diff options
| author | Tom Rini <trini@konsulko.com> | 2020-07-13 11:29:51 -0400 |
|---|---|---|
| committer | Tom Rini <trini@konsulko.com> | 2020-07-13 11:29:51 -0400 |
| commit | 959a481f8f49cb01d757363ae816d83e9c145ab7 (patch) | |
| tree | 2536cd6e870df4b797e8da6278d2447abf106197 /include/efi_loader.h | |
| parent | 497c7598c4e713eb9ad88fd7963e57b21b8b35e1 (diff) | |
| parent | 4a3155de3dbadfcb933287dbb84c8eff0fd951eb (diff) | |
Merge tag 'efi-2020-10-rc1-3' of https://gitlab.denx.de/u-boot/custodians/u-boot-efi
Pull request for UEFI sub-system for efi-2020-10-rc1 (3)
Up to now UEFI variables where stored in U-Boot environment variables.
Saving UEFI variables was not possible without saving the U-Boot
environment variables. With this patch series file ubootefi.var in the
EFI system partition is used for saving UEFI variables. Furthermore the
UEFI variables are exposed for reading at runtime.
Code corrections for UEFI secure boot are provided.
A buffer overrun in the RSA library is fixed.
Diffstat (limited to 'include/efi_loader.h')
| -rw-r--r-- | include/efi_loader.h | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/include/efi_loader.h b/include/efi_loader.h index fc9344c742..98944640be 100644 --- a/include/efi_loader.h +++ b/include/efi_loader.h @@ -397,6 +397,9 @@ efi_status_t efi_root_node_register(void); efi_status_t efi_initialize_system_table(void); /* efi_runtime_detach() - detach unimplemented runtime functions */ void efi_runtime_detach(void); +/* efi_convert_pointer() - convert pointer to virtual address */ +efi_status_t EFIAPI efi_convert_pointer(efi_uintn_t debug_disposition, + void **address); /* Called by bootefi to make console interface available */ efi_status_t efi_console_register(void); /* Called by bootefi to make all disk storage accessible as EFI objects */ @@ -765,14 +768,17 @@ struct efi_signature_store { struct x509_certificate; struct pkcs7_message; -bool efi_signature_verify_cert(struct x509_certificate *cert, - struct efi_signature_store *dbx); -bool efi_signature_verify_signers(struct pkcs7_message *msg, - struct efi_signature_store *dbx); +bool efi_signature_lookup_digest(struct efi_image_regions *regs, + struct efi_signature_store *db); +bool efi_signature_verify_one(struct efi_image_regions *regs, + struct pkcs7_message *msg, + struct efi_signature_store *db); bool efi_signature_verify_with_sigdb(struct efi_image_regions *regs, struct pkcs7_message *msg, - struct efi_signature_store *db, - struct x509_certificate **cert); + struct efi_signature_store *db, + struct efi_signature_store *dbx); +bool efi_signature_check_signers(struct pkcs7_message *msg, + struct efi_signature_store *dbx); efi_status_t efi_image_region_add(struct efi_image_regions *regs, const void *start, const void *end, @@ -786,6 +792,9 @@ bool efi_secure_boot_enabled(void); bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp, WIN_CERTIFICATE **auth, size_t *auth_len); +/* runtime implementation of memcpy() */ +void efi_memcpy_runtime(void *dest, const void *src, size_t n); + #else /* CONFIG_IS_ENABLED(EFI_LOADER) */ /* Without CONFIG_EFI_LOADER we don't have a runtime section, stub it out */ |