efi_loader: identify PK, KEK, db, dbx correctly

To determine if a varible is on the of the authentication variables PK, KEK, db, dbx we have to check both the name and the GUID. Provide a function converting the variable-name/guid pair to an enum and use it consistently. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-15 12:40:35 +02:00
parent be66b89da3
commit 99bfab8b58
3 changed files with 60 additions and 13 deletions
--- a/include/efi_variable.h
+++ b/include/efi_variable.h
@@ -10,6 +10,16 @@

 #define EFI_VARIABLE_READ_ONLY BIT(31)

+enum efi_auth_var_type {
+	EFI_AUTH_VAR_NONE = 0,
+	EFI_AUTH_VAR_PK,
+	EFI_AUTH_VAR_KEK,
+	EFI_AUTH_VAR_DB,
+	EFI_AUTH_VAR_DBX,
+	EFI_AUTH_VAR_DBT,
+	EFI_AUTH_VAR_DBR,
+};
+
 /**
 * efi_get_variable() - retrieve value of a UEFI variable
 *
@@ -202,4 +212,13 @@ u64 efi_var_mem_free(void);
 */
 efi_status_t efi_init_secure_state(void);

+/**
+ * efi_auth_var_get_type() - convert variable name and guid to enum
+ *
+ * @name:	name of UEFI variable
+ * @guid:	guid of UEFI variable
+ * Return:	identifier for authentication related variables
+ */
+enum efi_auth_var_type efi_auth_var_get_type(u16 *name, const efi_guid_t *guid);
+
 #endif