From 5714b41a49f72404ea9588d7f0be6eb1c0e146ba Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Thu, 30 May 2024 12:15:47 +0100
Subject: [PATCH] efi: update go-efilib to v0.9.6

This adds a new function for mocking the variable backend, which will
be required in a future PR which uses new functions from go-efilib that
wrap around ReadVariable but where we want to be able to override
the HostEnvironment in production code.
---
 efi/default_env.go      |  3 +--
 efi/default_env_test.go | 30 +++++++++++++++++++++++-------
 efi/export_test.go      |  8 --------
 go.mod                  |  2 +-
 go.sum                  |  2 ++
 5 files changed, 27 insertions(+), 18 deletions(-)

diff --git a/efi/default_env.go b/efi/default_env.go
index 692a283f..865dbef9 100644
--- a/efi/default_env.go
+++ b/efi/default_env.go
@@ -28,13 +28,12 @@ import (
 
 var (
 	eventLogPath = "/sys/kernel/security/tpm0/binary_bios_measurements" // Path of the TCG event log for the default TPM, in binary form
-	readVar      = efi.ReadVariable
 )
 
 type defaultEnvImpl struct{}
 
 func (e defaultEnvImpl) ReadVar(name string, guid efi.GUID) ([]byte, efi.VariableAttributes, error) {
-	return readVar(name, guid)
+	return efi.ReadVariable(name, guid)
 }
 
 func (e defaultEnvImpl) ReadEventLog() (*tcglog.Log, error) {
diff --git a/efi/default_env_test.go b/efi/default_env_test.go
index 777a1a9b..8328923d 100644
--- a/efi/default_env_test.go
+++ b/efi/default_env_test.go
@@ -20,6 +20,7 @@
 package efi_test
 
 import (
+	"errors"
 	"io"
 	"os"
 	"path/filepath"
@@ -33,6 +34,27 @@ import (
 	. "gopkg.in/check.v1"
 )
 
+// TODO: make efitest.MockVars implement efi.VarsBackend in a future PR.
+type mockVarsBackend struct {
+	vars efitest.MockVars
+}
+
+func (v *mockVarsBackend) Get(name string, guid efi.GUID) (efi.VariableAttributes, []byte, error) {
+	entry, exists := v.vars[efi.VariableDescriptor{Name: name, GUID: guid}]
+	if !exists {
+		return 0, nil, efi.ErrVarNotExist
+	}
+	return entry.Attrs, entry.Payload, nil
+}
+
+func (v *mockVarsBackend) Set(name string, guid efi.GUID, attrs efi.VariableAttributes, data []byte) error {
+	return errors.New("not implemented")
+}
+
+func (v *mockVarsBackend) List() ([]efi.VariableDescriptor, error) {
+	return nil, errors.New("not implemented")
+}
+
 type defaultEnvSuite struct{}
 
 var _ = Suite(&defaultEnvSuite{})
@@ -44,13 +66,7 @@ type testReadVarData struct {
 
 func (s *defaultEnvSuite) testReadVar(c *C, data *testReadVarData) {
 	vars := makeMockVars(c, withMsSecureBootConfig())
-	restore := MockReadVar(func(name string, guid efi.GUID) ([]byte, efi.VariableAttributes, error) {
-		entry, exists := vars[efi.VariableDescriptor{Name: name, GUID: guid}]
-		if !exists {
-			return nil, 0, efi.ErrVarNotExist
-		}
-		return entry.Payload, entry.Attrs, nil
-	})
+	restore := efi.MockVarsBackend(&mockVarsBackend{vars: vars})
 	defer restore()
 
 	payload, attrs, err := DefaultEnv.ReadVar(data.name, data.guid)
diff --git a/efi/export_test.go b/efi/export_test.go
index 31189d73..f5e3036f 100644
--- a/efi/export_test.go
+++ b/efi/export_test.go
@@ -194,14 +194,6 @@ func MockOpenPeImage(fn func(Image) (peImageHandle, error)) (restore func()) {
 	}
 }
 
-func MockReadVar(fn func(string, efi.GUID) ([]byte, efi.VariableAttributes, error)) (restore func()) {
-	origReadVar := readVar
-	readVar = fn
-	return func() {
-		readVar = origReadVar
-	}
-}
-
 func MockSnapdenvTesting(testing bool) (restore func()) {
 	orig := snapdenvTesting
 	snapdenvTesting = func() bool { return testing }
diff --git a/go.mod b/go.mod
index 4ef8e2dc..806e146b 100644
--- a/go.mod
+++ b/go.mod
@@ -3,7 +3,7 @@ module github.com/snapcore/secboot
 go 1.18
 
 require (
-	github.com/canonical/go-efilib v0.9.5
+	github.com/canonical/go-efilib v0.9.6
 	github.com/canonical/go-sp800.108-kdf v0.0.0-20210315104021-ead800bbf9a0
 	github.com/canonical/go-sp800.90a-drbg v0.0.0-20210314144037-6eeb1040d6c3
 	github.com/canonical/go-tpm2 v1.3.0
diff --git a/go.sum b/go.sum
index b6ab10e2..8bc8a528 100644
--- a/go.sum
+++ b/go.sum
@@ -6,6 +6,8 @@ github.com/canonical/go-efilib v0.9.4 h1:cD6oNSWeQSgeSeJZMCxhGEW4GoLSxFhIJ12Hg3v
 github.com/canonical/go-efilib v0.9.4/go.mod h1:tHjv3Mni7hEpNSUNd1KJEV/AZJsFSH6LX/EQ0I75AZE=
 github.com/canonical/go-efilib v0.9.5 h1:zRpWG4z61GiYsEmFYvXYuj+8xV2eJ200YY5Ht9EjrRU=
 github.com/canonical/go-efilib v0.9.5/go.mod h1:tHjv3Mni7hEpNSUNd1KJEV/AZJsFSH6LX/EQ0I75AZE=
+github.com/canonical/go-efilib v0.9.6 h1:nHoHBqw+wJln/T9hRy+soKOezsOkPGz1PYIhv3Anmqc=
+github.com/canonical/go-efilib v0.9.6/go.mod h1:n0Ttsy1JuHAvqaFbZBs6PAzoiiJdfkHsAmDOEbexYEQ=
 github.com/canonical/go-sp800.108-kdf v0.0.0-20210314145419-a3359f2d21b9/go.mod h1:Zrs3YjJr+w51u0R/dyLh/oWt/EcBVdLPCVFYC4daW5s=
 github.com/canonical/go-sp800.108-kdf v0.0.0-20210315104021-ead800bbf9a0 h1:ZE2XMRFHcwlib3uU9is37+pKkkMloVoEPWmgQ6GK1yo=
 github.com/canonical/go-sp800.108-kdf v0.0.0-20210315104021-ead800bbf9a0/go.mod h1:Zrs3YjJr+w51u0R/dyLh/oWt/EcBVdLPCVFYC4daW5s=