From bd66588657e827904b09034957e9d5a1f9d75bac Mon Sep 17 00:00:00 2001
From: Heinrich Schuchardt <xypron.glpk@gmx.de>
Date: Thu, 13 Sep 2018 21:31:49 +0200
Subject: [PATCH] efi_loader: loosen check of parameters of efi_file_open()

The UEFI spec requires that attributes are only set for when
EFI_FILE_MODE_CREATE is set in open_mode.

The SCT tries to read a directory with EFI_FILE_DIRECTORY.

As EDK2 allows this we should not be more strict.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
---
 lib/efi_loader/efi_file.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/lib/efi_loader/efi_file.c b/lib/efi_loader/efi_file.c
index 9ba7673..84be0d5 100644
--- a/lib/efi_loader/efi_file.c
+++ b/lib/efi_loader/efi_file.c
@@ -229,7 +229,16 @@ static efi_status_t EFIAPI efi_file_open(struct efi_file_handle *file,
 		ret = EFI_INVALID_PARAMETER;
 		goto out;
 	}
-	if ((!(open_mode & EFI_FILE_MODE_CREATE) && attributes) ||
+	/*
+	 * The UEFI spec requires that attributes are only set in create mode.
+	 * The SCT does not care about this and sets EFI_FILE_DIRECTORY in
+	 * read mode. EDK2 does not check that attributes are zero if not in
+	 * create mode.
+	 *
+	 * So here we only check attributes in create mode and do not check
+	 * that they are zero otherwise.
+	 */
+	if ((open_mode & EFI_FILE_MODE_CREATE) &&
 	    (attributes & (EFI_FILE_READ_ONLY | ~EFI_FILE_VALID_ATTR))) {
 		ret = EFI_INVALID_PARAMETER;
 		goto out;