aboutsummaryrefslogtreecommitdiff
path: root/include/bootm.h
diff options
context:
space:
mode:
authorAKASHI Takahiro2020-04-14 11:51:41 +0900
committerHeinrich Schuchardt2020-04-16 08:12:46 +0200
commit767f6eeb01d331a7570a1a5e89010b09e5499bfb (patch)
treee3f35163f48aac689837fcab9f3747c75d47a913 /include/bootm.h
parentbe6296d05b072f312a20587cf2de8e4456bcb8ff (diff)
efi_loader: variable: support variable authentication
With this commit, EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is supported for authenticated variables and the system secure state will transfer between setup mode and user mode as UEFI specification section 32.3 describes. Internally, authentication data is stored as part of authenticated variable's value. It is nothing but a pkcs7 message (but we need some wrapper, see efi_variable_parse_signature()) and will be validated by efi_variable_authenticate(), hence efi_signature_verify_with_db(). Associated time value will be encoded in "{...,time=...}" along with other UEFI variable's attributes. Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Diffstat (limited to 'include/bootm.h')
0 files changed, 0 insertions, 0 deletions