1# -*- Mode: Python -*- 2# vim: filetype=python 3# 4 5## 6# ******************* 7# UEFI Variable Store 8# ******************* 9# 10# The QEMU efi variable store implementation (hw/uefi/) uses this to 11# store non-volatile variables in json format on disk. 12# 13# This is an existing format already supported by (at least) two other 14# projects, specifically https://gitlab.com/kraxel/virt-firmware and 15# https://github.com/awslabs/python-uefivars. 16## 17 18## 19# @UefiVariable: 20# 21# UEFI Variable. Check the UEFI specifification for more detailed 22# information on the fields. 23# 24# @guid: variable namespace GUID 25# 26# @name: variable name, in UTF-8 encoding. 27# 28# @attr: variable attributes. 29# 30# @data: variable value, encoded as hex string. 31# 32# @time: variable modification time. EFI_TIME struct, encoded as hex 33# string. Used only for authenticated variables, where the 34# EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute bit 35# is set. 36# 37# @digest: variable certificate digest. Used to verify the signature 38# of updates for authenticated variables. UEFI has two kinds of 39# authenticated variables. The secure boot variables ('PK', 40# 'KEK', 'db' and 'dbx') have hard coded signature checking rules. 41# For other authenticated variables the firmware stores a digest 42# of the signing certificate at variable creation time, and any 43# updates must be signed with the same certificate. 44# 45# Since: 10.0 46## 47{ 'struct' : 'UefiVariable', 48 'data' : { 'guid' : 'str', 49 'name' : 'str', 50 'attr' : 'int', 51 'data' : 'str', 52 '*time' : 'str', 53 '*digest' : 'str'}} 54 55## 56# @UefiVarStore: 57# 58# @version: currently always 2 59# 60# @variables: list of UEFI variables 61# 62# Since: 10.0 63## 64{ 'struct' : 'UefiVarStore', 65 'data' : { 'version' : 'int', 66 'variables' : [ 'UefiVariable' ] }} 67