efi_loader: variable: attributes may not be changed if a variable exists

If a variable already exists, efi_set_variable() should not change the variable's attributes. This patch enforces it. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
author: AKASHI Takahiro <takahiro.akashi@linaro.org> 2019-05-24 15:59:03 +0900
committer: Heinrich Schuchardt <xypron.glpk@gmx.de> 2019-05-24 18:58:14 +0200
commit: a2c6983740104c8e608c411eff6a58e2f4feaede (patch)
tree: ff12577b9032434d29930c5060e2b1079d1904e3
parent: dbebae5ec77eee029fb36337643e052eecb50453 (diff)
download: u-boot-a2c6983740104c8e608c411eff6a58e2f4feaede.tar.gz
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c
index 0d973773fa..50bc10537f 100644
--- a/lib/efi_loader/efi_variable.c
+++ b/lib/efi_loader/efi_variable.c
@@ -451,12 +451,21 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
 	if (val) {
 		parse_attr(val, &attr);
 
+		/* We should not free val */
+		val = NULL;
 		if (attr & READ_ONLY) {
-			/* We should not free val */
-			val = NULL;
 			ret = EFI_WRITE_PROTECTED;
 			goto out;
 		}
+
+		/*
+		 * attributes won't be changed
+		 * TODO: take care of APPEND_WRITE once supported
+		 */
+		if (attr != attributes) {
+			ret = EFI_INVALID_PARAMETER;
+			goto out;
+		}
 	}
 
 	val = malloc(2 * data_size + strlen("{ro,run,boot}(blob)") + 1);
author	AKASHI Takahiro <takahiro.akashi@linaro.org>	2019-05-24 15:59:03 +0900
committer	Heinrich Schuchardt <xypron.glpk@gmx.de>	2019-05-24 18:58:14 +0200
commit	a2c6983740104c8e608c411eff6a58e2f4feaede (patch)
tree	ff12577b9032434d29930c5060e2b1079d1904e3
parent	dbebae5ec77eee029fb36337643e052eecb50453 (diff)
download	u-boot-a2c6983740104c8e608c411eff6a58e2f4feaede.tar.gz