Return EFI_WRITE_PROTECTED when setting KEKDefault, PKDefault, dbDefault, dbxDefault...
authorFu Siyuan <siyuan.fu@intel.com>
Thu, 12 Sep 2013 05:31:26 +0000 (05:31 +0000)
committersfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>
Thu, 12 Sep 2013 05:31:26 +0000 (05:31 +0000)
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14662 6f19259b-4bc3-4df7-8a09-765794883524

SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c

index 5ff48cff2ff073525f4ba48b6b70e7e68fe38c9e..c99cd2310eefb2bed1f056232943f470a1c900f2 100644 (file)
@@ -2501,7 +2501,12 @@ IsReadOnlyVariable (
     if ((StrCmp (VariableName, EFI_SETUP_MODE_NAME) == 0) ||\r
         (StrCmp (VariableName, EFI_SIGNATURE_SUPPORT_NAME) == 0) ||\r
         (StrCmp (VariableName, EFI_SECURE_BOOT_MODE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_VENDOR_KEYS_VARIABLE_NAME) == 0)) {\r
+        (StrCmp (VariableName, EFI_VENDOR_KEYS_VARIABLE_NAME) == 0) ||\r
+        (StrCmp (VariableName, EFI_KEK_DEFAULT_VARIABLE_NAME) == 0) ||\r
+        (StrCmp (VariableName, EFI_PK_DEFAULT_VARIABLE_NAME) == 0) ||\r
+        (StrCmp (VariableName, EFI_DB_DEFAULT_VARIABLE_NAME) == 0) ||\r
+        (StrCmp (VariableName, EFI_DBX_DEFAULT_VARIABLE_NAME) == 0) ||\r
+        (StrCmp (VariableName, EFI_DBT_DEFAULT_VARIABLE_NAME) == 0)) {\r
       return TRUE;\r
     }\r
   }\r