
 	}
+
+	if (alt_ret != EFI_SUCCESS)
+		goto out;
+
+	if (!u16_strcmp(variable_name, L"PK"))
+		alt_ret = efi_init_secure_state();
 out:
 	free(comm_buf);
 	return alt_ret == EFI_SUCCESS ? ret : alt_ret;
@ -716,5 +722,9 @@ efi_status_t efi_init_variables(void)
 			  MM_VARIABLE_COMMUNICATE_SIZE +
 			  max_payload_size;

+	ret = efi_init_secure_state();
+	if (ret != EFI_SUCCESS)
+		return ret;
+
 	return EFI_SUCCESS;
 }