diff options
| author | Kay Sievers <kay@vrfy.org> | 2013-03-10 22:47:56 +0100 |
|---|---|---|
| committer | Kay Sievers <kay@vrfy.org> | 2013-03-10 22:48:27 +0100 |
| commit | bc6f2e7c62bcd08177f879423188c54289694619 (patch) | |
| tree | bc5ac1caf432a58fef6a55626084927227e9348c /src/shared | |
| parent | ad88e758d1b08a21d25971b074e119c167757109 (diff) | |
bootctl: print secure boot flags
Diffstat (limited to 'src/shared')
| -rw-r--r-- | src/shared/efivars.c | 30 | ||||
| -rw-r--r-- | src/shared/efivars.h | 2 |
2 files changed, 32 insertions, 0 deletions
diff --git a/src/shared/efivars.c b/src/shared/efivars.c index c42956f84d..4fb77428f2 100644 --- a/src/shared/efivars.c +++ b/src/shared/efivars.c @@ -34,6 +34,36 @@ bool is_efi_boot(void) { return access("/sys/firmware/efi", F_OK) >= 0; } +static int read_flag(const char *varname) { + int r; + void *v; + size_t s; + uint8_t b; + + r = efi_get_variable(EFI_VENDOR_GLOBAL, varname, NULL, &v, &s); + if (r < 0) + return r; + + if (s != 1) { + r = -EINVAL; + goto finish; + } + + b = *(uint8_t *)v; + r = b > 0; +finish: + free(v); + return r; +} + +int is_efi_secure_boot(void) { + return read_flag("SecureBoot"); +} + +int is_efi_secure_boot_setup_mode(void) { + return read_flag("SetupMode"); +} + int efi_get_variable( sd_id128_t vendor, const char *name, diff --git a/src/shared/efivars.h b/src/shared/efivars.h index 380e038f69..2b88c6075c 100644 --- a/src/shared/efivars.h +++ b/src/shared/efivars.h @@ -32,6 +32,8 @@ #define EFI_VENDOR_GLOBAL SD_ID128_MAKE(8b,e4,df,61,93,ca,11,d2,aa,0d,00,e0,98,03,2b,8c) bool is_efi_boot(void); +int is_efi_secure_boot(void); +int is_efi_secure_boot_setup_mode(void); int efi_get_variable(sd_id128_t vendor, const char *name, uint32_t *attribute, void **value, size_t *size); int efi_get_variable_string(sd_id128_t vendor, const char *name, char **p); |