summaryrefslogtreecommitdiffstats
path: root/src/fundamental/efivars-fundamental.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:49:52 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:49:52 +0000
commit55944e5e40b1be2afc4855d8d2baf4b73d1876b5 (patch)
tree33f869f55a1b149e9b7c2b7e201867ca5dd52992 /src/fundamental/efivars-fundamental.h
parentInitial commit. (diff)
downloadsystemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.tar.xz
systemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.zip
Adding upstream version 255.4.upstream/255.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/fundamental/efivars-fundamental.h')
-rw-r--r--src/fundamental/efivars-fundamental.h50
1 files changed, 50 insertions, 0 deletions
diff --git a/src/fundamental/efivars-fundamental.h b/src/fundamental/efivars-fundamental.h
new file mode 100644
index 0000000..2d25d22
--- /dev/null
+++ b/src/fundamental/efivars-fundamental.h
@@ -0,0 +1,50 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#ifdef SD_BOOT
+# define EINVAL 22
+#else
+# include <errno.h>
+#endif
+#include "string-util-fundamental.h"
+
+/* Features of the loader, i.e. systemd-boot */
+#define EFI_LOADER_FEATURE_CONFIG_TIMEOUT (UINT64_C(1) << 0)
+#define EFI_LOADER_FEATURE_CONFIG_TIMEOUT_ONE_SHOT (UINT64_C(1) << 1)
+#define EFI_LOADER_FEATURE_ENTRY_DEFAULT (UINT64_C(1) << 2)
+#define EFI_LOADER_FEATURE_ENTRY_ONESHOT (UINT64_C(1) << 3)
+#define EFI_LOADER_FEATURE_BOOT_COUNTING (UINT64_C(1) << 4)
+#define EFI_LOADER_FEATURE_XBOOTLDR (UINT64_C(1) << 5)
+#define EFI_LOADER_FEATURE_RANDOM_SEED (UINT64_C(1) << 6)
+#define EFI_LOADER_FEATURE_LOAD_DRIVER (UINT64_C(1) << 7)
+#define EFI_LOADER_FEATURE_SORT_KEY (UINT64_C(1) << 8)
+#define EFI_LOADER_FEATURE_SAVED_ENTRY (UINT64_C(1) << 9)
+#define EFI_LOADER_FEATURE_DEVICETREE (UINT64_C(1) << 10)
+#define EFI_LOADER_FEATURE_SECUREBOOT_ENROLL (UINT64_C(1) << 11)
+#define EFI_LOADER_FEATURE_RETAIN_SHIM (UINT64_C(1) << 12)
+#define EFI_LOADER_FEATURE_MENU_DISABLE (UINT64_C(1) << 13)
+
+/* Features of the stub, i.e. systemd-stub */
+#define EFI_STUB_FEATURE_REPORT_BOOT_PARTITION (UINT64_C(1) << 0)
+#define EFI_STUB_FEATURE_PICK_UP_CREDENTIALS (UINT64_C(1) << 1)
+#define EFI_STUB_FEATURE_PICK_UP_SYSEXTS (UINT64_C(1) << 2)
+#define EFI_STUB_FEATURE_THREE_PCRS (UINT64_C(1) << 3)
+#define EFI_STUB_FEATURE_RANDOM_SEED (UINT64_C(1) << 4)
+#define EFI_STUB_FEATURE_CMDLINE_ADDONS (UINT64_C(1) << 5)
+#define EFI_STUB_FEATURE_CMDLINE_SMBIOS (UINT64_C(1) << 6)
+#define EFI_STUB_FEATURE_DEVICETREE_ADDONS (UINT64_C(1) << 7)
+
+typedef enum SecureBootMode {
+ SECURE_BOOT_UNSUPPORTED,
+ SECURE_BOOT_DISABLED,
+ SECURE_BOOT_UNKNOWN,
+ SECURE_BOOT_AUDIT,
+ SECURE_BOOT_DEPLOYED,
+ SECURE_BOOT_SETUP,
+ SECURE_BOOT_USER,
+ _SECURE_BOOT_MAX,
+ _SECURE_BOOT_INVALID = -EINVAL,
+} SecureBootMode;
+
+const sd_char *secure_boot_mode_to_string(SecureBootMode m);
+SecureBootMode decode_secure_boot_mode(bool secure, bool audit, bool deployed, bool setup);