From 1444157aad1b98ce9c1193ef109011b084113890 Mon Sep 17 00:00:00 2001 From: Gerd Hoffmann Date: Tue, 9 Jan 2024 12:29:01 +0100 Subject: [PATCH 09/18] OvmfPkg/VirtNorFlashDxe: stop accepting gEfiVariableGuid MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RH-Author: Gerd Hoffmann RH-MergeRequest: 43: OvmfPkg/VirtNorFlashDxe backport RH-Jira: RHEL-17587 RH-Acked-by: Laszlo Ersek RH-Commit: [11/20] c7b9cd1b716e1b8163b8094fbea8117241901815 Only accept gEfiAuthenticatedVariableGuid when checking the variable store header in ValidateFvHeader(). The edk2 code base has been switched to use the authenticated varstore format unconditionally (even in case secure boot is not used or supported) a few years ago. Suggested-by: László Érsek Signed-off-by: Gerd Hoffmann Reviewed-by: Laszlo Ersek Message-Id: <20240109112902.30002-3-kraxel@redhat.com> (cherry picked from commit ae22b2f136bcbd27135a5f4dd76d3a68a172d00e) --- OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c index cc5eefaaf3..c503272a2b 100644 --- a/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c +++ b/OvmfPkg/VirtNorFlashDxe/VirtNorFlashFvb.c @@ -239,9 +239,7 @@ ValidateFvHeader ( VariableStoreHeader = (VARIABLE_STORE_HEADER *)((UINTN)FwVolHeader + FwVolHeader->HeaderLength); // Check the Variable Store Guid - if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiVariableGuid) && - !CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid)) - { + if (!CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid)) { DEBUG (( DEBUG_INFO, "%a: Variable Store Guid non-compatible\n", -- 2.41.0