From 19327c1f90e528cd89eb170250ebea6338b424f5 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Wed, 3 Apr 2024 17:33:33 +0200 Subject: efi_loader: all variable attributes are 32bit GetVariable() and SetVariable() use an uint32_t value for attributes. The UEFI specification defines the related constants as 32bit. Add the missing EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS constant. Signed-off-by: Heinrich Schuchardt Reviewed-by: Ilias Apalodimas --- include/efi.h | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/efi.h b/include/efi.h index f0e5faa7549..62cfb993d2e 100644 --- a/include/efi.h +++ b/include/efi.h @@ -492,13 +492,14 @@ extern char _binary_u_boot_bin_start[], _binary_u_boot_bin_end[]; /* * Variable Attributes */ -#define EFI_VARIABLE_NON_VOLATILE 0x0000000000000001 -#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x0000000000000002 -#define EFI_VARIABLE_RUNTIME_ACCESS 0x0000000000000004 -#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x0000000000000008 -#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x0000000000000010 -#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x0000000000000020 -#define EFI_VARIABLE_APPEND_WRITE 0x0000000000000040 +#define EFI_VARIABLE_NON_VOLATILE 0x00000001 +#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x00000002 +#define EFI_VARIABLE_RUNTIME_ACCESS 0x00000004 +#define EFI_VARIABLE_HARDWARE_ERROR_RECORD 0x00000008 +#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010 +#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS 0x00000020 +#define EFI_VARIABLE_APPEND_WRITE 0x00000040 +#define EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS 0x00000080 #define EFI_VARIABLE_MASK (EFI_VARIABLE_NON_VOLATILE | \ EFI_VARIABLE_BOOTSERVICE_ACCESS | \ -- cgit v1.2.3 From 3b51c3a0b03411b07f0acd8bf2361ba54043fdcf Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Wed, 3 Apr 2024 17:33:34 +0200 Subject: efi_loader: EFI_VARIABLE_READ_ONLY should be 32bit GetVariable() and SetVariable() only accept a 32bit value for attributes. It makes not sense to define EFI_VARIABLE_READ_ONLY as unsigned long. Signed-off-by: Heinrich Schuchardt Reviewed-by: Ilias Apalodimas --- include/efi_variable.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/efi_variable.h b/include/efi_variable.h index 805e6c5f1e0..42a2b7c52be 100644 --- a/include/efi_variable.h +++ b/include/efi_variable.h @@ -8,7 +8,7 @@ #include -#define EFI_VARIABLE_READ_ONLY BIT(31) +#define EFI_VARIABLE_READ_ONLY 0x80000000 enum efi_auth_var_type { EFI_AUTH_VAR_NONE = 0, -- cgit v1.2.3 From e0fa2cf39cedd9297c16bc4ea4ff5c512bb4e0ec Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Wed, 3 Apr 2024 17:33:35 +0200 Subject: efi_loader: handle EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS We don't yet support EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS for file based variables, but we should pass it to TEE based variable stores. Signed-off-by: Heinrich Schuchardt Reviewed-by: Ilias Apalodimas --- include/efi.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/efi.h b/include/efi.h index 62cfb993d2e..c3c4b93f860 100644 --- a/include/efi.h +++ b/include/efi.h @@ -507,7 +507,8 @@ extern char _binary_u_boot_bin_start[], _binary_u_boot_bin_end[]; EFI_VARIABLE_HARDWARE_ERROR_RECORD | \ EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \ - EFI_VARIABLE_APPEND_WRITE) + EFI_VARIABLE_APPEND_WRITE | \ + EFI_VARIABLE_ENHANCED_AUTHENTICATED_ACCESS) /** * efi_get_priv() - Get access to the EFI-private information -- cgit v1.2.3 From a0a749787aa4cebd8a1b919ee04cc8f450796fcb Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Thu, 4 Apr 2024 01:00:41 +0200 Subject: efi_loader: move HOST_ARCH to version_autogenerated.h efi_default_filename.h requires HOST_ARCH to be defined. Up to now we defined it via a CFLAGS. This does not scale. Add the symbol to version_autogenerated.h instead. Signed-off-by: Heinrich Schuchardt Acked-by: Ilias Apalodimas --- include/host_arch.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include') diff --git a/include/host_arch.h b/include/host_arch.h index 169d4945136..261194bd7c6 100644 --- a/include/host_arch.h +++ b/include/host_arch.h @@ -16,6 +16,8 @@ export HOST_ARCH_X86=0x0386 export HOST_ARCH_X86_64=0x8664 #endif +#include + #define HOST_ARCH_AARCH64 0xaa64 #define HOST_ARCH_ARM 0x00a7 #define HOST_ARCH_RISCV32 0x5032 -- cgit v1.2.3