diff options
| author |   Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> | 2023-10-10 14:33:42 +0000 |
|---|---|---|
| committer | Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> | 2023-10-10 14:33:42 +0000 |
| commit | af1a266670d040d2f4083ff309d732d648afba2a (patch) | |
| tree | 2fc46203448ddcc6f81546d379abfaeb323575e9 /roms/skiboot/libstb/secvar/backend/edk2-compat-process.h | |
| parent | e02cda008591317b1625707ff8e115a4841aa889 (diff) | |
Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec
Diffstat (limited to 'roms/skiboot/libstb/secvar/backend/edk2-compat-process.h')
| -rw-r--r-- | roms/skiboot/libstb/secvar/backend/edk2-compat-process.h | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/roms/skiboot/libstb/secvar/backend/edk2-compat-process.h b/roms/skiboot/libstb/secvar/backend/edk2-compat-process.h new file mode 100644 index 000000000..737c73295 --- /dev/null +++ b/roms/skiboot/libstb/secvar/backend/edk2-compat-process.h @@ -0,0 +1,63 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +/* Copyright 2020 IBM Corp. */ + +#ifndef __SECVAR_EDK2_COMPAT_PROCESS__ +#define __SECVAR_EDK2_COMPAT_PROCESS__ + +#ifndef pr_fmt +#define pr_fmt(fmt) "EDK2_COMPAT: " fmt +#endif + +#include <opal.h> +#include <string.h> +#include <time.h> +#include <unistd.h> +#include <stdint.h> +#include <ccan/endian/endian.h> +#include <mbedtls/error.h> +#include <device.h> +#include "libstb/crypto/pkcs7/pkcs7.h" +#include "edk2.h" +#include "opal-api.h" +#include "../secvar.h" +#include "../secvar_devtree.h" + +#define CERT_BUFFER_SIZE 2048 +#define MBEDTLS_ERR_BUFFER_SIZE 1024 + +#define EDK2_MAX_KEY_LEN SECVAR_MAX_KEY_LEN +#define key_equals(a,b) (!strncmp(a, b, EDK2_MAX_KEY_LEN)) +#define uuid_equals(a,b) (!memcmp(a, b, UUID_SIZE)) + +extern bool setup_mode; +extern struct list_head staging_bank; + +/* Update the variable in the variable bank with the new value. */ +int update_variable_in_bank(struct secvar *update_var, const char *data, + uint64_t dsize, struct list_head *bank); + +/* This function outputs the Authentication 2 Descriptor in the + * auth_buffer and returns the size of the buffer. Please refer to + * edk2.h for details on Authentication 2 Descriptor + */ +int get_auth_descriptor2(const void *buf, const size_t buflen, + void **auth_buffer); + +/* Check the format of the ESL */ +int validate_esl_list(const char *key, const char *esl, const size_t size); + +/* Update the TS variable with the new timestamp */ +int update_timestamp(const char *key, const struct efi_time *timestamp, char *last_timestamp); + +/* Check the new timestamp against the timestamp last update was done */ +int check_timestamp(const char *key, const struct efi_time *timestamp, char *last_timestamp); + +/* Check the GUID of the data type */ +bool is_pkcs7_sig_format(const void *data); + +/* Process the update */ +int process_update(const struct secvar *update, char **newesl, + int *neweslsize, struct efi_time *timestamp, + struct list_head *bank, char *last_timestamp); + +#endif |