diff mbox series

efi: Allow some cert-related UEFI variables to not be present

Message ID 20200105173424.20140-1-ignat.loskutov@gmail.com (mailing list archive)
State New, archived
Headers show
Series efi: Allow some cert-related UEFI variables to not be present | expand

Commit Message

ignat.loskutov@gmail.com Jan. 5, 2020, 5:34 p.m. UTC 
From: Ignat Loskutov <ignat.loskutov@gmail.com>

get_cert_list() prints an error message if no UEFI variable exists with
the given name. However, the calling code doesn't always consider this
an error. Fix by returning silently in this case.

Signed-off-by: Ignat Loskutov <ignat.loskutov@gmail.com>
---
 security/integrity/platform_certs/load_uefi.c | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c
index 111898aad56e..163ede8d2abc 100644
--- a/security/integrity/platform_certs/load_uefi.c
+++ b/security/integrity/platform_certs/load_uefi.c
@@ -43,6 +43,8 @@  static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
 	void *db;
 
 	status = efi.get_variable(name, guid, NULL, &lsize, &tmpdb);
+	if (status == EFI_NOT_FOUND)
+		return NULL;
 	if (status != EFI_BUFFER_TOO_SMALL) {
 		pr_err("Couldn't get size: 0x%lx\n", status);
 		return NULL;