diff options
| -rw-r--r-- | include/sbat.h | 1 | ||||
| -rw-r--r-- | sbat.c | 13 |
2 files changed, 10 insertions, 4 deletions
diff --git a/include/sbat.h b/include/sbat.h index 5db82379..656bf8d7 100644 --- a/include/sbat.h +++ b/include/sbat.h @@ -51,6 +51,7 @@ extern list_t sbat_var; EFI_STATUS parse_sbat_var(list_t *entries); void cleanup_sbat_var(list_t *entries); EFI_STATUS set_sbat_uefi_variable(void); +bool preserve_sbat_uefi_variable(UINT8 *sbat, UINTN sbatsize, UINT32 attributes); struct sbat_section_entry { const CHAR8 *component_name; @@ -304,6 +304,14 @@ check_sbat_var_attributes(UINT32 attributes) #endif } +bool +preserve_sbat_uefi_variable(UINT8 *sbat, UINTN sbatsize, UINT32 attributes) +{ + return check_sbat_var_attributes(attributes) && + sbatsize >= strlen(SBAT_VAR_SIG "1") && + strncmp((const char *)sbat, SBAT_VAR_SIG, strlen(SBAT_VAR_SIG)); +} + EFI_STATUS set_sbat_uefi_variable(void) { @@ -323,10 +331,7 @@ set_sbat_uefi_variable(void) */ if (EFI_ERROR(efi_status)) { dprint(L"SBAT read failed %r\n", efi_status); - } else if (check_sbat_var_attributes(attributes) && - sbatsize >= strlen(SBAT_VAR_SIG "1") && - strncmp((const char *)sbat, SBAT_VAR_SIG, - strlen(SBAT_VAR_SIG))) { + } else if (preserve_sbat_uefi_variable(sbat, sbatsize, attributes)) { dprint("SBAT variable is %d bytes, attributes are 0x%08x\n", sbatsize, attributes); FreePool(sbat); |