efi: Allow some cert-related UEFI variables to not be present
diff mbox series

Message ID 20200105173424.20140-1-ignat.loskutov@gmail.com
State New
Headers show
Series
  • efi: Allow some cert-related UEFI variables to not be present
Related show

Commit Message

ignat.loskutov@gmail.com Jan. 5, 2020, 5:34 p.m. UTC
From: Ignat Loskutov <ignat.loskutov@gmail.com>

get_cert_list() prints an error message if no UEFI variable exists with
the given name. However, the calling code doesn't always consider this
an error. Fix by returning silently in this case.

Signed-off-by: Ignat Loskutov <ignat.loskutov@gmail.com>
---
 security/integrity/platform_certs/load_uefi.c | 2 ++
 1 file changed, 2 insertions(+)

Patch
diff mbox series

diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c
index 111898aad56e..163ede8d2abc 100644
--- a/security/integrity/platform_certs/load_uefi.c
+++ b/security/integrity/platform_certs/load_uefi.c
@@ -43,6 +43,8 @@  static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
 	void *db;
 
 	status = efi.get_variable(name, guid, NULL, &lsize, &tmpdb);
+	if (status == EFI_NOT_FOUND)
+		return NULL;
 	if (status != EFI_BUFFER_TOO_SMALL) {
 		pr_err("Couldn't get size: 0x%lx\n", status);
 		return NULL;