cmd: env: add "-at" option to "env set -e" command

With "-at" option, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
will be passed to SetVariable() to authenticate the variable.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>

diff --git a/cmd/nvedit.c b/cmd/nvedit.c
index 81d94cd193c6dd6c03d4c843cc6cae2a1284575a..966c134059562b90056465ff44802ae672e85691 100644 (file)
--- a/cmd/nvedit.c
+++ b/cmd/nvedit.c
@@ -1417,7 +1417,7 @@ static char env_help_text[] =
 #endif
 #endif
 #if defined(CONFIG_CMD_NVEDIT_EFI)
-       "env set -e [-nv][-bs][-rt][-a][-i addr,size][-v] name [arg ...]\n"
+       "env set -e [-nv][-bs][-rt][-at][-a][-i addr,size][-v] name [arg ...]\n"
        "    - set UEFI variable; unset if '-i' or 'arg' not specified\n"
 #endif
        "env set [-f] name [arg ...]\n";
@@ -1479,13 +1479,14 @@ U_BOOT_CMD_COMPLETE(
        setenv, CONFIG_SYS_MAXARGS, 0,  do_env_set,
        "set environment variables",
 #if defined(CONFIG_CMD_NVEDIT_EFI)
-       "-e [-guid guid][-nv][-bs][-rt][-a][-v]\n"
+       "-e [-guid guid][-nv][-bs][-rt][-at][-a][-v]\n"
        "        [-i addr,size name], or [name [value ...]]\n"
        "    - set UEFI variable 'name' to 'value' ...'\n"
        "      \"-guid\": set vendor guid\n"
        "      \"-nv\": set non-volatile attribute\n"
        "      \"-bs\": set boot-service attribute\n"
        "      \"-rt\": set runtime attribute\n"
+       "      \"-at\": set time-based authentication attribute\n"
        "      \"-a\": append-write\n"
        "      \"-i addr,size\": use <addr,size> as variable's value\n"
        "      \"-v\": verbose message\n"

diff --git a/cmd/nvedit_efi.c b/cmd/nvedit_efi.c
index 579cf430593c21bd60677e5fc10c415178212a3f..837e39e021798876ddc9e05a230ca619642898c8 100644 (file)
--- a/cmd/nvedit_efi.c
+++ b/cmd/nvedit_efi.c
@@ -458,7 +458,7 @@ out:
  * Return:     CMD_RET_SUCCESS on success, or CMD_RET_RET_FAILURE
  *
  * This function is for "env set -e" or "setenv -e" command:
- *   => env set -e [-guid guid][-nv][-bs][-rt][-a][-v]
+ *   => env set -e [-guid guid][-nv][-bs][-rt][-at][-a][-v]
  *                [-i address,size] var, or
  *                 var [value ...]
  * Encode values specified and set given UEFI variable.
@@ -517,6 +517,9 @@ int do_env_set_efi(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
                        attributes |= EFI_VARIABLE_RUNTIME_ACCESS;
                } else if (!strcmp(argv[0], "-nv")) {
                        attributes |= EFI_VARIABLE_NON_VOLATILE;
+               } else if (!strcmp(argv[0], "-at")) {
+                       attributes |=
+                         EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
                } else if (!strcmp(argv[0], "-a")) {
                        attributes |= EFI_VARIABLE_APPEND_WRITE;
                } else if (!strcmp(argv[0], "-i")) {