if (efivar_get_raw(&global_guid, L"SecureBoot", &b, &size) == EFI_SUCCESS) {
Print(L"SecureBoot: %s\n", *b > 0 ? L"enabled" : L"disabled");
FreePool(b);
+ }
- if (efivar_get_raw(&global_guid, L"SetupMode", &b, &size) == EFI_SUCCESS) {
- Print(L"SetupMode: %s\n", *b > 0 ? L"enabled" : L"disabled");
- FreePool(b);
- }
+ if (efivar_get_raw(&global_guid, L"SetupMode", &b, &size) == EFI_SUCCESS) {
+ Print(L"SetupMode: %s\n", *b > 0 ? L"enabled" : L"disabled");
+ FreePool(b);
}
+
if (efivar_get_raw(&global_guid, L"OsIndicationsSupported", &b, &size) == EFI_SUCCESS) {
Print(L"OsIndicationsSupported: %d\n", (UINT64)*b);
FreePool(b);
return access("/sys/firmware/efi", F_OK) >= 0;
}
-int is_efi_secure_boot(void) {
+int read_flag(const char *varname) {
int r;
void *v;
size_t s;
uint8_t b;
- r = efi_get_variable(EFI_VENDOR_GLOBAL, "SecureBoot", &v, &s);
+ r = efi_get_variable(EFI_VENDOR_GLOBAL, varname, &v, &s);
if (r < 0)
return r;
return r;
}
+int is_efi_secure_boot(void) {
+ return read_flag("SecureBoot");
+}
+
+int is_efi_secure_boot_setup_mode(void) {
+ return read_flag("SetupMode");
+}
+
int efi_get_variable(
const uint8_t vendor[16],
const char *name,
bool is_efi_boot(void);
int is_efi_secure_boot(void);
+int is_efi_secure_boot_setup_mode(void);
int efi_get_variable(const uint8_t vendor[16], const char *name, void **value, size_t *size);
int efi_set_variable( const uint8_t vendor[16], const char *name, const void *value, size_t size);
int efi_get_variable_string(const uint8_t vendor[16], const char *name, char **p);
goto finish;
}
- printf(" Title: %s\n", strna(title));
- printf(" Number: %04X\n", id);
+ printf(" Title: %s\n", strna(title));
+ printf(" Number: %04X\n", id);
if (path) {
- printf(" Binary: %s\n", path);
- printf(" Partition: /dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n",
+ printf(" Binary: %s\n", path);
+ printf(" Partition: /dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n",
partition[0], partition[1], partition[2], partition[3], partition[4], partition[5], partition[6], partition[7],
partition[8], partition[9], partition[10], partition[11], partition[12], partition[13], partition[14], partition[15]);
}
r = efi_get_variable_string(EFI_VENDOR_LOADER, "LoaderFirmwareType", &s);
if (r == 0) {
char *s2 = NULL;
+ int flag;
printf("Firmware Information:\n");
efi_get_variable_string(EFI_VENDOR_LOADER, "LoaderFirmwareInfo", &s2);
- printf(" Firmware: %s (%s)\n", s, s2);
+ printf(" Firmware: %s (%s)\n", s, s2);
free(s2);
free(s);
r = efi_get_variable_string(EFI_VENDOR_LOADER, "LoaderImageIdentifier", &s);
if (r == 0) {
tilt_backslashes(s);
- printf(" Loader: %s\n", s);
+ printf(" Loader: %s\n", s);
free(s);
}
+ flag = is_efi_secure_boot();
+ if (flag >= 0)
+ printf(" Secure Boot: %s\n", is_efi_secure_boot() ? "enabled" : "disabled");
+
+ flag = is_efi_secure_boot_setup_mode();
+ if (flag >= 0)
+ printf(" Setup Mode: %s\n", is_efi_secure_boot() ? "enabled" : "disabled");
+
printf("\n");
}
fprintf(stderr, "Created EFI boot entry \"Linux Boot Manager\".\n");
}
- if (first && is_efi_secure_boot() > 0) {
- fprintf(stderr, "EFI Secure Boot is active, entry added to the end of the boot order list.\n");
- first = false;
- }
insert_into_order(slot, first);
finish: