Hi, > + #ifdef SECURE_BOOT_FEATURE_ENABLED > + PlatformInitEmuVariableNvStore ((VOID *)(UINTN)VariableStore); > + #endif
OvmfPkg/Library/NvVarsFileLib/ allows loading variables into emulated varstore from a on-disk NvVars file. We can't allow that when secure boot is active. I think we need a simliar check there. Shortcutting the ConnectNvVarsToFileSystem() function with a #ifdef SECURE_BOOT_FEATURE_ENABLED return EFI_NOT_SUPPORTED; #endif should do the trick I think. thanks, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#90790): https://edk2.groups.io/g/devel/message/90790 Mute This Topic: https://groups.io/mt/91995192/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-