summaryrefslogtreecommitdiffstats
path: root/drivers/efi
diff options
context:
space:
mode:
authorJean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>2017-03-03 13:34:05 +0100
committerSascha Hauer <s.hauer@pengutronix.de>2017-03-09 07:36:16 +0100
commitc09bec96cb551c962331a710cbddea0f36c86c79 (patch)
tree830f0864c0cad542949959c93050068f388be548 /drivers/efi
parent637d6dfef2e67bc91cacd1954f465df160fa5207 (diff)
downloadbarebox-c09bec96cb551c962331a710cbddea0f36c86c79.tar.gz
barebox-c09bec96cb551c962331a710cbddea0f36c86c79.tar.xz
efi: add veriable to report secure boot support and status
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Diffstat (limited to 'drivers/efi')
-rw-r--r--drivers/efi/efi-device.c33
1 files changed, 33 insertions, 0 deletions
diff --git a/drivers/efi/efi-device.c b/drivers/efi/efi-device.c
index db8b25147f..6ed7f12b37 100644
--- a/drivers/efi/efi-device.c
+++ b/drivers/efi/efi-device.c
@@ -354,11 +354,41 @@ static void efi_businfo(struct device_d *dev)
}
}
+static int efi_is_secure_boot(void)
+{
+ uint8_t *val;
+ int ret = 0;
+
+ val = efi_get_variable("SecureBoot", &efi_global_variable_guid, NULL);
+ if (!IS_ERR(val)) {
+ ret = *val;
+ free(val);
+ }
+
+ return ret != 1;
+}
+
+static int efi_is_setup_mode(void)
+{
+ uint8_t *val;
+ int ret = 0;
+
+ val = efi_get_variable("SetupMode", &efi_global_variable_guid, NULL);
+ if (!IS_ERR(val)) {
+ ret = *val;
+ free(val);
+ }
+
+ return ret != 1;
+}
+
static int efi_init_devices(void)
{
char *fw_vendor = NULL;
u16 sys_major = efi_sys_table->hdr.revision >> 16;
u16 sys_minor = efi_sys_table->hdr.revision & 0xffff;
+ int secure_boot = efi_is_secure_boot();
+ int setup_mode = efi_is_setup_mode();
fw_vendor = strdup_wchar_to_char((const wchar_t *)efi_sys_table->fw_vendor);
@@ -374,6 +404,9 @@ static int efi_init_devices(void)
dev_add_param_int_ro(efi_bus.dev, "major", sys_major, "%u");
dev_add_param_int_ro(efi_bus.dev, "minor", sys_minor, "%u");
dev_add_param_int_ro(efi_bus.dev, "fw_revision", efi_sys_table->fw_revision, "%u");
+ dev_add_param_int_ro(efi_bus.dev, "secure_boot", secure_boot, "%d");
+ dev_add_param_int_ro(efi_bus.dev, "secure_mode",
+ secure_boot & setup_mode, "%u");
efi_bus.dev->info = efi_businfo;