https://bugzilla.tianocore.org/show_bug.cgi?id=3858
Check EFI_SECURE_BOOT_MODE_NAME before setting the flags to
prohibit acquiring Redfish service credential and using Redfish
service.
Signed-off-by: Abner Chang <abner.chang@hpe.com>
Cc: Nickle Wang <nickle.wang@hpe.com>
Cc: Andrew Fish <afish@apple.com>
Cc: Ray Ni <ray.ni@intel.com>
Reviewed-by: Nickle Wang <nickle.wang@hpe.com>
IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType\r
)\r
{\r
IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType\r
)\r
{\r
+ EFI_STATUS Status;\r
+ UINT8 *SecureBootVar;\r
+\r
if (ServiceStopType >= ServiceStopTypeMax) {\r
return EFI_INVALID_PARAMETER;\r
}\r
if (ServiceStopType >= ServiceStopTypeMax) {\r
return EFI_INVALID_PARAMETER;\r
}\r
if (!PcdGetBool (PcdRedfishServieStopIfSecureBootDisabled)) {\r
return EFI_UNSUPPORTED;\r
} else {\r
if (!PcdGetBool (PcdRedfishServieStopIfSecureBootDisabled)) {\r
return EFI_UNSUPPORTED;\r
} else {\r
- mStopRedfishService = TRUE;\r
- DEBUG ((DEBUG_INFO, "EFI Redfish service is stopped due to SecureBoot is disabled!!\n"));\r
+ //\r
+ // Check Secure Boot status and lock Redfish service if Secure Boot is disabled.\r
+ //\r
+ Status = GetVariable2 (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID **)&SecureBootVar, NULL);\r
+ if (EFI_ERROR (Status) || (*SecureBootVar != SECURE_BOOT_MODE_ENABLE)) {\r
+ //\r
+ // Secure Boot is disabled\r
+ //\r
+ mSecureBootDisabled = TRUE;\r
+ mStopRedfishService = TRUE;\r
+ DEBUG ((DEBUG_INFO, "EFI Redfish service is stopped due to SecureBoot is disabled!!\n"));\r
+ }\r
}\r
} else if (ServiceStopType == ServiceStopTypeExitBootService) {\r
//\r
}\r
} else if (ServiceStopType == ServiceStopTypeExitBootService) {\r
//\r
IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This\r
)\r
{\r
IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This\r
)\r
{\r
- EFI_STATUS Status;\r
- UINT8 *SecureBootVar;\r
-\r
- //\r
- // Check Secure Boot status and lock Redfish service if Secure Boot is disabled.\r
- //\r
- Status = GetVariable2 (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID **)&SecureBootVar, NULL);\r
- if (EFI_ERROR (Status) || (*SecureBootVar != SECURE_BOOT_MODE_ENABLE)) {\r
- //\r
- // Secure Boot is disabled\r
- //\r
- mSecureBootDisabled = TRUE;\r
- LibStopRedfishService (This, ServiceStopTypeSecureBootDisabled);\r
- }\r
+ LibStopRedfishService (This, ServiceStopTypeSecureBootDisabled);\r