diff options
| author | Jeff Fan <jeff.fan@intel.com> | 2014-03-20 03:06:54 +0000 |
|---|---|---|
| committer | vanjeff <vanjeff@6f19259b-4bc3-4df7-8a09-765794883524> | 2014-03-20 03:06:54 +0000 |
| commit | 2decc0ad6f2de1c8646b7317679b4a4407cde0c1 (patch) | |
| tree | 3c3072c988ab0bb82e524631e0df02920631a777 | |
| parent | 9ed9be0f098976ad5eb972fbd1415d60fdbe926e (diff) | |
| download | edk2-2decc0ad6f2de1c8646b7317679b4a4407cde0c1.tar.gz | |
Sync patches r15321, r15329, r15334 and r15339 from main trunk.
1. Remove unused variable attribute flag.
2. Fix the return status when physical presence variable and MemoryOverwriteRequestControl variable are corrupt.
3. Add comments for PcdHideTpmSupport.
4. Fix the return value bug when updating public key database variable failure.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2010.SR1@15344 6f19259b-4bc3-4df7-8a09-765794883524
11 files changed, 101 insertions, 72 deletions
diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c index ebc7367fae..8a5e7d17c6 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c @@ -8,7 +8,7 @@ ExecutePendingTpmRequest() will receive untrusted input and do validation.
-Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -1059,6 +1059,9 @@ ExecutePendingTpmRequest ( sizeof (UINT8),
&NewFlags
);
+ if (EFI_ERROR (Status)) {
+ return;
+ }
}
@@ -1162,19 +1165,20 @@ TcgPhysicalPresenceLibProcessRequest ( &PpiFlags
);
if (EFI_ERROR (Status)) {
- if (Status == EFI_NOT_FOUND) {
- PpiFlags = FLAG_NO_PPI_PROVISION;
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- sizeof (UINT8),
- &PpiFlags
- );
+ PpiFlags = FLAG_NO_PPI_PROVISION;
+ Status = gRT->SetVariable (
+ PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ sizeof (UINT8),
+ &PpiFlags
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "[TPM] Set physical presence flag failed, Status = %r\n", Status));
+ return ;
}
- ASSERT_EFI_ERROR (Status);
}
- DEBUG ((EFI_D_ERROR, "[TPM] PpiFlags = %x, Status = %r\n", PpiFlags, Status));
+ DEBUG ((EFI_D_INFO, "[TPM] PpiFlags = %x\n", PpiFlags));
//
// This flags variable controls whether physical presence is required for TPM command.
@@ -1205,18 +1209,19 @@ TcgPhysicalPresenceLibProcessRequest ( &TcgPpData
);
if (EFI_ERROR (Status)) {
- if (Status == EFI_NOT_FOUND) {
- ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &TcgPpData
- );
+ ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
+ DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
+ Status = gRT->SetVariable (
+ PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ &TcgPpData
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "[TPM] Set physical presence variable failed, Status = %r\n", Status));
+ return;
}
- ASSERT_EFI_ERROR (Status);
}
DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags, TcgPpData.PPRequest));
diff --git a/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c b/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c index 28b809bce4..b2b22e518b 100644 --- a/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c +++ b/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c @@ -7,7 +7,7 @@ TrEEExecutePendingTpmRequest() will receive untrusted input and do validation.
-Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -568,19 +568,20 @@ TrEEPhysicalPresenceLibProcessRequest ( &PpiFlags
);
if (EFI_ERROR (Status)) {
- if (Status == EFI_NOT_FOUND) {
- PpiFlags = 0;
- Status = gRT->SetVariable (
- TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTrEEPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- sizeof (UINT8),
- &PpiFlags
- );
+ PpiFlags = 0;
+ Status = gRT->SetVariable (
+ TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTrEEPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ sizeof (UINT8),
+ &PpiFlags
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "[TPM2] Set physical presence flag failed, Status = %r\n", Status));
+ return ;
}
- ASSERT_EFI_ERROR (Status);
}
- DEBUG ((EFI_D_ERROR, "[TPM2] PpiFlags = %x, Status = %r\n", PpiFlags, Status));
+ DEBUG ((EFI_D_INFO, "[TPM2] PpiFlags = %x\n", PpiFlags));
//
// This flags variable controls whether physical presence is required for TPM command.
@@ -611,27 +612,28 @@ TrEEPhysicalPresenceLibProcessRequest ( &TcgPpData
);
if (EFI_ERROR (Status)) {
- if (Status == EFI_NOT_FOUND) {
- ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
- DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- TREE_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTrEEPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &TcgPpData
- );
+ ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
+ DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE);
+ Status = gRT->SetVariable (
+ TREE_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTrEEPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ &TcgPpData
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "[TPM2] Set physical presence variable failed, Status = %r\n", Status));
+ return ;
}
- ASSERT_EFI_ERROR (Status);
}
- DEBUG ((EFI_D_ERROR, "[TPM2] Flags=%x, PPRequest=%x (LastPPRequest=%x)\n", PpiFlags, TcgPpData.PPRequest, TcgPpData.LastPPRequest));
+ DEBUG ((EFI_D_INFO, "[TPM2] Flags=%x, PPRequest=%x (LastPPRequest=%x)\n", PpiFlags, TcgPpData.PPRequest, TcgPpData.LastPPRequest));
//
// Execute pending TPM request.
//
TrEEExecutePendingTpmRequest (PlatformAuth, &TcgPpData, PpiFlags);
- DEBUG ((EFI_D_ERROR, "[TPM2] PPResponse = %x (LastPPRequest=%x, Flags=%x)\n", TcgPpData.PPResponse, TcgPpData.LastPPRequest, PpiFlags));
+ DEBUG ((EFI_D_INFO, "[TPM2] PPResponse = %x (LastPPRequest=%x, Flags=%x)\n", TcgPpData.PPResponse, TcgPpData.LastPPRequest, PpiFlags));
}
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 8a3187125c..1bf138dbb7 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -164,6 +164,7 @@ ## The PCD is used to control whether to support hiding the TPM.
# If TRUE, PcdHideTpm controls whether to hide the TPM.
+ # This pcd is only for validation purpose. It should be set to false in production.
gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport|FALSE|BOOLEAN|0x00000007
[PcdsDynamic, PcdsDynamicEx]
diff --git a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c index def965f138..a4acc14e9a 100644 --- a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c +++ b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c @@ -4,7 +4,7 @@ This driver initilize MemoryOverwriteRequestControl variable. It
will clear MOR_CLEAR_MEMORY_BIT bit if it is set.
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -35,6 +35,7 @@ OnReadyToBoot ( IN VOID *Context
)
{
+ EFI_STATUS Status;
UINTN DataSize;
if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) {
@@ -50,14 +51,16 @@ OnReadyToBoot ( mMorControl &= 0xFE;
DataSize = sizeof (mMorControl);
- gRT->SetVariable (
- MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
- &gEfiMemoryOverwriteControlDataGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &mMorControl
- );
-
+ Status = gRT->SetVariable (
+ MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
+ &gEfiMemoryOverwriteControlDataGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ &mMorControl
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "TcgMor: Clear MOR_CLEAR_MEMORY_BIT failure, Status = %r\n"));
+ }
}
@@ -98,7 +101,6 @@ MorDriverEntryPoint ( // Set default value to 0
//
mMorControl = 0;
- DEBUG ((EFI_D_INFO, "TcgMor: Create gEfiMemoryOverwriteControlDataGuid!\n"));
Status = gRT->SetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
@@ -106,8 +108,7 @@ MorDriverEntryPoint ( DataSize,
&mMorControl
);
- ASSERT_EFI_ERROR (Status);
-
+ DEBUG ((EFI_D_INFO, "TcgMor: Create MOR variable! Status = %r\n", Status));
} else {
//
// Create a Ready To Boot Event and Clear the MorControl bit in the call back function.
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c index 045c1846fc..6080eff3b7 100644 --- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c +++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c @@ -8,7 +8,7 @@ PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -68,6 +68,8 @@ PhysicalPresenceCallback ( &PpData
);
if (EFI_ERROR (Status)) {
+ mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@@ -116,6 +118,7 @@ PhysicalPresenceCallback ( );
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP flags failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@@ -226,6 +229,8 @@ MemoryClearCallback ( &MorControl
);
if (EFI_ERROR (Status)) {
+ mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Get MOR variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@@ -245,6 +250,7 @@ MemoryClearCallback ( );
if (EFI_ERROR (Status)) {
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
}
return EFI_SUCCESS;
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c index f3c8e5f659..74b5e7ee25 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c @@ -105,7 +105,7 @@ TrEEConfigDriverEntryPoint ( Status = gRT->SetVariable (
TREE_STORAGE_NAME,
&gTrEEConfigFormSetGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
sizeof(TrEEConfiguration),
&TrEEConfiguration
);
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c index 41bafa2868..0df99d607e 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c @@ -296,7 +296,7 @@ TrEERouteConfig ( Status = gRT->SetVariable (
TREE_STORAGE_NAME,
&gTrEEConfigFormSetGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
sizeof(TrEEConfiguration),
&TrEEConfiguration
);
diff --git a/SecurityPkg/Tcg/TrEESmm/TrEESmm.c b/SecurityPkg/Tcg/TrEESmm/TrEESmm.c index 4826b7916d..14303d5458 100644 --- a/SecurityPkg/Tcg/TrEESmm/TrEESmm.c +++ b/SecurityPkg/Tcg/TrEESmm/TrEESmm.c @@ -9,7 +9,7 @@ PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -84,6 +84,8 @@ PhysicalPresenceCallback ( &PpData
);
if (EFI_ERROR (Status)) {
+ mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@@ -116,6 +118,7 @@ PhysicalPresenceCallback ( if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Set PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_SUCCESS;
@@ -133,6 +136,7 @@ PhysicalPresenceCallback ( );
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP flags failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@@ -220,6 +224,8 @@ MemoryClearCallback ( &MorControl
);
if (EFI_ERROR (Status)) {
+ mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Get MOR variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@@ -239,6 +245,7 @@ MemoryClearCallback ( );
if (EFI_ERROR (Status)) {
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
+ DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
}
return EFI_SUCCESS;
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c index 7da0d63aba..2a7903ef67 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c @@ -15,7 +15,7 @@ They will do basic validation for authentication data structure, then call crypto library
to verify the signature.
-Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -444,8 +444,8 @@ AddPubKeyInStore ( &mVariableModuleGlobal->VariableGlobal,
FALSE
);
- ASSERT_EFI_ERROR (Status);
if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "Get public key database variable failure, Status = %r\n", Status));
return 0;
}
@@ -495,8 +495,8 @@ AddPubKeyInStore ( &mVariableModuleGlobal->VariableGlobal,
FALSE
);
- ASSERT_EFI_ERROR (Status);
if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "Get public key database variable failure, Status = %r\n", Status));
return 0;
}
@@ -527,7 +527,10 @@ AddPubKeyInStore ( &Variable,
NULL
);
- ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "Update public key database variable failure, Status = %r\n", Status));
+ return 0;
+ }
}
return Index;
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c index f1ba9c18f0..2283725e26 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c @@ -3,7 +3,7 @@ and volatile storage space and install variable architecture protocol.
Copyright (C) 2013, Red Hat, Inc.
-Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -389,7 +389,9 @@ FtwNotificationEvent ( }
Status = VariableWriteServiceInitialize ();
- ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Variable write service initialization failed. Status = %r\n", Status));
+ }
//
// Install the Variable Write Architectural protocol.
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c index 4ac582d49b..63ac436150 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c @@ -14,7 +14,7 @@ VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(),
SmmVariableGetStatistics() should also do validation based on its own knowledge.
-Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -848,7 +848,9 @@ SmmFtwNotificationEvent ( mVariableModuleGlobal->FvbInstance = FvbProtocol;
Status = VariableWriteServiceInitialize ();
- ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "Variable write service initialization failed. Status = %r\n", Status));
+ }
//
// Notify the variable wrapper driver the variable write service is ready
|