efi_loader: SetVariable() deleting variables

APPEND_WRITE with data length zero is allowable according to the UEFI
specification.

The EDK2 interpretation of no access attributes is attributes = 0. As
the UEFI specification is vague in this respect let's stick to EDK2 here.

Fixes: commit 6d2f27c5fd60 ("efi_loader: variable: support APPEND_WRITE")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

diff --git a/lib/efi_loader/efi_variable.c b/lib/efi_loader/efi_variable.c
index 22ad271bd8524173522a3263862a30d9a0aafb46..4c554c546b21ca80dd6c6e8cf14f03f2f552905f 100644 (file)
--- a/lib/efi_loader/efi_variable.c
+++ b/lib/efi_loader/efi_variable.c
@@ -443,8 +443,6 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
        if (ret)
                goto out;
 
-#define ACCESS_ATTR (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)
-
        old_val = env_get(native_name);
        if (old_val) {
                old_val = parse_attr(old_val, &attr);
@@ -455,7 +453,9 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
                        goto out;
                }
 
-               if ((data_size == 0) || !(attributes & ACCESS_ATTR)) {
+               if ((data_size == 0 &&
+                    !(attributes & EFI_VARIABLE_APPEND_WRITE)) ||
+                   !attributes) {
                        /* delete the variable: */
                        env_set(native_name, NULL);
                        ret = EFI_SUCCESS;
@@ -478,8 +478,9 @@ efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
                        old_size = 0;
                }
        } else {
-               if ((data_size == 0) || !(attributes & ACCESS_ATTR) ||
-                   (attributes & EFI_VARIABLE_APPEND_WRITE)) {
+               if ((data_size == 0 &&
+                    !(attributes & EFI_VARIABLE_APPEND_WRITE)) ||
+                   !attributes) {
                        /* delete, but nothing to do */
                        ret = EFI_NOT_FOUND;
                        goto out;