// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later /* Copyright 2020 IBM Corp. */ #ifndef __SECVAR_EDK2_COMPAT_PROCESS__ #define __SECVAR_EDK2_COMPAT_PROCESS__ #ifndef pr_fmt #define pr_fmt(fmt) "EDK2_COMPAT: " fmt #endif #include #include #include #include #include #include #include #include #include "libstb/crypto/pkcs7/pkcs7.h" #include "edk2.h" #include "opal-api.h" #include "../secvar.h" #include "../secvar_devtree.h" #define CERT_BUFFER_SIZE 2048 #define MBEDTLS_ERR_BUFFER_SIZE 1024 #define EDK2_MAX_KEY_LEN SECVAR_MAX_KEY_LEN #define key_equals(a,b) (!strncmp(a, b, EDK2_MAX_KEY_LEN)) #define uuid_equals(a,b) (!memcmp(a, b, UUID_SIZE)) extern bool setup_mode; extern struct list_head staging_bank; /* Update the variable in the variable bank with the new value. */ int update_variable_in_bank(struct secvar *update_var, const char *data, uint64_t dsize, struct list_head *bank); /* This function outputs the Authentication 2 Descriptor in the * auth_buffer and returns the size of the buffer. Please refer to * edk2.h for details on Authentication 2 Descriptor */ int get_auth_descriptor2(const void *buf, const size_t buflen, void **auth_buffer); /* Check the format of the ESL */ int validate_esl_list(const char *key, const char *esl, const size_t size); /* Update the TS variable with the new timestamp */ int update_timestamp(const char *key, const struct efi_time *timestamp, char *last_timestamp); /* Check the new timestamp against the timestamp last update was done */ int check_timestamp(const char *key, const struct efi_time *timestamp, char *last_timestamp); /* Check the GUID of the data type */ bool is_pkcs7_sig_format(const void *data); /* Process the update */ int process_update(const struct secvar *update, char **newesl, int *neweslsize, struct efi_time *timestamp, struct list_head *bank, char *last_timestamp); #endif