IN VOID *FileBuffer,\r
IN UINTN FileSize\r
)\r
-\r
{\r
EFI_STATUS Status;\r
UINT16 Magic;\r
EFI_IMAGE_EXECUTION_ACTION Action;\r
WIN_CERTIFICATE *WinCertificate;\r
UINT32 Policy;\r
+ UINT8 *SecureBootEnable;\r
\r
if (File == NULL) {\r
return EFI_INVALID_PARAMETER;\r
} else if (Policy == NEVER_EXECUTE) {\r
return EFI_ACCESS_DENIED;\r
}\r
+\r
+ SecureBootEnable = GetVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid);\r
+ //\r
+ // Skip verification if SecureBootEnable variable doesn't exist.\r
+ //\r
+ if (SecureBootEnable == NULL) {\r
+ return EFI_SUCCESS;\r
+ }\r
+\r
+ //\r
+ // Skip verification if SecureBootEnable is disabled.\r
+ //\r
+ if (*SecureBootEnable == SECURE_BOOT_DISABLE) {\r
+ FreePool (SecureBootEnable);\r
+ return EFI_SUCCESS;\r
+ } \r
+ \r
SetupMode = GetEfiGlobalVariable (EFI_SETUP_MODE_NAME);\r
\r
//\r