From cf5efd5a982e597c9e767de1cf51f2ef1512c02e Mon Sep 17 00:00:00 2001
From: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Date: Thu, 25 Feb 2021 14:30:43 -0800
Subject: If the SBAT UEFI variable is not set, initialize it as a bootservices
 variable.

---
 include/sbat.h | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'include')

diff --git a/include/sbat.h b/include/sbat.h
index 5b64f20a..95fa6a56 100644
--- a/include/sbat.h
+++ b/include/sbat.h
@@ -6,6 +6,16 @@
 #ifndef SBAT_H_
 #define SBAT_H_
 
+#define SBAT_VAR_SIG "sbat,"
+#define SBAT_VAR_VERSION "1,"
+#define SBAT_VAR_DATE "2021030218"
+#define SBAT_VAR SBAT_VAR_SIG SBAT_VAR_VERSION SBAT_VAR_DATE "\n"
+
+#define UEFI_VAR_NV_BS \
+	(EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS)
+#define UEFI_VAR_NV_BS_TIMEAUTH \
+	(UEFI_VAR_NV_BS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
+
 extern UINTN _sbat, _esbat;
 
 struct sbat_var_entry {
@@ -23,6 +33,7 @@ extern list_t sbat_var;
 
 EFI_STATUS parse_sbat_var(list_t *entries);
 void cleanup_sbat_var(list_t *entries);
+EFI_STATUS set_sbat_uefi_variable(void);
 
 struct sbat_section_entry {
 	const CHAR8 *component_name;
-- 
cgit v1.2.3