#include <hexdump.h>
#include <malloc.h>
#include <mapmem.h>
+#include <uuid.h>
#include <linux/kernel.h>
/*
} efi_guid_text[] = {
/* signature database */
{EFI_GLOBAL_VARIABLE_GUID, "EFI_GLOBAL_VARIABLE_GUID"},
+ {EFI_IMAGE_SECURITY_DATABASE_GUID, "EFI_IMAGE_SECURITY_DATABASE_GUID"},
+ /* certificate type */
+ {EFI_CERT_SHA256_GUID, "EFI_CERT_SHA256_GUID"},
+ {EFI_CERT_X509_GUID, "EFI_CERT_X509_GUID"},
+ {EFI_CERT_TYPE_PKCS7_GUID, "EFI_CERT_TYPE_PKCS7_GUID"},
};
/* "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" */
*
* Show information encoded in named UEFI variables
*/
-static int efi_dump_vars(int argc, char * const argv[],
+static int efi_dump_vars(int argc, char *const argv[],
const efi_guid_t *guid, bool verbose)
{
u16 *var_name16, *p;
return CMD_RET_SUCCESS;
}
-static bool match_name(int argc, char * const argv[], u16 *var_name16)
+static bool match_name(int argc, char *const argv[], u16 *var_name16)
{
char *buf, *p;
size_t buflen;
*
* Show information encoded in all the UEFI variables
*/
-static int efi_dump_var_all(int argc, char * const argv[],
+static int efi_dump_var_all(int argc, char *const argv[],
const efi_guid_t *guid_p, bool verbose)
{
u16 *var_name16, *p;
* If one or more variable names are specified, show information
* named UEFI variables, otherwise show all the UEFI variables.
*/
-int do_env_print_efi(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+int do_env_print_efi(struct cmd_tbl *cmdtp, int flag, int argc,
+ char *const argv[])
{
efi_guid_t guid;
const efi_guid_t *guid_p;
return CMD_RET_USAGE;
/* -a already specified */
- if (!default_guid & guid_any)
+ if (!default_guid && guid_any)
return CMD_RET_USAGE;
argc--;
* Return: CMD_RET_SUCCESS on success, or CMD_RET_RET_FAILURE
*
* This function is for "env set -e" or "setenv -e" command:
- * => env set -e [-guid guid][-nv][-bs][-rt][-a][-v]
+ * => env set -e [-guid guid][-nv][-bs][-rt][-at][-a][-v]
* [-i address,size] var, or
* var [value ...]
* Encode values specified and set given UEFI variable.
* If no value is specified, delete the variable.
*/
-int do_env_set_efi(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+int do_env_set_efi(struct cmd_tbl *cmdtp, int flag, int argc,
+ char *const argv[])
{
char *var_name, *value, *ep;
ulong addr;
attributes |= EFI_VARIABLE_RUNTIME_ACCESS;
} else if (!strcmp(argv[0], "-nv")) {
attributes |= EFI_VARIABLE_NON_VOLATILE;
+ } else if (!strcmp(argv[0], "-at")) {
+ attributes |=
+ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
} else if (!strcmp(argv[0], "-a")) {
attributes |= EFI_VARIABLE_APPEND_WRITE;
} else if (!strcmp(argv[0], "-i")) {
if (*ep != ',')
return CMD_RET_USAGE;
+ /* 0 should be allowed for delete */
size = simple_strtoul(++ep, NULL, 16);
- if (!size)
- return CMD_RET_FAILURE;
+
value_on_memory = true;
} else if (!strcmp(argv[0], "-v")) {
verbose = true;
return CMD_RET_USAGE;
var_name = argv[0];
- if (default_guid)
- guid = efi_global_variable_guid;
+ if (default_guid) {
+ if (!strcmp(var_name, "db") || !strcmp(var_name, "dbx") ||
+ !strcmp(var_name, "dbt"))
+ guid = efi_guid_image_security_database;
+ else
+ guid = efi_global_variable_guid;
+ }
if (verbose) {
printf("GUID: %s\n", efi_guid_to_str((const efi_guid_t *)