selftests/kexec: update get_secureboot_mode

}

# Check efivar SecureBoot-$(the UUID) and SetupMode-$(the UUID).

# The secure boot mode can be accessed either as the last integer

# of "od -An -t u1 /sys/firmware/efi/efivars/SecureBoot-*" or from

# "od -An -t u1 /sys/firmware/efi/vars/SecureBoot-*/data".  The efi

# SetupMode can be similarly accessed.

# Return 1 for SecureBoot mode enabled and SetupMode mode disabled.

get_secureboot_mode()

# (Based on kdump-lib.sh)

get_efivarfs_secureboot_mode()

{

	local efivarfs="/sys/firmware/efi/efivars"

	local secure_boot_file="$efivarfs/../vars/SecureBoot-*/data"

	local setup_mode_file="$efivarfs/../vars/SetupMode-*/data"

	local secure_boot_file=""

	local setup_mode_file=""

	local secureboot_mode=0

	local setup_mode=0

	# Make sure that efivars is mounted in the normal location

	# Make sure that efivar_fs is mounted in the normal location

	if ! grep -q "^\S\+ $efivarfs efivarfs" /proc/mounts; then

		log_skip "efivars is not mounted on $efivarfs"

		log_info "efivars is not mounted on $efivarfs"

		return 0;

	fi

	secure_boot_file=$(find "$efivarfs" -name SecureBoot-* 2>/dev/null)

	setup_mode_file=$(find "$efivarfs" -name SetupMode-* 2>/dev/null)

	if [ -f "$secure_boot_file" ] && [ -f "$setup_mode_file" ]; then

		secureboot_mode=$(hexdump -v -e '/1 "%d\ "' \

			"$secure_boot_file"|cut -d' ' -f 5)

		setup_mode=$(hexdump -v -e '/1 "%d\ "' \

			"$setup_mode_file"|cut -d' ' -f 5)

	# Due to globbing, quoting "secure_boot_file" and "setup_mode_file"

	# is not possible.  (Todo: initialize variables using find or ls.)

	if [ ! -e $secure_boot_file ] || [ ! -e $setup_mode_file ]; then

		log_skip "unknown secureboot/setup mode"

		if [ $secureboot_mode -eq 1 ] && [ $setup_mode -eq 0 ]; then

			log_info "secure boot mode enabled (CONFIG_EFIVAR_FS)"

			return 1;

		fi

	fi

	return 0;

}

	secureboot_mode=`od -An -t u1 $secure_boot_file`

	setup_mode=`od -An -t u1 $setup_mode_file`

get_efi_var_secureboot_mode()

{

	local efi_vars

	local secure_boot_file

	local setup_mode_file

	local secureboot_mode

	local setup_mode

	if [ ! -d "$efi_vars" ]; then

		log_skip "efi_vars is not enabled\n"

	fi

	secure_boot_file=$(find "$efi_vars" -name SecureBoot-* 2>/dev/null)

	setup_mode_file=$(find "$efi_vars" -name SetupMode-* 2>/dev/null)

	if [ -f "$secure_boot_file/data" ] && \

	   [ -f "$setup_mode_file/data" ]; then

		secureboot_mode=`od -An -t u1 "$secure_boot_file/data"`

		setup_mode=`od -An -t u1 "$setup_mode_file/data"`

		if [ $secureboot_mode -eq 1 ] && [ $setup_mode -eq 0 ]; then

		log_info "secure boot mode enabled"

			log_info "secure boot mode enabled (CONFIG_EFI_VARS)"

			return 1;

		fi

	log_info "secure boot mode not enabled"

	fi

	return 0;

}

# Check efivar SecureBoot-$(the UUID) and SetupMode-$(the UUID).

# The secure boot mode can be accessed either as the last integer

# of "od -An -t u1 /sys/firmware/efi/efivars/SecureBoot-*" or from

# "od -An -t u1 /sys/firmware/efi/vars/SecureBoot-*/data".  The efi

# SetupMode can be similarly accessed.

# Return 1 for SecureBoot mode enabled and SetupMode mode disabled.

get_secureboot_mode()

{

	local secureboot_mode=0

	get_efivarfs_secureboot_mode

	secureboot_mode=$?

	# fallback to using the efi_var files

	if [ $secureboot_mode -eq 0 ]; then

		get_efi_var_secureboot_mode

		secureboot_mode=$?

	fi

	if [ $secureboot_mode -eq 0 ]; then

		log_info "secure boot mode not enabled"

	fi

	return $secureboot_mode;

}

require_root_privileges()

{

	if [ $(id -ru) -ne 0 ]; then