iPXE
Functions | Variables
efi_shim.c File Reference

UEFI shim special handling. More...

#include <string.h>
#include <stdlib.h>
#include <errno.h>
#include <ipxe/image.h>
#include <ipxe/efi/efi.h>
#include <ipxe/efi/efi_strings.h>
#include <ipxe/efi/efi_shim.h>
#include <ipxe/efi/Protocol/PxeBaseCode.h>
#include <ipxe/efi/Protocol/ShimLock.h>

Go to the source code of this file.

Functions

 FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
 FILE_SECBOOT (PERMITTED)
static int efi_shim_is_sbatlevel (const CHAR16 *name, const EFI_GUID *guid)
 Check if variable is SbatLevel.
static void efi_shim_unlock (void)
 Unlock UEFI shim.
static EFI_STATUS EFIAPI efi_shim_set_variable (CHAR16 *name, EFI_GUID *guid, UINT32 attrs, UINTN len, VOID *data)
 Wrap SetVariable()
static EFI_STATUS EFIAPI efi_shim_get_variable (CHAR16 *name, EFI_GUID *guid, UINT32 *attrs, UINTN *len, VOID *data)
 Wrap GetVariable()
static EFIAPI EFI_STATUS efi_shim_get_memory_map (UINTN *len, EFI_MEMORY_DESCRIPTOR *map, UINTN *key, UINTN *desclen, UINT32 *descver)
 Wrap GetMemoryMap()
static int efi_shim_inhibit_pxe (EFI_HANDLE handle)
 Inhibit use of PXE base code.
static int efi_shim_cmdline (struct image *shim, wchar_t **cmdline)
 Update command line.
int efi_shim_install (struct image *shim, EFI_HANDLE handle, wchar_t **cmdline)
 Install UEFI shim special handling.
void efi_shim_uninstall (void)
 Uninstall UEFI shim special handling.

Variables

int efi_shim_require_loader = 0
 Require use of a third party loader binary.
int efi_shim_allow_pxe = 0
 Allow use of PXE base code protocol.
int efi_shim_allow_sbat = 0
 Allow SBAT variable access.
struct image_tag efi_shim __image_tag
 UEFI shim image.
static EFI_GET_MEMORY_MAP efi_shim_orig_get_memory_map
 Original GetMemoryMap() function.
static EFI_SET_VARIABLE efi_shim_orig_set_variable
 Original SetVariable() function.
static EFI_GET_VARIABLE efi_shim_orig_get_variable
 Original GetVariable() function.
static int efi_shim_sbatlevel_verify
 Verify read from SbatLevel variable.

Detailed Description

UEFI shim special handling.

Definition in file efi_shim.c.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

◆ efi_shim_is_sbatlevel()

int efi_shim_is_sbatlevel ( const CHAR16 * name,
const EFI_GUID * guid )
static

Check if variable is SbatLevel.

Parameters
nameVariable name
guidVariable namespace GUID
Return values
is_sbatlevelVariable is SbatLevel

Definition at line 133 of file efi_shim.c.

133 {
134 static CHAR16 sbatlevel[] = L"SbatLevel";
135 EFI_GUID *shimlock = &efi_shim_lock_protocol_guid;
136
137 return ( ( memcmp ( name, sbatlevel, sizeof ( sbatlevel ) ) == 0 ) &&
138 ( memcmp ( guid, shimlock, sizeof ( *shimlock ) ) == 0 ) );
139}
CHAR16
unsigned short CHAR16
2-byte Character.
Definition ProcessorBind.h:102
EFI_GUID
GUID EFI_GUID
128-bit buffer containing a unique identifier value.
Definition UefiBaseType.h:28
name
const char * name
Definition ath9k_hw.c:1986
guid
uint64_t guid
GUID.
Definition edd.h:1
efi_shim_lock_protocol_guid
EFI_GUID efi_shim_lock_protocol_guid
Shim lock protocol GUID.
Definition efi_guid.c:333
memcmp
int memcmp(const void *first, const void *second, size_t len)
Compare memory regions.
Definition string.c:115

References efi_shim_lock_protocol_guid, guid, memcmp(), and name.

Referenced by efi_shim_get_variable(), and efi_shim_set_variable().

◆ efi_shim_unlock()

void efi_shim_unlock ( void )
static

Unlock UEFI shim.

Definition at line 145 of file efi_shim.c.

145 {
146 EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
147 uint8_t empty[0];
148 union {
149 EFI_SHIM_LOCK_PROTOCOL *lock;
150 void *interface;
151 } u;
152 EFI_STATUS efirc;
153
154 /* Locate shim lock protocol */
155 if ( ( efirc = bs->LocateProtocol ( &efi_shim_lock_protocol_guid,
156 NULL, &u.interface ) ) == 0 ) {
157 u.lock->Verify ( empty, sizeof ( empty ) );
158 DBGC ( &efi_shim, "SHIM unlocked via %p\n", u.lock );
159 }
160}
NULL
#define NULL
NULL pointer (VOID *)
Definition Base.h:322
EFI_SHIM_LOCK_PROTOCOL
struct _EFI_SHIM_LOCK_PROTOCOL EFI_SHIM_LOCK_PROTOCOL
EFI_STATUS
RETURN_STATUS EFI_STATUS
Function return status for EFI API.
Definition UefiBaseType.h:32
uint8_t
unsigned char uint8_t
Definition stdint.h:10
u
union @104331263140136355135267063077374276003064103115 u
DBGC
#define DBGC(...)
Definition compiler.h:505
efi_systab
EFI_SYSTEM_TABLE * efi_systab
EFI_BOOT_SERVICES
EFI Boot Services Table.
Definition UefiSpec.h:1931
EFI_BOOT_SERVICES::LocateProtocol
EFI_LOCATE_PROTOCOL LocateProtocol
Definition UefiSpec.h:2009
interface
An object interface.
Definition interface.h:125

References DBGC, efi_shim_lock_protocol_guid, efi_systab, EFI_BOOT_SERVICES::LocateProtocol, NULL, and u.

Referenced by efi_shim_get_memory_map().

◆ efi_shim_set_variable()

EFI_STATUS EFIAPI efi_shim_set_variable ( CHAR16 * name,
EFI_GUID * guid,
UINT32 attrs,
UINTN len,
VOID * data )
static

Wrap SetVariable()

Parameters
nameVariable name
guidVariable namespace GUID
attrsAttributes
lenBuffer size
dataData buffer
Return values
efircEFI status code

Definition at line 173 of file efi_shim.c.

174 {
175 EFI_STATUS efirc;
176
177 /* Call original SetVariable() */
178 efirc = efi_shim_orig_set_variable ( name, guid, attrs, len, data );
179
180 /* Allow verification of SbatLevel variable content */
181 if ( efi_shim_is_sbatlevel ( name, guid ) && ( efirc == 0 ) ) {
182 DBGC ( &efi_shim, "SHIM detected write to %ls:\n", name );
183 DBGC_HDA ( &efi_shim, 0, data, len );
184 efi_shim_sbatlevel_verify = 1;
185 }
186
187 return efirc;
188}
len
ring len
Length.
Definition dwmac.h:226
efi_shim_sbatlevel_verify
static int efi_shim_sbatlevel_verify
Verify read from SbatLevel variable.
Definition efi_shim.c:124
efi_shim_orig_set_variable
static EFI_SET_VARIABLE efi_shim_orig_set_variable
Original SetVariable() function.
Definition efi_shim.c:118
efi_shim_is_sbatlevel
static int efi_shim_is_sbatlevel(const CHAR16 *name, const EFI_GUID *guid)
Check if variable is SbatLevel.
Definition efi_shim.c:133
data
uint8_t data[48]
Additional event data.
Definition ena.h:11
DBGC_HDA
#define DBGC_HDA(...)
Definition compiler.h:506

References data, DBGC, DBGC_HDA, efi_shim_is_sbatlevel(), efi_shim_orig_set_variable, efi_shim_sbatlevel_verify, guid, len, name, and VOID.

Referenced by efi_shim_get_memory_map(), and efi_shim_install().

◆ efi_shim_get_variable()

EFI_STATUS EFIAPI efi_shim_get_variable ( CHAR16 * name,
EFI_GUID * guid,
UINT32 * attrs,
UINTN * len,
VOID * data )
static

Wrap GetVariable()

Parameters
nameVariable name
guidVariable namespace GUID
attrsAttributes to fill in
lenBuffer size
dataData buffer
Return values
efircEFI status code

Definition at line 201 of file efi_shim.c.

202 {
203 char *value = data;
204 EFI_STATUS efirc;
205
206 /* Call original GetVariable() */
207 efirc = efi_shim_orig_get_variable ( name, guid, attrs, len, data );
208
209 /* Patch SbatLevel variable if applicable */
210 if ( efi_shim_is_sbatlevel ( name, guid ) && data && ( efirc == 0 ) ) {
211 if ( efi_shim_allow_sbat ) {
212 DBGC ( &efi_shim, "SHIM allowing read from %ls:\n",
213 name );
214 } else if ( efi_shim_sbatlevel_verify ) {
215 DBGC ( &efi_shim, "SHIM allowing one read from %ls:\n",
216 name );
217 efi_shim_sbatlevel_verify = 0;
218 } else {
219 DBGC ( &efi_shim, "SHIM patching read from %ls:\n",
220 name );
221 value[0] = '\0';
222 }
223 DBGC_HDA ( &efi_shim, 0, data, *len );
224 }
225
226 return efirc;
227}
value
pseudo_bit_t value[0x00020]
Definition arbel.h:2
efi_shim_allow_sbat
int efi_shim_allow_sbat
Allow SBAT variable access.
Definition efi_shim.c:107
efi_shim_orig_get_variable
static EFI_GET_VARIABLE efi_shim_orig_get_variable
Original GetVariable() function.
Definition efi_shim.c:121

References data, DBGC, DBGC_HDA, efi_shim_allow_sbat, efi_shim_is_sbatlevel(), efi_shim_orig_get_variable, efi_shim_sbatlevel_verify, guid, len, name, value, and VOID.

Referenced by efi_shim_get_memory_map(), and efi_shim_install().

◆ efi_shim_get_memory_map()

EFIAPI EFI_STATUS efi_shim_get_memory_map ( UINTN * len,
EFI_MEMORY_DESCRIPTOR * map,
UINTN * key,
UINTN * desclen,
UINT32 * descver )
static

Wrap GetMemoryMap()

Parameters
lenMemory map size
mapMemory map
keyMemory map key
desclenDescriptor size
descverDescriptor version
Return values
efircEFI status code

Definition at line 239 of file efi_shim.c.

242 {
243 EFI_RUNTIME_SERVICES *rs = efi_systab->RuntimeServices;
244
245 /* Unlock shim */
246 if ( ! efi_shim_require_loader )
247 efi_shim_unlock();
248
249 /* Uninstall runtime services wrappers, if still installed */
250 if ( rs->SetVariable == efi_shim_set_variable ) {
251 rs->SetVariable = efi_shim_orig_set_variable;
252 DBGC ( &efi_shim, "SHIM uninstalled SetVariable() wrapper\n" );
253 } else if ( rs->SetVariable != efi_shim_orig_set_variable ) {
254 DBGC ( &efi_shim, "SHIM could not uninstall SetVariable() "
255 "wrapper!\n" );
256 }
257 if ( rs->GetVariable == efi_shim_get_variable ) {
258 rs->GetVariable = efi_shim_orig_get_variable;
259 DBGC ( &efi_shim, "SHIM uninstalled GetVariable() wrapper\n" );
260 } else if ( rs->GetVariable != efi_shim_orig_get_variable ) {
261 DBGC ( &efi_shim, "SHIM could not uninstall GetVariable() "
262 "wrapper!\n" );
263 }
264
265 /* Hand off to original GetMemoryMap() */
266 return efi_shim_orig_get_memory_map ( len, map, key, desclen,
267 descver );
268}
key
union @162305117151260234136356364136041353210355154177 key
Sense key.
Definition scsi.h:3
efi_shim_unlock
static void efi_shim_unlock(void)
Unlock UEFI shim.
Definition efi_shim.c:145
efi_shim_orig_get_memory_map
static EFI_GET_MEMORY_MAP efi_shim_orig_get_memory_map
Original GetMemoryMap() function.
Definition efi_shim.c:115
efi_shim_get_variable
static EFI_STATUS EFIAPI efi_shim_get_variable(CHAR16 *name, EFI_GUID *guid, UINT32 *attrs, UINTN *len, VOID *data)
Wrap GetVariable()
Definition efi_shim.c:201
efi_shim_require_loader
int efi_shim_require_loader
Require use of a third party loader binary.
Definition efi_shim.c:69
efi_shim_set_variable
static EFI_STATUS EFIAPI efi_shim_set_variable(CHAR16 *name, EFI_GUID *guid, UINT32 attrs, UINTN len, VOID *data)
Wrap SetVariable()
Definition efi_shim.c:173
map
static __always_inline int struct dma_mapping * map
Definition dma.h:184
EFI_RUNTIME_SERVICES
EFI Runtime Services Table.
Definition UefiSpec.h:1880
EFI_RUNTIME_SERVICES::SetVariable
EFI_SET_VARIABLE SetVariable
Definition UefiSpec.h:1905
EFI_RUNTIME_SERVICES::GetVariable
EFI_GET_VARIABLE GetVariable
Definition UefiSpec.h:1903

References DBGC, efi_shim_get_variable(), efi_shim_orig_get_memory_map, efi_shim_orig_get_variable, efi_shim_orig_set_variable, efi_shim_require_loader, efi_shim_set_variable(), efi_shim_unlock(), efi_systab, EFIAPI, EFI_RUNTIME_SERVICES::GetVariable, key, len, map, and EFI_RUNTIME_SERVICES::SetVariable.

Referenced by efi_shim_install().

◆ efi_shim_inhibit_pxe()

int efi_shim_inhibit_pxe ( EFI_HANDLE handle)
static

Inhibit use of PXE base code.

Parameters
handleEFI handle
Return values
rcReturn status code

Definition at line 276 of file efi_shim.c.

276 {
277 EFI_PXE_BASE_CODE_PROTOCOL *pxe;
278 EFI_STATUS efirc;
279 int rc;
280
281 /* Locate PXE base code */
282 if ( ( rc = efi_open ( handle, &efi_pxe_base_code_protocol_guid,
283 &pxe ) ) != 0 ) {
284 DBGC ( &efi_shim, "SHIM could not open PXE base code: %s\n",
285 strerror ( rc ) );
286 return rc;
287 }
288
289 /* Stop PXE base code */
290 if ( ( efirc = pxe->Stop ( pxe ) ) != 0 ) {
291 rc = -EEFI ( efirc );
292 DBGC ( &efi_shim, "SHIM could not stop PXE base code: %s\n",
293 strerror ( rc ) );
294 return rc;
295 }
296
297 DBGC ( &efi_shim, "SHIM stopped PXE base code\n" );
298 return 0;
299}
EFI_PXE_BASE_CODE_PROTOCOL
struct _EFI_PXE_BASE_CODE_PROTOCOL EFI_PXE_BASE_CODE_PROTOCOL
Definition PxeBaseCode.h:30
rc
struct arbelprm_rc_send_wqe rc
Definition arbel.h:3
efi_pxe_base_code_protocol_guid
EFI_GUID efi_pxe_base_code_protocol_guid
PXE base code protocol GUID.
Definition efi_guid.c:321
efi_open
#define efi_open(handle, protocol, interface)
Open protocol for ephemeral use.
Definition efi.h:444
EEFI
#define EEFI(efirc)
Convert an EFI status code to an iPXE status code.
Definition efi.h:175
handle
uint16_t handle
Handle.
Definition smbios.h:5
strerror
char * strerror(int errno)
Retrieve string representation of error number.
Definition strerror.c:79
_EFI_PXE_BASE_CODE_PROTOCOL::Stop
EFI_PXE_BASE_CODE_STOP Stop
Definition PxeBaseCode.h:915

References DBGC, EEFI, EFI_HANDLE, efi_open, efi_pxe_base_code_protocol_guid, handle, rc, _EFI_PXE_BASE_CODE_PROTOCOL::Stop, and strerror().

Referenced by efi_shim_install().

◆ efi_shim_cmdline()

int efi_shim_cmdline ( struct image * shim,
wchar_t ** cmdline )
static

Update command line.

Parameters
shimShim image
cmdlineCommand line to update
Return values
rcReturn status code

Definition at line 308 of file efi_shim.c.

308 {
309 wchar_t *shimcmdline;
310 int len;
311 int rc;
312
313 /* Construct new command line */
314 len = ( shim->cmdline ?
315 efi_asprintf ( &shimcmdline, "%s %s", shim->name,
316 shim->cmdline ) :
317 efi_asprintf ( &shimcmdline, "%s %ls", shim->name,
318 *cmdline ) );
319 if ( len < 0 ) {
320 rc = len;
321 DBGC ( &efi_shim, "SHIM could not construct command line: "
322 "%s\n", strerror ( rc ) );
323 return rc;
324 }
325
326 /* Replace command line */
327 free ( *cmdline );
328 *cmdline = shimcmdline;
329
330 return 0;
331}
efi_asprintf
int efi_asprintf(wchar_t **wstrp, const char *fmt,...)
Write a formatted string to newly allocated memory.
Definition efi_strings.c:189
cmdline
uint32_t cmdline
Definition multiboot.h:4
free
static void(* free)(struct refcnt *refcnt))
Definition refcnt.h:55
shim
int shim(struct image *image, int require_loader, int allow_pxe, int allow_sbat)
Set shim image.
Definition shimmgmt.c:46

References cmdline, DBGC, efi_asprintf(), free, len, rc, shim(), and strerror().

Referenced by efi_shim_install().

◆ efi_shim_install()

int efi_shim_install ( struct image * shim,
EFI_HANDLE handle,
wchar_t ** cmdline )

Install UEFI shim special handling.

Parameters
shimShim image
handleEFI device handle
cmdlineCommand line to update
Return values
rcReturn status code

Definition at line 341 of file efi_shim.c.

342 {
343 EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
344 EFI_RUNTIME_SERVICES *rs = efi_systab->RuntimeServices;
345 int rc;
346
347 /* Stop PXE base code */
348 if ( ( ! efi_shim_allow_pxe ) &&
349 ( ( rc = efi_shim_inhibit_pxe ( handle ) ) != 0 ) ) {
350 return rc;
351 }
352
353 /* Update command line */
354 if ( ( rc = efi_shim_cmdline ( shim, cmdline ) ) != 0 )
355 return rc;
356
357 /* Record original boot and runtime services functions */
358 efi_shim_orig_get_memory_map = bs->GetMemoryMap;
359 efi_shim_orig_set_variable = rs->SetVariable;
360 efi_shim_orig_get_variable = rs->GetVariable;
361
362 /* Wrap relevant boot and runtime services functions */
363 bs->GetMemoryMap = efi_shim_get_memory_map;
364 rs->SetVariable = efi_shim_set_variable;
365 rs->GetVariable = efi_shim_get_variable;
366 DBGC ( &efi_shim, "SHIM installed wrappers\n" );
367
368 return 0;
369}
efi_shim_cmdline
static int efi_shim_cmdline(struct image *shim, wchar_t **cmdline)
Update command line.
Definition efi_shim.c:308
efi_shim_allow_pxe
int efi_shim_allow_pxe
Allow use of PXE base code protocol.
Definition efi_shim.c:87
efi_shim_inhibit_pxe
static int efi_shim_inhibit_pxe(EFI_HANDLE handle)
Inhibit use of PXE base code.
Definition efi_shim.c:276
efi_shim_get_memory_map
static EFIAPI EFI_STATUS efi_shim_get_memory_map(UINTN *len, EFI_MEMORY_DESCRIPTOR *map, UINTN *key, UINTN *desclen, UINT32 *descver)
Wrap GetMemoryMap()
Definition efi_shim.c:239
EFI_BOOT_SERVICES::GetMemoryMap
EFI_GET_MEMORY_MAP GetMemoryMap
Definition UefiSpec.h:1948

References cmdline, DBGC, EFI_HANDLE, efi_shim_allow_pxe, efi_shim_cmdline(), efi_shim_get_memory_map(), efi_shim_get_variable(), efi_shim_inhibit_pxe(), efi_shim_orig_get_memory_map, efi_shim_orig_get_variable, efi_shim_orig_set_variable, efi_shim_set_variable(), efi_systab, EFI_BOOT_SERVICES::GetMemoryMap, EFI_RUNTIME_SERVICES::GetVariable, handle, rc, EFI_RUNTIME_SERVICES::SetVariable, and shim().

Referenced by efi_image_exec().

◆ efi_shim_uninstall()

void efi_shim_uninstall ( void )

Uninstall UEFI shim special handling.

Definition at line 375 of file efi_shim.c.

375 {
376 EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
377 EFI_RUNTIME_SERVICES *rs = efi_systab->RuntimeServices;
378
379 /* Restore original boot and runtime services functions */
380 bs->GetMemoryMap = efi_shim_orig_get_memory_map;
381 rs->SetVariable = efi_shim_orig_set_variable;
382 rs->GetVariable = efi_shim_orig_get_variable;
383 DBGC ( &efi_shim, "SHIM uninstalled wrappers\n" );
384}

References DBGC, efi_shim_orig_get_memory_map, efi_shim_orig_get_variable, efi_shim_orig_set_variable, efi_systab, EFI_BOOT_SERVICES::GetMemoryMap, EFI_RUNTIME_SERVICES::GetVariable, and EFI_RUNTIME_SERVICES::SetVariable.

Referenced by efi_image_exec().

Variable Documentation

◆ efi_shim_require_loader

int efi_shim_require_loader = 0

Require use of a third party loader binary.

The UEFI shim is gradually becoming less capable of directly executing a Linux kernel image, due to an ever increasing list of assumptions that it will only ever be used in conjunction with a second stage loader binary such as GRUB.

For example: shim will erroneously complain if the image that it loads and executes does not in turn call in to the "shim lock protocol" to verify a separate newly loaded binary before calling ExitBootServices(), even if no such separate binary is used or required.

Experience shows that there is unfortunately no point in trying to get a fix for this upstreamed into shim. We therefore default to reducing the Secure Boot attack surface by removing, where possible, this spurious requirement for the use of an additional second stage loader.

This option may be used to require the use of an additional second stage loader binary, in case this behaviour is ever desirable.

Definition at line 69 of file efi_shim.c.

Referenced by efi_shim_get_memory_map(), FILE_SECBOOT(), and shim().

◆ efi_shim_allow_pxe

int efi_shim_allow_pxe = 0

Allow use of PXE base code protocol.

We provide shim with access to all of the relevant downloaded files via our EFI_SIMPLE_FILE_SYSTEM_PROTOCOL interface. However, shim will instead try to redownload the files via TFTP since it prefers to use the EFI_PXE_BASE_CODE_PROTOCOL installed on the same handle.

Experience shows that there is unfortunately no point in trying to get a fix for this upstreamed into shim. We therefore default to working around this undesirable behaviour by stopping the PXE base code protocol before invoking shim.

This option may be used to allow shim to use the PXE base code protocol, in case this behaviour is ever desirable.

Definition at line 87 of file efi_shim.c.

Referenced by efi_shim_install(), FILE_SECBOOT(), and shim().

◆ efi_shim_allow_sbat

int efi_shim_allow_sbat = 0

Allow SBAT variable access.

The UEFI shim implements a fairly nicely designed revocation mechanism designed around the concept of security generations. Unfortunately nobody in the shim community has thus far added the relevant metadata to the Linux kernel, with the result that current versions of shim are incapable of booting current versions of the Linux kernel.

Experience shows that there is unfortunately no point in trying to get a fix for this upstreamed into shim. We therefore default to working around this undesirable behaviour by patching data read from the "SbatLevel" variable used to hold SBAT configuration.

This option may be used to allow shim unpatched access to the "SbatLevel" variable, in case this behaviour is ever desirable.

Definition at line 107 of file efi_shim.c.

Referenced by efi_shim_get_variable(), FILE_SECBOOT(), and shim().

◆ __image_tag

struct image_tag efi_shim __image_tag
Initial value:
= {
.name = "SHIM",
}

UEFI shim image.

The downloaded flattened device tree tag.

Definition at line 110 of file efi_shim.c.

110 {
111 .name = "SHIM",
112};

◆ efi_shim_orig_get_memory_map

EFI_GET_MEMORY_MAP efi_shim_orig_get_memory_map
static

Original GetMemoryMap() function.

Definition at line 115 of file efi_shim.c.

Referenced by efi_shim_get_memory_map(), efi_shim_install(), and efi_shim_uninstall().

◆ efi_shim_orig_set_variable

EFI_SET_VARIABLE efi_shim_orig_set_variable
static

Original SetVariable() function.

Definition at line 118 of file efi_shim.c.

Referenced by efi_shim_get_memory_map(), efi_shim_install(), efi_shim_set_variable(), and efi_shim_uninstall().

◆ efi_shim_orig_get_variable

EFI_GET_VARIABLE efi_shim_orig_get_variable
static

Original GetVariable() function.

Definition at line 121 of file efi_shim.c.

Referenced by efi_shim_get_memory_map(), efi_shim_get_variable(), efi_shim_install(), and efi_shim_uninstall().

◆ efi_shim_sbatlevel_verify

int efi_shim_sbatlevel_verify
static

Verify read from SbatLevel variable.

Definition at line 124 of file efi_shim.c.

Referenced by efi_shim_get_variable(), and efi_shim_set_variable().

Generated by doxygen 1.14.0