Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 28 Dec 2019 23:46:00 -0600
From:      Clay Daniels <clay.daniels.jr@gmail.com>
To:        "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org>
Subject:   Reading nvram efi variables
Message-ID:  <CAGLDxTUZoXhWHFXBy4qoYjWPUk%2B3nf%2Bp1xpk1U6mU80=5Y4Z_g@mail.gmail.com>
next in thread | raw e-mail | index | archive | help 
The efivar command will list efi variables using:
# efivar -l
~
8be4df61-93ca-11d2-aa0d-00e098032b8c-dbxDefault
8be4df61-93ca-11d2-aa0d-00e098032b8c-dbDefault
8be4df61-93ca-11d2-aa0d-00e098032b8c-KEKDefault
8be4df61-93ca-11d2-aa0d-00e098032b8c-PKDefault
~
(There are a lot more but these secure boot keys are the ones of interest
to me)

I can write them to a file with:
# efivar -n 8be4df61-93ca-11d2-aa0d-00e098032b8c-dbxDefault > dbx

I can sort of read it with hexdump:
root@bsd13:/bootkeys # hexdump -C dbx
00000000  38 62 65 34 64 66 36 31  2d 39 33 63 61 2d 31 31
 |8be4df61-93ca-11|
00000010  64 32 2d 61 61 30 64 2d  30 30 65 30 39 38 30 33
 |d2-aa0d-00e09803|
00000020  32 62 38 63 2d 64 62 78  44 65 66 61 75 6c 74 0a
 |2b8c-dbxDefault.|
00000030  30 30 30 30 3a 20 32 36  20 31 36 20 63 34 20 63  |0000: 26 16 c4
c|
00000040  31 20 34 63 20 35 30 20  39 32 20 34 30 20 61 63  |1 4c 50 92 40
ac|
00000050  20 61 39 20 34 31 20 66  39 20 33 36 20 39 33 20  | a9 41 f9 36
93 |
00000060  34 33 20 32 38 20 0a 30  30 31 30 3a 20 38 63 20  |43 28 .0010:
8c |
00000070  30 65 20 30 30 20 30 30  20 30 30 20 30 30 20 30  |0e 00 00 00 00
0|
00000080  30 20 30 30 20 33 30 20  30 30 20 30 30 20 30 30  |0 00 30 00 00
00|
00000090  20 62 64 20 39 61 20 66  61 20 37 37 20 0a 30 30  | bd 9a fa 77
.00|
000000a0  32 30 3a 20 35 39 20 30  33 20 33 32 20 34 64 20  |20: 59 03 32
4d |
000000b0  62 64 20 36 30 20 32 38  20 66 34 20 65 37 20 38  |bd 60 28 f4 e7
8|
000000c0  66 20 37 38 20 34 62 20  38 30 20 62 34 20 64 39  |f 78 4b 80 b4
d9|
000000d0  20 36 39 20 0a 30 30 33  30 3a 20 33 31 20 62 66  | 69 .0030: 31
bf|
000000e0  20 30 64 20 30 32 20 66  64 20 39 31 20 61 36 20  | 0d 02 fd 91
a6 |
000000f0  31 65 20 31 39 20 64 31  20 34 66 20 31 64 20 61  |1e 19 d1 4f 1d
a|
00000100  34 20 35 32 20 65 36 20  36 64 20 0a 30 30 34 30  |4 52 e6 6d
.0040|
00000110  3a 20 62 32 20 34 30 20  38 63 20 61 38 20 36 30  |: b2 40 8c a8
60|
00000120  20 34 64 20 34 31 20 31  66 20 39 32 20 36 35 20  | 4d 41 1f 92
65 |
00000130  39 66 20 30 61 20 62 64  20 39 61 20 66 61 20 37  |9f 0a bd 9a fa
7|
00000140  37 20 0a 30 30 35 30 3a  20 35 39 20 30 33 20 33  |7 .0050: 59 03
3|
00000150  32 20 34 64 20 62 64 20  36 30 20 32 38 20 66 34  |2 4d bd 60 28
f4|
00000160  20 65 37 20 38 66 20 37  38 20 34 62 20 66 35 20  | e7 8f 78 4b
f5 |
00000170  32 66 20 38 33 20 61 33  20 0a 30 30 36 30 3a 20  |2f 83 a3
.0060: |
00000180  66 61 20 39 63 20 66 62  20 64 36 20 39 32 20 30  |fa 9c fb d6 92
0|
00000190  66 20 37 32 20 32 38 20  32 34 20 64 62 20 65 34  |f 72 28 24 db
e4|
000001a0  20 30 33 20 34 35 20 33  34 20 64 32 20 35 62 20  | 03 45 34 d2
5b |
000001b0  0a 30 30 37 30 3a 20 38  35 20 30 37 20 32 34 20  |.0070: 85 07
24 |
000001c0  36 62 20 33 62 20 39 35  20 37 64 20 61 63 20 36  |6b 3b 95 7d ac
6|
000001d0  65 20 31 62 20 63 65 20  37 61 20 62 64 20 39 61  |e 1b ce 7a bd
9a|
000001e0  20 66 61 20 37 37 20 0a  30 30 38 30 3a 20 35 39  | fa 77 .0080:
59|
000001f0  20 30 33 20 33 32 20 34  64 20 62 64 20 36 30 20  | 03 32 4d bd
60 |
00000200  32 38 20 66 34 20 65 37  20 38 66 20 37 38 20 34  |28 f4 e7 8f 78
4|
~
00003300  63 20 37 38 20 39 30 20  31 64 20 33 66 20 62 33  |c 78 90 1d 3f
b3|
00003310  20 33 37 20 33 38 20 37  36 20 0a 30 65 64 30 3a  | 37 38 76
.0ed0:|
00003320  20 38 35 20 31 31 20 61  33 20 30 36 20 31 37 20  | 85 11 a3 06
17 |
00003330  61 66 20 61 30 20 31 64  20 0a 0a                 |af a0 1d ..|
0000333b
root@bsd13:/bootkeys #

Does anyone have a way to get any more real information out of these files
in more humanly readable form?

Clay

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGLDxTUZoXhWHFXBy4qoYjWPUk%2B3nf%2Bp1xpk1U6mU80=5Y4Z_g>