loader: Properly check for elevated permissions

The status message for the loader not searching environment
variables when running with elevated permissions didn't properly
check. This commit adds in proper guards to make sure the status
message only prints when compiled with explicit use of non-secure
getenv

Change-Id: I993bb08de21bb0e338852368c24fe615d0d1f9b9

diff --git a/loader/loader.c b/loader/loader.c
index 7ae2289964c510fe94e9cd2ab2854936dc3ef4f8..8c414104c242a1c165db67d6b207926ae222541a 100644 (file)
--- a/loader/loader.c
+++ b/loader/loader.c
@@ -289,13 +289,12 @@ static inline char *loader_secure_getenv(const char *name, const struct loader_i
     out = __secure_getenv(name);
 #else
     out = loader_getenv(name, inst);
+#if !defined(USE_UNSAFE_FILE_SEARCH)
+    loader_log(inst, LOADER_INFO_BIT, 0, "Loader is using non-secure environment variable lookup for %s", name);
 #endif
 #endif
-    if (out == NULL) {
-        loader_log(inst, LOADER_INFO_BIT, 0,
-                   "Loader is running with elevated permissions. Environment variable %s will be ignored.", name);
-    }
     return out;
+#endif
 }
 
 static inline void loader_free_getenv(char *val, const struct loader_instance *inst) {
@@ -357,8 +356,8 @@ static inline char *loader_getenv(const char *name, const struct loader_instance
 static inline char *loader_secure_getenv(const char *name, const struct loader_instance *inst) {
 #if !defined(USE_UNSAFE_FILE_SEARCH)
     if (IsHighIntegrity()) {
-        loader_log(inst, LOADER_INFO_BIT, 0,
-                   "Loader is running with elevated permissions. Environment variable %s will be ignored.", name);
+        loader_log(inst, LOADER_INFO_BIT, 0, "Loader is running with elevated permissions. Environment variable %s will be ignored",
+                   name);
         return NULL;
     }
 #endif