pe.c: parse SBAT variable and perform basic verification

Per Peter Jones suggestion, we will be flexible in what data we expect
while parsing the variable. Three fields are mandatory:
component_generation, component_name_size, component_name
However we also support adding comments and additional information to be
added after component name, with ',' as a separator. Those information
will be ignored and not used for verification purposes.
So:
grub,1
and
grub,1,wow,this,is,my,comment
will provide exactly same set of data for verification.

[0]: https://github.com/rhboot/shim/blob/main/SBAT.md

Signed-off-by: Alex Burmashev <alexander.burmashev@oracle.com>
Signed-off-by: Peter Jones <pjones@redhat.com>

1 files changed, 11 insertions, 0 deletions

diff --git a/include/sbat.h b/include/sbat.h
index c34ad319..7441fa00 100644
--- a/include/sbat.h
+++ b/include/sbat.h
@@ -6,6 +6,15 @@
 #ifndef SBAT_H_
 #define SBAT_H_
 
+struct sbat_var {
+	const CHAR8 *component_name;
+	const CHAR8 *component_generation;
+	list_t list;
+};
+
+EFI_STATUS parse_sbat_var(list_t *entries);
+void cleanup_sbat_var(list_t *entries);
+
 struct sbat_entry {
 	const CHAR8 *component_name;
 	const CHAR8 *component_generation;
@@ -17,5 +26,7 @@ struct sbat_entry {
 
 EFI_STATUS parse_sbat(char *sbat_base, size_t sbat_size, size_t *sbats, struct sbat_entry ***sbat);
 
+EFI_STATUS verify_sbat(size_t n, struct sbat_entry **entries, list_t *var_entries);
+
 #endif /* !SBAT_H_ */
 // vim:fenc=utf-8:tw=75:noet