Hi,
> + #ifdef SECURE_BOOT_FEATURE_ENABLED
> + PlatformInitEmuVariableNvStore ((VOID *)(UINTN)VariableStore);
> + #endif
OvmfPkg/Library/NvVarsFileLib/ allows loading variables into emulated
varstore from a on-disk NvVars file. We can't allow that when secure
boot is active. I think we need a simliar check there. Shortcutting
the ConnectNvVarsToFileSystem() function with a
#ifdef SECURE_BOOT_FEATURE_ENABLED
return EFI_NOT_SUPPORTED;
#endif
should do the trick I think.
thanks,
Gerd
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#90790): https://edk2.groups.io/g/devel/message/90790
Mute This Topic: https://groups.io/mt/91995192/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
