Cross Reference: /u-boot/include/efi

History log of /u-boot/include/efi_variable.h
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
# 00da8d65	18-Apr-2024	Ilias Apalodimas <ilias.apalodimas@linaro.org>	efi_loader: add an EFI variable with the file contents Previous patches enabled SetVariableRT using a RAM backend. Although EBBR [0] defines a variable format we can teach userspace tools and write the altered variables, it's better if we skip the ABI requirements completely. So let's add a new variable, in its own namespace called "VarToFile" which contains a binary dump of the updated RT, BS and, NV variables and will be updated when GetVariable is called. Some adjustments are needed to do that. Currently we discard BS-only variables in EBS(). We need to preserve those on the RAM backend that exposes the variables. Since BS-only variables can't appear at runtime we need to move the memory masking checks from efi_var_collect() to efi_get_next_variable_name_mem()/ efi_get_variable_mem() and do the filtering at runtime. We also need an efi_var_collect() variant available at runtime, in order to construct the "VarToFile" buffer on the fly. All users and applications (for linux) have to do when updating a variable is dd that variable in the file described by "RTStorageVolatile". Linux efivarfs uses a first 4 bytes of the output to represent attributes in little-endian format. So, storing variables works like this: $~ efibootmgr -n 0001 $~ dd if=/sys/firmware/efi/efivars/VarToFile-b2ac5fc9-92b7-4acd-aeac-11e818c3130c of=/boot/efi/ubootefi.var skip=4 bs=1 [0] https://arm-software.github.io/ebbr/index.html#document-chapter5-variable-storage Suggested-by: Ard Biesheuvel <ardb@kernel.org> # dumping all variables to a variable Co-developed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> # contributed on efi_var_collect_mem() Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# 3b51c3a0	03-Apr-2024	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: EFI_VARIABLE_READ_ONLY should be 32bit GetVariable() and SetVariable() only accept a 32bit value for attributes. It makes not sense to define EFI_VARIABLE_READ_ONLY as unsigned long. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# 70a4ac69	17-Dec-2022	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: fix efi_get_next_variable_name_mem() The VariableNameSize parameter is in bytes but u16_strnlen() counts u16. Fix the parameter check for null termination. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# e618d1d2	09-Sep-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: function to get GUID for variable name In multiple places we need the default GUID matching a variable name. The patch provides a library function. For secure boot related variables like 'PK', 'KEK', 'db' a lookup table is used. For all other variable names EFI_GLOBAL_VARIABLE is returned. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# d47671c6	08-Sep-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: treat UEFI variable name as const UEFI variable names are typically constants and hence should be defined as const. Unfortunately some of our API functions do not define the parameters for UEFI variable names as const. This requires unnecessary conversions. Adjust parameters of several internal functions to tre UEFI variable names as const. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# b191aa42	25-Aug-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: efi_auth_var_type for AuditMode, DeployedMode Writing variables AuditMode and DeployedMode serves to switch between Secure Boot modes. Provide a separate value for these in efi_auth_var_type. With this patch the variables will not be read from from file even if they are marked as non-volatile by mistake. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> /u-boot/include/efi_variable.h
# 9ef82e29	25-Aug-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: don't load signature database from file The UEFI specification requires that the signature database may only be stored in tamper-resistant storage. So these variable may not be read from an unsigned file. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> /u-boot/include/efi_variable.h
# 53e54bf5	16-Jan-2021	Ilias Apalodimas <ilias.apalodimas@linaro.org>	efi_loader: Avoid emitting efi_var_buf to .GOT Atish reports that on RISC-V, accessing the EFI variables causes a kernel panic. An objdump of the file verifies that, since the global pointer for efi_var_buf ends up in .GOT section which is not mapped in virtual address space for Linux. <snip of efi_var_mem_find> 0000000000000084 <efi_var_mem_find>: 84: 715d addi sp,sp,-80 * objdump -dr 0000000000000086 <.LCFI2>: 86: e0a2 sd s0,64(sp) 88: fc26 sd s1,56(sp) 8a: e486 sd ra,72(sp) 8c: f84a sd s2,48(sp) 8e: f44e sd s3,40(sp) 90: f052 sd s4,32(sp) 92: ec56 sd s5,24(sp) 94: 00000497 auipc s1,0x0 94: R_RISCV_GOT_HI20 efi_var_buf 98: 0004b483 ld s1,0(s1) # 94 <.LCFI2+0xe> 98: R_RISCV_PCREL_LO12_I .L0 98: R_RISCV_RELAX ABS * objdump -t 0000000000000084 g F .text.efi_runtime 00000000000000b8 efi_var_mem_find With the patch applied: * objdump -dr 0000000000000086 <.LCFI2>: 86: e0a2 sd s0,64(sp) 88: fc26 sd s1,56(sp) 8a: e486 sd ra,72(sp) 8c: f84a sd s2,48(sp) 8e: f44e sd s3,40(sp) 90: f052 sd s4,32(sp) 92: ec56 sd s5,24(sp) 94: 00000497 auipc s1,0x0 94: R_RISCV_PCREL_HI20 .LANCHOR0 94: R_RISCV_RELAX ABS 98: 00048493 mv s1,s1 98: R_RISCV_PCREL_LO12_I .L0 98: R_RISCV_RELAX ABS * objdump -t 0000000000000008 l O .data.efi_runtime 0000000000000008 efi_var_buf On arm64 this works, because there's no .GOT entries for this and everything is converted to relative references. * objdump -dr (identical pre-post patch, only the new function shows up) 00000000000000b4 <efi_var_mem_find>: b4: aa0003ee mov x14, x0 b8: 9000000a adrp x10, 0 <efi_var_mem_compare> b8: R_AARCH64_ADR_PREL_PG_HI21 .data.efi_runtime bc: 91000140 add x0, x10, #0x0 bc: R_AARCH64_ADD_ABS_LO12_NC .data.efi_runtime c0: aa0103ed mov x13, x1 c4: 79400021 ldrh w1, [x1] c8: aa0203eb mov x11, x2 cc: f9400400 ldr x0, [x0, #8] d0: b940100c ldr w12, [x0, #16] d4: 8b0c000c add x12, x0, x12 So let's switch efi_var_buf to static and create a helper function for anyone that needs to update it. Fixes: e01aed47d6a0 ("efi_loader: Enable run-time variable support for tee based variables") Reported-by: Atish Patra <atishp@atishpatra.org> Tested-by: Atish Patra <atish.patra@wdc.com> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 265ce194	20-Dec-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: make variable store size customizable Currently the size of the buffer to keep UEFI variables in memory is fixed at 16384 bytes. This size has proven to be too small for some use cases. Make the size of the memory buffer for UEFI variables customizable. Reported-by: Paulo Alcantara (SUSE) <pc@cjr.nz> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# dd12c6a4	15-Aug-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: remove empty comment line Remove a line leading to a warning in make htmldocs. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# e01aed47	23-Jul-2020	Ilias Apalodimas <ilias.apalodimas@linaro.org>	efi_loader: Enable run-time variable support for tee based variables We recently added functions for storing/restoring variables from a file to a memory backed buffer marked as __efi_runtime_data commit f1f990a8c958 ("efi_loader: memory buffer for variables") commit 5f7dcf079de8 ("efi_loader: UEFI variable persistence") Using the same idea we now can support GetVariable() and GetNextVariable() on the OP-TEE based variables as well. So let's re-arrange the code a bit and move the commmon code for accessing variables out of efi_variable.c. Create common functions for reading variables from memory that both implementations can use on run-time. Then just use those functions in the run-time variants of the OP-TEE based EFI variable implementation and initialize the memory buffer on ExitBootServices() Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 627ab390	15-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: describe EFI_VAR_FILE_MAGIC Add documentation for EFI_VAR_FILE_MAGIC used in the file format for UEFI variables. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 7dda1634	14-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: pre-seed UEFI variables Include a file with the initial values for non-volatile UEFI variables into the U-Boot binary. If this variable is set, changes to variable PK will not be allowed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 99bfab8b	14-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: identify PK, KEK, db, dbx correctly To determine if a varible is on the of the authentication variables PK, KEK, db, dbx we have to check both the name and the GUID. Provide a function converting the variable-name/guid pair to an enum and use it consistently. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 012c56ac	14-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: restructure code for TEE variables When using secure boot functions needed both for file and TEE based UEFI variables have to be moved to the common code module efi_var_common.c. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# f1f990a8	22-Mar-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: memory buffer for variables Saving UEFI variable as encoded U-Boot environment variables does not allow support at runtime. Provide functions to manage a memory buffer with UEFI variables. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 5f7dcf07	19-Mar-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: UEFI variable persistence Persist non-volatile UEFI variables in a file on the EFI system partition. The file is written whenever a non-volatile UEFI variable is changed after initialization of the UEFI sub-system. The file is read during the UEFI sub-system initialization to restore non-volatile UEFI variables. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 01df8cf3	26-Jun-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: separate UEFI variable API from implemementation Separate the remaining UEFI variable API functions GetNextVariableName and QueryVariableInfo() from internal functions implementing them. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# f2d2b3a1	22-Jun-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: prepare for read only OP-TEE variables We currently have two implementations of UEFI variables: * variables provided via an OP-TEE module * variables stored in the U-Boot environment Read only variables are up to now only implemented in the U-Boot environment implementation. Provide a common interface for both implementations that allows handling read-only variables. As variable access is limited to very few source files put variable related definitions into new include efi_variable.h instead of efi_loader. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 3b51c3a0	03-Apr-2024	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: EFI_VARIABLE_READ_ONLY should be 32bit GetVariable() and SetVariable() only accept a 32bit value for attributes. It makes not sense to define EFI_VARIABLE_READ_ONLY as unsigned long. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# 70a4ac69	17-Dec-2022	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: fix efi_get_next_variable_name_mem() The VariableNameSize parameter is in bytes but u16_strnlen() counts u16. Fix the parameter check for null termination. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# e618d1d2	09-Sep-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: function to get GUID for variable name In multiple places we need the default GUID matching a variable name. The patch provides a library function. For secure boot related variables like 'PK', 'KEK', 'db' a lookup table is used. For all other variable names EFI_GLOBAL_VARIABLE is returned. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# d47671c6	08-Sep-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: treat UEFI variable name as const UEFI variable names are typically constants and hence should be defined as const. Unfortunately some of our API functions do not define the parameters for UEFI variable names as const. This requires unnecessary conversions. Adjust parameters of several internal functions to tre UEFI variable names as const. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# b191aa42	25-Aug-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: efi_auth_var_type for AuditMode, DeployedMode Writing variables AuditMode and DeployedMode serves to switch between Secure Boot modes. Provide a separate value for these in efi_auth_var_type. With this patch the variables will not be read from from file even if they are marked as non-volatile by mistake. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> /u-boot/include/efi_variable.h
# 9ef82e29	25-Aug-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: don't load signature database from file The UEFI specification requires that the signature database may only be stored in tamper-resistant storage. So these variable may not be read from an unsigned file. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> /u-boot/include/efi_variable.h
# 53e54bf5	16-Jan-2021	Ilias Apalodimas <ilias.apalodimas@linaro.org>	efi_loader: Avoid emitting efi_var_buf to .GOT Atish reports that on RISC-V, accessing the EFI variables causes a kernel panic. An objdump of the file verifies that, since the global pointer for efi_var_buf ends up in .GOT section which is not mapped in virtual address space for Linux. <snip of efi_var_mem_find> 0000000000000084 <efi_var_mem_find>: 84: 715d addi sp,sp,-80 * objdump -dr 0000000000000086 <.LCFI2>: 86: e0a2 sd s0,64(sp) 88: fc26 sd s1,56(sp) 8a: e486 sd ra,72(sp) 8c: f84a sd s2,48(sp) 8e: f44e sd s3,40(sp) 90: f052 sd s4,32(sp) 92: ec56 sd s5,24(sp) 94: 00000497 auipc s1,0x0 94: R_RISCV_GOT_HI20 efi_var_buf 98: 0004b483 ld s1,0(s1) # 94 <.LCFI2+0xe> 98: R_RISCV_PCREL_LO12_I .L0 98: R_RISCV_RELAX ABS * objdump -t 0000000000000084 g F .text.efi_runtime 00000000000000b8 efi_var_mem_find With the patch applied: * objdump -dr 0000000000000086 <.LCFI2>: 86: e0a2 sd s0,64(sp) 88: fc26 sd s1,56(sp) 8a: e486 sd ra,72(sp) 8c: f84a sd s2,48(sp) 8e: f44e sd s3,40(sp) 90: f052 sd s4,32(sp) 92: ec56 sd s5,24(sp) 94: 00000497 auipc s1,0x0 94: R_RISCV_PCREL_HI20 .LANCHOR0 94: R_RISCV_RELAX ABS 98: 00048493 mv s1,s1 98: R_RISCV_PCREL_LO12_I .L0 98: R_RISCV_RELAX ABS * objdump -t 0000000000000008 l O .data.efi_runtime 0000000000000008 efi_var_buf On arm64 this works, because there's no .GOT entries for this and everything is converted to relative references. * objdump -dr (identical pre-post patch, only the new function shows up) 00000000000000b4 <efi_var_mem_find>: b4: aa0003ee mov x14, x0 b8: 9000000a adrp x10, 0 <efi_var_mem_compare> b8: R_AARCH64_ADR_PREL_PG_HI21 .data.efi_runtime bc: 91000140 add x0, x10, #0x0 bc: R_AARCH64_ADD_ABS_LO12_NC .data.efi_runtime c0: aa0103ed mov x13, x1 c4: 79400021 ldrh w1, [x1] c8: aa0203eb mov x11, x2 cc: f9400400 ldr x0, [x0, #8] d0: b940100c ldr w12, [x0, #16] d4: 8b0c000c add x12, x0, x12 So let's switch efi_var_buf to static and create a helper function for anyone that needs to update it. Fixes: e01aed47d6a0 ("efi_loader: Enable run-time variable support for tee based variables") Reported-by: Atish Patra <atishp@atishpatra.org> Tested-by: Atish Patra <atish.patra@wdc.com> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 265ce194	20-Dec-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: make variable store size customizable Currently the size of the buffer to keep UEFI variables in memory is fixed at 16384 bytes. This size has proven to be too small for some use cases. Make the size of the memory buffer for UEFI variables customizable. Reported-by: Paulo Alcantara (SUSE) <pc@cjr.nz> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# dd12c6a4	15-Aug-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: remove empty comment line Remove a line leading to a warning in make htmldocs. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# e01aed47	23-Jul-2020	Ilias Apalodimas <ilias.apalodimas@linaro.org>	efi_loader: Enable run-time variable support for tee based variables We recently added functions for storing/restoring variables from a file to a memory backed buffer marked as __efi_runtime_data commit f1f990a8c958 ("efi_loader: memory buffer for variables") commit 5f7dcf079de8 ("efi_loader: UEFI variable persistence") Using the same idea we now can support GetVariable() and GetNextVariable() on the OP-TEE based variables as well. So let's re-arrange the code a bit and move the commmon code for accessing variables out of efi_variable.c. Create common functions for reading variables from memory that both implementations can use on run-time. Then just use those functions in the run-time variants of the OP-TEE based EFI variable implementation and initialize the memory buffer on ExitBootServices() Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 627ab390	15-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: describe EFI_VAR_FILE_MAGIC Add documentation for EFI_VAR_FILE_MAGIC used in the file format for UEFI variables. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 7dda1634	14-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: pre-seed UEFI variables Include a file with the initial values for non-volatile UEFI variables into the U-Boot binary. If this variable is set, changes to variable PK will not be allowed. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 99bfab8b	14-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: identify PK, KEK, db, dbx correctly To determine if a varible is on the of the authentication variables PK, KEK, db, dbx we have to check both the name and the GUID. Provide a function converting the variable-name/guid pair to an enum and use it consistently. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 012c56ac	14-Jul-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: restructure code for TEE variables When using secure boot functions needed both for file and TEE based UEFI variables have to be moved to the common code module efi_var_common.c. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# f1f990a8	22-Mar-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: memory buffer for variables Saving UEFI variable as encoded U-Boot environment variables does not allow support at runtime. Provide functions to manage a memory buffer with UEFI variables. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 5f7dcf07	19-Mar-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: UEFI variable persistence Persist non-volatile UEFI variables in a file on the EFI system partition. The file is written whenever a non-volatile UEFI variable is changed after initialization of the UEFI sub-system. The file is read during the UEFI sub-system initialization to restore non-volatile UEFI variables. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 01df8cf3	26-Jun-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: separate UEFI variable API from implemementation Separate the remaining UEFI variable API functions GetNextVariableName and QueryVariableInfo() from internal functions implementing them. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# f2d2b3a1	22-Jun-2020	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: prepare for read only OP-TEE variables We currently have two implementations of UEFI variables: * variables provided via an OP-TEE module * variables stored in the U-Boot environment Read only variables are up to now only implemented in the U-Boot environment implementation. Provide a common interface for both implementations that allows handling read-only variables. As variable access is limited to very few source files put variable related definitions into new include efi_variable.h instead of efi_loader. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> /u-boot/include/efi_variable.h
# 70a4ac69	17-Dec-2022	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: fix efi_get_next_variable_name_mem() The VariableNameSize parameter is in bytes but u16_strnlen() counts u16. Fix the parameter check for null termination. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# e618d1d2	09-Sep-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: function to get GUID for variable name In multiple places we need the default GUID matching a variable name. The patch provides a library function. For secure boot related variables like 'PK', 'KEK', 'db' a lookup table is used. For all other variable names EFI_GLOBAL_VARIABLE is returned. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h
# d47671c6	08-Sep-2021	Heinrich Schuchardt <xypron.glpk@gmx.de>	efi_loader: treat UEFI variable name as const UEFI variable names are typically constants and hence should be defined as const. Unfortunately some of our API functions do not define the parameters for UEFI variable names as const. This requires unnecessary conversions. Adjust parameters of several internal functions to tre UEFI variable names as const. Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> /u-boot/include/efi_variable.h