From 07328d85c319ca83c16f26a2bbdb70ebc9cb3455 Mon Sep 17 00:00:00 2001
From: Jeremy Kerr <jeremy.kerr@canonical.com>
Date: Thu, 23 Aug 2012 19:35:32 +0800
Subject: [PATCH] sbvarsign: Start with a default set of variable attributes

We're almost always going to want the attributes set to
NON_VOLATILE | BOOTSERVICE_ACCESS | RUNTIME_ACCES | APPEND_WRITE,
and TIME_BASED_AUTHENTICATED_WRITE is required. So, provide this
as the default if no --attrs argument is specified.

Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
---
 src/sbvarsign.c | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/src/sbvarsign.c b/src/sbvarsign.c
index 3997c96..c867b09 100644
--- a/src/sbvarsign.c
+++ b/src/sbvarsign.c
@@ -96,6 +96,12 @@ static struct attr attrs[] = {
 	EFI_VAR_ATTR(APPEND_WRITE),
 };
 
+static uint32_t default_attrs = EFI_VARIABLE_NON_VOLATILE |
+			EFI_VARIABLE_BOOTSERVICE_ACCESS |
+			EFI_VARIABLE_RUNTIME_ACCESS |
+			EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS |
+			EFI_VARIABLE_APPEND_WRITE;
+
 static uint32_t attr_invalid = 0xffffffffu;
 static const char *attr_prefix = "EFI_VARIABLE_";
 
@@ -135,7 +141,7 @@ static uint32_t parse_attrs(const char *attrs_str)
 	/* we always need E_V_T_B_A_W_A */
 	attrs_val = EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
 
-	if (!attrs_str || !attrs_str[0])
+	if (!attrs_str[0])
 		return attrs_val;
 
 	str = strdup(attrs_str);
@@ -406,7 +412,9 @@ void usage(void)
 	for (i = 0; i < ARRAY_SIZE(attrs); i++)
 		printf("\t                     %s\n", attrs[i].name);
 
-	printf("\t                   Separate multiple attrs with a comma\n"
+	printf("\t                  Separate multiple attrs with a comma,\n"
+		"\t                  default is all attributes,\n"
+		"\t                  TIME_BASED_AUTH... is always included.\n"
 		"\t--output <file>  write signed data to <file>\n"
 		"\t                  (default <var-data-file>.signed)\n");
 }
@@ -496,9 +504,13 @@ int main(int argc, char **argv)
 	if (!ctx->outfilename)
 		set_default_outfilename(ctx);
 
-	ctx->var_attrs = parse_attrs(attr_str);
-	if (ctx->var_attrs == attr_invalid)
-		return EXIT_FAILURE;
+	if (attr_str) {
+		ctx->var_attrs = parse_attrs(attr_str);
+		if (ctx->var_attrs == attr_invalid)
+			return EXIT_FAILURE;
+	} else {
+		ctx->var_attrs = default_attrs;
+	}
 
 	if (guid_str) {
 		if (parse_guid(guid_str, &ctx->var_guid)) {