Any signature database variable is associated with a specific guid.
For convenience, if user doesn't supply any guid info, "env set|print -e"
should complement it.
Signed-off-by: AKASHI Takahiro <takahiro.aka...@linaro.org>
---
cmd/nvedit_efi.c | 31 +++++++++++++++++++++++--------
1 file changed, 23 insertions(+), 8 deletions(-)
diff --git a/cmd/nvedit_efi.c b/cmd/nvedit_efi.c
index 4532124c33d0..a4dbf37f3f2e 100644
--- a/cmd/nvedit_efi.c
+++ b/cmd/nvedit_efi.c
@@ -41,6 +41,11 @@ static const struct {
} efi_guid_text[] = {
/* signature database */
{EFI_GLOBAL_VARIABLE_GUID, "EFI_GLOBAL_VARIABLE_GUID"},
+ {EFI_IMAGE_SECURITY_DATABASE_GUID, "EFI_IMAGE_SECURITY_DATABASE_GUID"},
+ /* certificate type */
+ {EFI_CERT_SHA256_GUID, "EFI_CERT_SHA256_GUID"},
+ {EFI_CERT_X509_GUID, "EFI_CERT_X509_GUID"},
+ {EFI_CERT_TYPE_PKCS7_GUID, "EFI_CERT_TYPE_PKCS7_GUID"},
};
/* "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" */
@@ -135,6 +140,7 @@ static int efi_dump_vars(int argc, char * const argv[],
bool verbose)
{
u16 *var_name16, *p;
efi_uintn_t buf_size, size;
+ efi_guid_t *guid;
buf_size = 128;
var_name16 = malloc(buf_size);
@@ -156,9 +162,13 @@ static int efi_dump_vars(int argc, char * const argv[],
bool verbose)
p = var_name16;
utf8_utf16_strcpy(&p, argv[0]);
- efi_dump_single_var(var_name16,
- (efi_guid_t *)&efi_global_variable_guid,
- verbose);
+ if (!strcmp(argv[0], "db") || !strcmp(argv[0], "dbx") ||
+ !strcmp(argv[0], "dbt"))
+ guid = (efi_guid_t *)&efi_guid_image_security_database;
+ else
+ guid = (efi_guid_t *)&efi_global_variable_guid;
+
+ efi_dump_single_var(var_name16, guid, verbose);
}
free(var_name16);
@@ -167,7 +177,7 @@ static int efi_dump_vars(int argc, char * const argv[],
bool verbose)
}
/**
- * efi_dump_vars() - show information about all the UEFI variables
+ * efi_dump_var_all() - show information about all the UEFI variables
*
* @verbose: if true, dump data
* Return: CMD_RET_SUCCESS on success, or CMD_RET_RET_FAILURE
@@ -463,9 +473,9 @@ int do_env_set_efi(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
if (*ep != ',')
return CMD_RET_USAGE;
+ /* 0 should be allowed for delete */
size = simple_strtoul(++ep, NULL, 16);
- if (!size)
- return CMD_RET_FAILURE;
+
value_on_memory = true;
} else if (!strcmp(argv[0], "-v")) {
verbose = true;
@@ -477,8 +487,13 @@ int do_env_set_efi(cmd_tbl_t *cmdtp, int flag, int argc,
char * const argv[])
return CMD_RET_USAGE;
var_name = argv[0];
- if (default_guid)
- guid = efi_global_variable_guid;
+ if (default_guid) {
+ if (!strcmp(var_name, "db") || !strcmp(var_name, "dbx") ||
+ !strcmp(var_name, "dbt"))
+ guid = efi_guid_image_security_database;
+ else
+ guid = efi_global_variable_guid;
+ }
if (verbose) {
printf("GUID: %s\n", efi_guid_to_str(&guid));
--
2.21.0
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
