From a3e1038d7161cb5506884c3aec92e47d0d4464ee Mon Sep 17 00:00:00 2001
From: Lans Zhang <jia.zhang@windriver.com>
Date: Tue, 1 Aug 2017 13:13:06 +0800
Subject: shim: don't set CSV boot entry as the first boot option

Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
---
 ...n-t-set-the-csv-entry-as-the-first-boot-b.patch | 49 ++++++++++++++++++++++
 meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb  |  1 +
 2 files changed, 50 insertions(+)
 create mode 100644 meta-efi-secure-boot/recipes-bsp/shim/shim/0014-fallback-don-t-set-the-csv-entry-as-the-first-boot-b.patch

diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim/0014-fallback-don-t-set-the-csv-entry-as-the-first-boot-b.patch b/meta-efi-secure-boot/recipes-bsp/shim/shim/0014-fallback-don-t-set-the-csv-entry-as-the-first-boot-b.patch
new file mode 100644
index 0000000..03d62b8
--- /dev/null
+++ b/meta-efi-secure-boot/recipes-bsp/shim/shim/0014-fallback-don-t-set-the-csv-entry-as-the-first-boot-b.patch
@@ -0,0 +1,49 @@
+From 9f6d9f6b7f88b9d15dd2f25ae7f16b68a980922a Mon Sep 17 00:00:00 2001
+From: Lans Zhang <jia.zhang@windriver.com>
+Date: Tue, 1 Aug 2017 10:25:45 +0800
+Subject: [PATCH] fallback: don't set the csv entry as the first boot by
+ default
+
+Signed-off-by: Lans Zhang <jia.zhang@windriver.com>
+---
+ fallback.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/fallback.c b/fallback.c
+index 8c408fd..c39f280 100644
+--- a/fallback.c
++++ b/fallback.c
+@@ -138,6 +138,11 @@ make_full_path(CHAR16 *dirname, CHAR16 *filename, CHAR16 **out, UINT64 *outlen)
+ CHAR16 *bootorder = NULL;
+ int nbootorder = 0;
+ 
++#ifdef FALLBACK_RUN_AS_FIRST_BOOT
++UINTN run_as_first_boot = 1;
++#else
++UINTN run_as_first_boot = 0;
++#endif
+ EFI_DEVICE_PATH *first_new_option = NULL;
+ VOID *first_new_option_args = NULL;
+ UINTN first_new_option_size = 0;
+@@ -199,6 +204,9 @@ add_boot_option(EFI_DEVICE_PATH *hddp, EFI_DEVICE_PATH *fulldp,
+ 				return rc;
+ 			}
+ 
++			if (!run_as_first_boot)
++				return EFI_SUCCESS;
++
+ 			CHAR16 *newbootorder = AllocateZeroPool(sizeof (CHAR16)
+ 							* (nbootorder + 1));
+ 			if (!newbootorder)
+@@ -414,7 +422,7 @@ add_to_boot_list(EFI_FILE_HANDLE fh, CHAR16 *dirname, CHAR16 *filename, CHAR16 *
+ 	rc = find_boot_option(dp, full_device_path, fullpath, label, arguments, &option);
+ 	if (EFI_ERROR(rc)) {
+ 		add_boot_option(dp, full_device_path, fullpath, label, arguments);
+-	} else if (option != 0) {
++	} else if (run_as_first_boot && option != 0) {
+ 		CHAR16 *newbootorder;
+ 		newbootorder = AllocateZeroPool(sizeof (CHAR16) * nbootorder);
+ 		if (!newbootorder)
+-- 
+2.7.5
+
diff --git a/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb b/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb
index 6428eeb..3c34b7b 100644
--- a/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb
+++ b/meta-efi-secure-boot/recipes-bsp/shim/shim_git.bb
@@ -32,6 +32,7 @@ SRC_URI = "\
     file://0011-Update-verification_method-if-the-loaded-image-is-si.patch;apply=0 \
     file://0012-netboot-replace-the-depreciated-EFI_PXE_BASE_CODE.patch \
     file://0013-fallback-allow-to-search-.csv-in-EFI-BOOT.patch \
+    file://0014-fallback-don-t-set-the-csv-entry-as-the-first-boot-b.patch \
 "
 SRC_URI_append_x86-64 = "\
     ${@bb.utils.contains('DISTRO_FEATURES', 'msft', \
-- 
cgit v1.2.3-54-g00ecf