From ee8f7ed3326cf680452a4eaf68208f5feb6ddb50 Mon Sep 17 00:00:00 2001
From: Javier Martinez Canillas <javierm@redhat.com>
Date: Wed, 10 Feb 2021 01:26:46 +0100
Subject: Add a function to parse the SBAT metadata from the .sbat section

Parse the SBAT [0] Version-Based Revocation Metadata that's contained in a
.sbat data section of the loaded PE binary. This information is used along
with data in a SBAT variable to determine if a EFI binary has been revoked.

[0]: https://github.com/rhboot/shim/blob/sbat/SBAT.md

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
---
 include/sbat.h | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'include')

diff --git a/include/sbat.h b/include/sbat.h
index acda5ef6..ab2325bd 100644
--- a/include/sbat.h
+++ b/include/sbat.h
@@ -6,5 +6,24 @@
 #ifndef SBAT_H_
 #define SBAT_H_
 
+#include "shim.h"
+
+struct sbat_entry {
+	const CHAR8 *component_name;
+	const CHAR8 *component_generation;
+	const CHAR8 *vendor_name;
+	const CHAR8 *vendor_package_name;
+	const CHAR8 *vendor_version;
+	const CHAR8 *vendor_url;
+};
+
+struct sbat {
+	unsigned int size;
+	struct sbat_entry **entries;
+};
+
+EFI_STATUS parse_sbat(char *sbat_base, size_t sbat_size, char *buffer,
+		      struct sbat *sbat);
+
 #endif /* !SBAT_H_ */
 // vim:fenc=utf-8:tw=75:noet
-- 
cgit v1.2.3