diff options
| author | James Bottomley <JBottomley@Parallels.com> | 2013-01-20 14:02:04 +0000 |
|---|---|---|
| committer | James Bottomley <JBottomley@Parallels.com> | 2013-01-20 14:02:04 +0000 |
| commit | cefc509928f496df928d5849bdde451947327ac0 (patch) | |
| tree | 49ece93dfe489896b80e799bd49c9e05dc1b8177 | |
| parent | abdd5f6af553994056ca48300a3dea0a06866538 (diff) | |
| download | efitools-cefc509928f496df928d5849bdde451947327ac0.tar.gz | |
security_policy: don't check image table in legacy if mok fails
If the MoK test fails, no need to check the image table as well.
Signed-off-by: James Bottomley <JBottomley@Parallels.com>
| -rw-r--r-- | lib/security_policy.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/lib/security_policy.c b/lib/security_policy.c index 16f68ff..6b8dbab 100644 --- a/lib/security_policy.c +++ b/lib/security_policy.c @@ -212,8 +212,7 @@ security_policy_authentication ( if (status == EFI_ACCESS_DENIED || status == EFI_SECURITY_VIOLATION) /* return what the platform originally said */ status = fail_status; - - if (configtable_image_is_forbidden(DevicePathConst)) + else if (configtable_image_is_forbidden(DevicePathConst)) status = fail_status; out: |