projects / mirror_edk2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d35ec1e) | patch
SecurityPkg: AuthVariableLib: Fix inconsistent CertDB case
authorZhang, Chao B <chao.b.zhang@intel.com>
Tue, 16 Aug 2016 02:21:42 +0000 (10:21 +0800)
committerZhang, Chao B <chao.b.zhang@intel.com>
Wed, 17 Aug 2016 01:01:46 +0000 (09:01 +0800)
commitfd4d9c6495109979eb17779e07666c7c11c79c6a
tree7a1664732140a0fa395936601f4a6d19625cdc05tree
parentd35ec1e0507dc612ed6485410f12e683a726a3bfcommit | diff
SecurityPkg: AuthVariableLib: Fix inconsistent CertDB case

  2 steps are used to create/delete a time based variable.
  For create
     step 1: Insert Signer Cert to CertDB.
     Step 2: Insert Payload to Variable.
  For delete
     step 1: Delete Variable.
     Step 2: Delete Cert from CertDB.
  System may breaks between step 1 & step 2, so CertDB may contains useless
Cert in the next reboot. AuthVariableLib choose to sync consistent state
between CertDB & Time Auth Variable on initialization. However, it doesn't
apply Time Auth attribute check. Now add it.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Zeng Star <star.zeng@intel.com>
SecurityPkg/Library/AuthVariableLib/AuthService.c diff | blob | blame | history
EFI Development Kit II mirror for PVE