sbvarsign: Start with a default set of variable attributes

We're almost always going to want the attributes set to
NON_VOLATILE | BOOTSERVICE_ACCESS | RUNTIME_ACCES | APPEND_WRITE,
and TIME_BASED_AUTHENTICATED_WRITE is required. So, provide this
as the default if no --attrs argument is specified.

Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
This commit is contained in:
Jeremy Kerr 2012-08-23 19:35:32 +08:00
parent 88625a586c
commit 07328d85c3

View file

@ -96,6 +96,12 @@ static struct attr attrs[] = {
EFI_VAR_ATTR(APPEND_WRITE),
};
static uint32_t default_attrs = EFI_VARIABLE_NON_VOLATILE |
EFI_VARIABLE_BOOTSERVICE_ACCESS |
EFI_VARIABLE_RUNTIME_ACCESS |
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS |
EFI_VARIABLE_APPEND_WRITE;
static uint32_t attr_invalid = 0xffffffffu;
static const char *attr_prefix = "EFI_VARIABLE_";
@ -135,7 +141,7 @@ static uint32_t parse_attrs(const char *attrs_str)
/* we always need E_V_T_B_A_W_A */
attrs_val = EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
if (!attrs_str || !attrs_str[0])
if (!attrs_str[0])
return attrs_val;
str = strdup(attrs_str);
@ -406,7 +412,9 @@ void usage(void)
for (i = 0; i < ARRAY_SIZE(attrs); i++)
printf("\t %s\n", attrs[i].name);
printf("\t Separate multiple attrs with a comma\n"
printf("\t Separate multiple attrs with a comma,\n"
"\t default is all attributes,\n"
"\t TIME_BASED_AUTH... is always included.\n"
"\t--output <file> write signed data to <file>\n"
"\t (default <var-data-file>.signed)\n");
}
@ -496,9 +504,13 @@ int main(int argc, char **argv)
if (!ctx->outfilename)
set_default_outfilename(ctx);
if (attr_str) {
ctx->var_attrs = parse_attrs(attr_str);
if (ctx->var_attrs == attr_invalid)
return EXIT_FAILURE;
} else {
ctx->var_attrs = default_attrs;
}
if (guid_str) {
if (parse_guid(guid_str, &ctx->var_guid)) {