1# -*- Mode: Python -*- 2# vim: filetype=python 3# 4 5## 6# = UEFI Variable Store 7# 8# The QEMU efi variable store implementation (hw/uefi/) uses this to 9# store non-volatile variables in json format on disk. 10# 11# This is an existing format already supported by (at least) two other 12# projects, specifically https://gitlab.com/kraxel/virt-firmware and 13# https://github.com/awslabs/python-uefivars. 14## 15 16## 17# @UefiVariable: 18# 19# UEFI Variable. Check the UEFI specifification for more detailed 20# information on the fields. 21# 22# @guid: variable namespace GUID 23# 24# @name: variable name, in UTF-8 encoding. 25# 26# @attr: variable attributes. 27# 28# @data: variable value, encoded as hex string. 29# 30# @time: variable modification time. EFI_TIME struct, encoded as hex 31# string. Used only for authenticated variables, where the 32# EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute bit 33# is set. 34# 35# @digest: variable certificate digest. Used to verify the signature 36# of updates for authenticated variables. UEFI has two kinds of 37# authenticated variables. The secure boot variables ('PK', 38# 'KEK', 'db' and 'dbx') have hard coded signature checking rules. 39# For other authenticated variables the firmware stores a digest 40# of the signing certificate at variable creation time, and any 41# updates must be signed with the same certificate. 42# 43# Since: 10.0 44## 45{ 'struct' : 'UefiVariable', 46 'data' : { 'guid' : 'str', 47 'name' : 'str', 48 'attr' : 'int', 49 'data' : 'str', 50 '*time' : 'str', 51 '*digest' : 'str'}} 52 53## 54# @UefiVarStore: 55# 56# @version: currently always 2 57# 58# @variables: list of UEFI variables 59# 60# Since: 10.0 61## 62{ 'struct' : 'UefiVarStore', 63 'data' : { 'version' : 'int', 64 'variables' : [ 'UefiVariable' ] }} 65