3 Implement all four UEFI Runtime Variable services for the nonvolatile
4 and volatile storage space and install variable architecture protocol
5 based on SMM variable module.
7 Caution: This module requires additional review when modified.
8 This driver will have external input - variable data.
9 This external input must be validated carefully to avoid security issue like
10 buffer overflow, integer overflow.
12 RuntimeServiceGetVariable() and RuntimeServiceSetVariable() are external API
13 to receive data buffer. The size should be checked carefully.
15 InitCommunicateBuffer() is really function to check the variable data size.
17 Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
18 This program and the accompanying materials
19 are licensed and made available under the terms and conditions of the BSD License
20 which accompanies this distribution. The full text of the license may be found at
21 http://opensource.org/licenses/bsd-license.php
23 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
24 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
28 #include <Protocol/VariableWrite.h>
29 #include <Protocol/Variable.h>
30 #include <Protocol/SmmCommunication.h>
31 #include <Protocol/SmmVariable.h>
32 #include <Protocol/VariableLock.h>
33 #include <Protocol/VarCheck.h>
35 #include <Library/UefiBootServicesTableLib.h>
36 #include <Library/UefiRuntimeServicesTableLib.h>
37 #include <Library/MemoryAllocationLib.h>
38 #include <Library/UefiDriverEntryPoint.h>
39 #include <Library/UefiRuntimeLib.h>
40 #include <Library/BaseMemoryLib.h>
41 #include <Library/DebugLib.h>
42 #include <Library/PcdLib.h>
43 #include <Library/UefiLib.h>
44 #include <Library/BaseLib.h>
46 #include <Guid/EventGroup.h>
47 #include <Guid/VariableFormat.h>
48 #include <Guid/SmmVariableCommon.h>
50 EFI_HANDLE mHandle
= NULL
;
51 EFI_SMM_VARIABLE_PROTOCOL
*mSmmVariable
= NULL
;
52 EFI_EVENT mVirtualAddressChangeEvent
= NULL
;
53 EFI_SMM_COMMUNICATION_PROTOCOL
*mSmmCommunication
= NULL
;
54 UINT8
*mVariableBuffer
= NULL
;
55 UINT8
*mVariableBufferPhysical
= NULL
;
56 UINTN mVariableBufferSize
;
57 UINTN mVariableBufferPayloadSize
;
58 EFI_LOCK mVariableServicesLock
;
59 EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock
;
60 EDKII_VAR_CHECK_PROTOCOL mVarCheck
;
63 Acquires lock only at boot time. Simply returns at runtime.
65 This is a temperary function that will be removed when
66 EfiAcquireLock() in UefiLib can handle the call in UEFI
67 Runtimer driver in RT phase.
68 It calls EfiAcquireLock() at boot time, and simply returns
71 @param Lock A pointer to the lock to acquire.
75 AcquireLockOnlyAtBootTime (
79 if (!EfiAtRuntime ()) {
80 EfiAcquireLock (Lock
);
85 Releases lock only at boot time. Simply returns at runtime.
87 This is a temperary function which will be removed when
88 EfiReleaseLock() in UefiLib can handle the call in UEFI
89 Runtimer driver in RT phase.
90 It calls EfiReleaseLock() at boot time and simply returns
93 @param Lock A pointer to the lock to release.
97 ReleaseLockOnlyAtBootTime (
101 if (!EfiAtRuntime ()) {
102 EfiReleaseLock (Lock
);
107 Initialize the communicate buffer using DataSize and Function.
109 The communicate size is: SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE +
112 Caution: This function may receive untrusted input.
113 The data size external input, so this function will validate it carefully to avoid buffer overflow.
115 @param[out] DataPtr Points to the data in the communicate buffer.
116 @param[in] DataSize The data size to send to SMM.
117 @param[in] Function The function number to initialize the communicate header.
119 @retval EFI_INVALID_PARAMETER The data size is too big.
120 @retval EFI_SUCCESS Find the specified variable.
124 InitCommunicateBuffer (
125 OUT VOID
**DataPtr OPTIONAL
,
130 EFI_SMM_COMMUNICATE_HEADER
*SmmCommunicateHeader
;
131 SMM_VARIABLE_COMMUNICATE_HEADER
*SmmVariableFunctionHeader
;
134 if (DataSize
+ SMM_COMMUNICATE_HEADER_SIZE
+ SMM_VARIABLE_COMMUNICATE_HEADER_SIZE
> mVariableBufferSize
) {
135 return EFI_INVALID_PARAMETER
;
138 SmmCommunicateHeader
= (EFI_SMM_COMMUNICATE_HEADER
*) mVariableBuffer
;
139 CopyGuid (&SmmCommunicateHeader
->HeaderGuid
, &gEfiSmmVariableProtocolGuid
);
140 SmmCommunicateHeader
->MessageLength
= DataSize
+ SMM_VARIABLE_COMMUNICATE_HEADER_SIZE
;
142 SmmVariableFunctionHeader
= (SMM_VARIABLE_COMMUNICATE_HEADER
*) SmmCommunicateHeader
->Data
;
143 SmmVariableFunctionHeader
->Function
= Function
;
144 if (DataPtr
!= NULL
) {
145 *DataPtr
= SmmVariableFunctionHeader
->Data
;
153 Send the data in communicate buffer to SMM.
155 @param[in] DataSize This size of the function header and the data.
157 @retval EFI_SUCCESS Success is returned from the functin in SMM.
158 @retval Others Failure is returned from the function in SMM.
162 SendCommunicateBuffer (
168 EFI_SMM_COMMUNICATE_HEADER
*SmmCommunicateHeader
;
169 SMM_VARIABLE_COMMUNICATE_HEADER
*SmmVariableFunctionHeader
;
171 CommSize
= DataSize
+ SMM_COMMUNICATE_HEADER_SIZE
+ SMM_VARIABLE_COMMUNICATE_HEADER_SIZE
;
172 Status
= mSmmCommunication
->Communicate (mSmmCommunication
, mVariableBufferPhysical
, &CommSize
);
173 ASSERT_EFI_ERROR (Status
);
175 SmmCommunicateHeader
= (EFI_SMM_COMMUNICATE_HEADER
*) mVariableBuffer
;
176 SmmVariableFunctionHeader
= (SMM_VARIABLE_COMMUNICATE_HEADER
*)SmmCommunicateHeader
->Data
;
177 return SmmVariableFunctionHeader
->ReturnStatus
;
181 Mark a variable that will become read-only after leaving the DXE phase of execution.
183 @param[in] This The VARIABLE_LOCK_PROTOCOL instance.
184 @param[in] VariableName A pointer to the variable name that will be made read-only subsequently.
185 @param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently.
187 @retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked
188 as pending to be read-only.
189 @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
190 Or VariableName is an empty string.
191 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
192 already been signaled.
193 @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request.
197 VariableLockRequestToLock (
198 IN CONST EDKII_VARIABLE_LOCK_PROTOCOL
*This
,
199 IN CHAR16
*VariableName
,
200 IN EFI_GUID
*VendorGuid
204 UINTN VariableNameSize
;
206 SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE
*VariableToLock
;
208 if (VariableName
== NULL
|| VariableName
[0] == 0 || VendorGuid
== NULL
) {
209 return EFI_INVALID_PARAMETER
;
212 VariableNameSize
= StrSize (VariableName
);
213 VariableToLock
= NULL
;
216 // If VariableName exceeds SMM payload limit. Return failure
218 if (VariableNameSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE
, Name
)) {
219 return EFI_INVALID_PARAMETER
;
222 AcquireLockOnlyAtBootTime(&mVariableServicesLock
);
225 // Init the communicate buffer. The buffer data size is:
226 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
228 PayloadSize
= OFFSET_OF (SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE
, Name
) + VariableNameSize
;
229 Status
= InitCommunicateBuffer ((VOID
**) &VariableToLock
, PayloadSize
, SMM_VARIABLE_FUNCTION_LOCK_VARIABLE
);
230 if (EFI_ERROR (Status
)) {
233 ASSERT (VariableToLock
!= NULL
);
235 CopyGuid (&VariableToLock
->Guid
, VendorGuid
);
236 VariableToLock
->NameSize
= VariableNameSize
;
237 CopyMem (VariableToLock
->Name
, VariableName
, VariableToLock
->NameSize
);
242 Status
= SendCommunicateBuffer (PayloadSize
);
245 ReleaseLockOnlyAtBootTime (&mVariableServicesLock
);
250 Register SetVariable check handler.
252 @param[in] Handler Pointer to check handler.
254 @retval EFI_SUCCESS The SetVariable check handler was registered successfully.
255 @retval EFI_INVALID_PARAMETER Handler is NULL.
256 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
257 already been signaled.
258 @retval EFI_OUT_OF_RESOURCES There is not enough resource for the SetVariable check handler register request.
259 @retval EFI_UNSUPPORTED This interface is not implemented.
260 For example, it is unsupported in VarCheck protocol if both VarCheck and SmmVarCheck protocols are present.
265 VarCheckRegisterSetVariableCheckHandler (
266 IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER Handler
269 return EFI_UNSUPPORTED
;
273 Variable property set.
275 @param[in] Name Pointer to the variable name.
276 @param[in] Guid Pointer to the vendor GUID.
277 @param[in] VariableProperty Pointer to the input variable property.
279 @retval EFI_SUCCESS The property of variable specified by the Name and Guid was set successfully.
280 @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string,
281 or the fields of VariableProperty are not valid.
282 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
283 already been signaled.
284 @retval EFI_OUT_OF_RESOURCES There is not enough resource for the variable property set request.
289 VarCheckVariablePropertySet (
292 IN VAR_CHECK_VARIABLE_PROPERTY
*VariableProperty
296 UINTN VariableNameSize
;
298 SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY
*CommVariableProperty
;
300 if (Name
== NULL
|| Name
[0] == 0 || Guid
== NULL
) {
301 return EFI_INVALID_PARAMETER
;
304 if (VariableProperty
== NULL
) {
305 return EFI_INVALID_PARAMETER
;
308 if (VariableProperty
->Revision
!= VAR_CHECK_VARIABLE_PROPERTY_REVISION
) {
309 return EFI_INVALID_PARAMETER
;
312 VariableNameSize
= StrSize (Name
);
313 CommVariableProperty
= NULL
;
316 // If VariableName exceeds SMM payload limit. Return failure
318 if (VariableNameSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY
, Name
)) {
319 return EFI_INVALID_PARAMETER
;
322 AcquireLockOnlyAtBootTime (&mVariableServicesLock
);
325 // Init the communicate buffer. The buffer data size is:
326 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
328 PayloadSize
= OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY
, Name
) + VariableNameSize
;
329 Status
= InitCommunicateBuffer ((VOID
**) &CommVariableProperty
, PayloadSize
, SMM_VARIABLE_FUNCTION_VAR_CHECK_VARIABLE_PROPERTY_SET
);
330 if (EFI_ERROR (Status
)) {
333 ASSERT (CommVariableProperty
!= NULL
);
335 CopyGuid (&CommVariableProperty
->Guid
, Guid
);
336 CopyMem (&CommVariableProperty
->VariableProperty
, VariableProperty
, sizeof (*VariableProperty
));
337 CommVariableProperty
->NameSize
= VariableNameSize
;
338 CopyMem (CommVariableProperty
->Name
, Name
, CommVariableProperty
->NameSize
);
343 Status
= SendCommunicateBuffer (PayloadSize
);
346 ReleaseLockOnlyAtBootTime (&mVariableServicesLock
);
351 Variable property get.
353 @param[in] Name Pointer to the variable name.
354 @param[in] Guid Pointer to the vendor GUID.
355 @param[out] VariableProperty Pointer to the output variable property.
357 @retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully.
358 @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string.
359 @retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found.
364 VarCheckVariablePropertyGet (
367 OUT VAR_CHECK_VARIABLE_PROPERTY
*VariableProperty
371 UINTN VariableNameSize
;
373 SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY
*CommVariableProperty
;
375 if (Name
== NULL
|| Name
[0] == 0 || Guid
== NULL
) {
376 return EFI_INVALID_PARAMETER
;
379 if (VariableProperty
== NULL
) {
380 return EFI_INVALID_PARAMETER
;
383 VariableNameSize
= StrSize (Name
);
384 CommVariableProperty
= NULL
;
387 // If VariableName exceeds SMM payload limit. Return failure
389 if (VariableNameSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY
, Name
)) {
390 return EFI_INVALID_PARAMETER
;
393 AcquireLockOnlyAtBootTime (&mVariableServicesLock
);
396 // Init the communicate buffer. The buffer data size is:
397 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
399 PayloadSize
= OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY
, Name
) + VariableNameSize
;
400 Status
= InitCommunicateBuffer ((VOID
**) &CommVariableProperty
, PayloadSize
, SMM_VARIABLE_FUNCTION_VAR_CHECK_VARIABLE_PROPERTY_GET
);
401 if (EFI_ERROR (Status
)) {
404 ASSERT (CommVariableProperty
!= NULL
);
406 CopyGuid (&CommVariableProperty
->Guid
, Guid
);
407 CommVariableProperty
->NameSize
= VariableNameSize
;
408 CopyMem (CommVariableProperty
->Name
, Name
, CommVariableProperty
->NameSize
);
413 Status
= SendCommunicateBuffer (PayloadSize
);
414 if (Status
== EFI_SUCCESS
) {
415 CopyMem (VariableProperty
, &CommVariableProperty
->VariableProperty
, sizeof (*VariableProperty
));
419 ReleaseLockOnlyAtBootTime (&mVariableServicesLock
);
424 This code finds variable in storage blocks (Volatile or Non-Volatile).
426 Caution: This function may receive untrusted input.
427 The data size is external input, so this function will validate it carefully to avoid buffer overflow.
429 @param[in] VariableName Name of Variable to be found.
430 @param[in] VendorGuid Variable vendor GUID.
431 @param[out] Attributes Attribute value of the variable found.
432 @param[in, out] DataSize Size of Data found. If size is less than the
433 data, this value contains the required size.
434 @param[out] Data Data pointer.
436 @retval EFI_INVALID_PARAMETER Invalid parameter.
437 @retval EFI_SUCCESS Find the specified variable.
438 @retval EFI_NOT_FOUND Not found.
439 @retval EFI_BUFFER_TO_SMALL DataSize is too small for the result.
444 RuntimeServiceGetVariable (
445 IN CHAR16
*VariableName
,
446 IN EFI_GUID
*VendorGuid
,
447 OUT UINT32
*Attributes OPTIONAL
,
448 IN OUT UINTN
*DataSize
,
454 SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
*SmmVariableHeader
;
456 UINTN VariableNameSize
;
458 if (VariableName
== NULL
|| VendorGuid
== NULL
|| DataSize
== NULL
) {
459 return EFI_INVALID_PARAMETER
;
462 TempDataSize
= *DataSize
;
463 VariableNameSize
= StrSize (VariableName
);
464 SmmVariableHeader
= NULL
;
467 // If VariableName exceeds SMM payload limit. Return failure
469 if (VariableNameSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
, Name
)) {
470 return EFI_INVALID_PARAMETER
;
473 AcquireLockOnlyAtBootTime(&mVariableServicesLock
);
476 // Init the communicate buffer. The buffer data size is:
477 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
479 if (TempDataSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
, Name
) - VariableNameSize
) {
481 // If output data buffer exceed SMM payload limit. Trim output buffer to SMM payload size
483 TempDataSize
= mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
, Name
) - VariableNameSize
;
485 PayloadSize
= OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
, Name
) + VariableNameSize
+ TempDataSize
;
487 Status
= InitCommunicateBuffer ((VOID
**)&SmmVariableHeader
, PayloadSize
, SMM_VARIABLE_FUNCTION_GET_VARIABLE
);
488 if (EFI_ERROR (Status
)) {
491 ASSERT (SmmVariableHeader
!= NULL
);
493 CopyGuid (&SmmVariableHeader
->Guid
, VendorGuid
);
494 SmmVariableHeader
->DataSize
= TempDataSize
;
495 SmmVariableHeader
->NameSize
= VariableNameSize
;
496 if (Attributes
== NULL
) {
497 SmmVariableHeader
->Attributes
= 0;
499 SmmVariableHeader
->Attributes
= *Attributes
;
501 CopyMem (SmmVariableHeader
->Name
, VariableName
, SmmVariableHeader
->NameSize
);
506 Status
= SendCommunicateBuffer (PayloadSize
);
509 // Get data from SMM.
511 if (Status
== EFI_SUCCESS
|| Status
== EFI_BUFFER_TOO_SMALL
) {
513 // SMM CommBuffer DataSize can be a trimed value
514 // Only update DataSize when needed
516 *DataSize
= SmmVariableHeader
->DataSize
;
518 if (Attributes
!= NULL
) {
519 *Attributes
= SmmVariableHeader
->Attributes
;
522 if (EFI_ERROR (Status
)) {
527 CopyMem (Data
, (UINT8
*)SmmVariableHeader
->Name
+ SmmVariableHeader
->NameSize
, SmmVariableHeader
->DataSize
);
529 Status
= EFI_INVALID_PARAMETER
;
533 ReleaseLockOnlyAtBootTime (&mVariableServicesLock
);
539 This code Finds the Next available variable.
541 @param[in, out] VariableNameSize Size of the variable name.
542 @param[in, out] VariableName Pointer to variable name.
543 @param[in, out] VendorGuid Variable Vendor Guid.
545 @retval EFI_INVALID_PARAMETER Invalid parameter.
546 @retval EFI_SUCCESS Find the specified variable.
547 @retval EFI_NOT_FOUND Not found.
548 @retval EFI_BUFFER_TO_SMALL DataSize is too small for the result.
553 RuntimeServiceGetNextVariableName (
554 IN OUT UINTN
*VariableNameSize
,
555 IN OUT CHAR16
*VariableName
,
556 IN OUT EFI_GUID
*VendorGuid
561 SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME
*SmmGetNextVariableName
;
562 UINTN OutVariableNameSize
;
563 UINTN InVariableNameSize
;
565 if (VariableNameSize
== NULL
|| VariableName
== NULL
|| VendorGuid
== NULL
) {
566 return EFI_INVALID_PARAMETER
;
569 OutVariableNameSize
= *VariableNameSize
;
570 InVariableNameSize
= StrSize (VariableName
);
571 SmmGetNextVariableName
= NULL
;
574 // If input string exceeds SMM payload limit. Return failure
576 if (InVariableNameSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME
, Name
)) {
577 return EFI_INVALID_PARAMETER
;
580 AcquireLockOnlyAtBootTime(&mVariableServicesLock
);
583 // Init the communicate buffer. The buffer data size is:
584 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
586 if (OutVariableNameSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME
, Name
)) {
588 // If output buffer exceed SMM payload limit. Trim output buffer to SMM payload size
590 OutVariableNameSize
= mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME
, Name
);
593 // Payload should be Guid + NameSize + MAX of Input & Output buffer
595 PayloadSize
= OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME
, Name
) + MAX (OutVariableNameSize
, InVariableNameSize
);
598 Status
= InitCommunicateBuffer ((VOID
**)&SmmGetNextVariableName
, PayloadSize
, SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME
);
599 if (EFI_ERROR (Status
)) {
602 ASSERT (SmmGetNextVariableName
!= NULL
);
605 // SMM comm buffer->NameSize is buffer size for return string
607 SmmGetNextVariableName
->NameSize
= OutVariableNameSize
;
609 CopyGuid (&SmmGetNextVariableName
->Guid
, VendorGuid
);
613 CopyMem (SmmGetNextVariableName
->Name
, VariableName
, InVariableNameSize
);
614 if (OutVariableNameSize
> InVariableNameSize
) {
615 ZeroMem ((UINT8
*) SmmGetNextVariableName
->Name
+ InVariableNameSize
, OutVariableNameSize
- InVariableNameSize
);
621 Status
= SendCommunicateBuffer (PayloadSize
);
624 // Get data from SMM.
626 if (Status
== EFI_SUCCESS
|| Status
== EFI_BUFFER_TOO_SMALL
) {
628 // SMM CommBuffer NameSize can be a trimed value
629 // Only update VariableNameSize when needed
631 *VariableNameSize
= SmmGetNextVariableName
->NameSize
;
633 if (EFI_ERROR (Status
)) {
637 CopyGuid (VendorGuid
, &SmmGetNextVariableName
->Guid
);
638 CopyMem (VariableName
, SmmGetNextVariableName
->Name
, SmmGetNextVariableName
->NameSize
);
641 ReleaseLockOnlyAtBootTime (&mVariableServicesLock
);
646 This code sets variable in storage blocks (Volatile or Non-Volatile).
648 Caution: This function may receive untrusted input.
649 The data size and data are external input, so this function will validate it carefully to avoid buffer overflow.
651 @param[in] VariableName Name of Variable to be found.
652 @param[in] VendorGuid Variable vendor GUID.
653 @param[in] Attributes Attribute value of the variable found
654 @param[in] DataSize Size of Data found. If size is less than the
655 data, this value contains the required size.
656 @param[in] Data Data pointer.
658 @retval EFI_INVALID_PARAMETER Invalid parameter.
659 @retval EFI_SUCCESS Set successfully.
660 @retval EFI_OUT_OF_RESOURCES Resource not enough to set variable.
661 @retval EFI_NOT_FOUND Not found.
662 @retval EFI_WRITE_PROTECTED Variable is read-only.
667 RuntimeServiceSetVariable (
668 IN CHAR16
*VariableName
,
669 IN EFI_GUID
*VendorGuid
,
670 IN UINT32 Attributes
,
677 SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
*SmmVariableHeader
;
678 UINTN VariableNameSize
;
681 // Check input parameters.
683 if (VariableName
== NULL
|| VariableName
[0] == 0 || VendorGuid
== NULL
) {
684 return EFI_INVALID_PARAMETER
;
687 if (DataSize
!= 0 && Data
== NULL
) {
688 return EFI_INVALID_PARAMETER
;
691 VariableNameSize
= StrSize (VariableName
);
692 SmmVariableHeader
= NULL
;
695 // If VariableName or DataSize exceeds SMM payload limit. Return failure
697 if ((VariableNameSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
, Name
)) ||
698 (DataSize
> mVariableBufferPayloadSize
- OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
, Name
) - VariableNameSize
)){
699 return EFI_INVALID_PARAMETER
;
702 AcquireLockOnlyAtBootTime(&mVariableServicesLock
);
705 // Init the communicate buffer. The buffer data size is:
706 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
708 PayloadSize
= OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE
, Name
) + VariableNameSize
+ DataSize
;
709 Status
= InitCommunicateBuffer ((VOID
**)&SmmVariableHeader
, PayloadSize
, SMM_VARIABLE_FUNCTION_SET_VARIABLE
);
710 if (EFI_ERROR (Status
)) {
713 ASSERT (SmmVariableHeader
!= NULL
);
715 CopyGuid ((EFI_GUID
*) &SmmVariableHeader
->Guid
, VendorGuid
);
716 SmmVariableHeader
->DataSize
= DataSize
;
717 SmmVariableHeader
->NameSize
= VariableNameSize
;
718 SmmVariableHeader
->Attributes
= Attributes
;
719 CopyMem (SmmVariableHeader
->Name
, VariableName
, SmmVariableHeader
->NameSize
);
720 CopyMem ((UINT8
*) SmmVariableHeader
->Name
+ SmmVariableHeader
->NameSize
, Data
, DataSize
);
725 Status
= SendCommunicateBuffer (PayloadSize
);
728 ReleaseLockOnlyAtBootTime (&mVariableServicesLock
);
734 This code returns information about the EFI variables.
736 @param[in] Attributes Attributes bitmask to specify the type of variables
737 on which to return information.
738 @param[out] MaximumVariableStorageSize Pointer to the maximum size of the storage space available
739 for the EFI variables associated with the attributes specified.
740 @param[out] RemainingVariableStorageSize Pointer to the remaining size of the storage space available
741 for EFI variables associated with the attributes specified.
742 @param[out] MaximumVariableSize Pointer to the maximum size of an individual EFI variables
743 associated with the attributes specified.
745 @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied.
746 @retval EFI_SUCCESS Query successfully.
747 @retval EFI_UNSUPPORTED The attribute is not supported on this platform.
752 RuntimeServiceQueryVariableInfo (
753 IN UINT32 Attributes
,
754 OUT UINT64
*MaximumVariableStorageSize
,
755 OUT UINT64
*RemainingVariableStorageSize
,
756 OUT UINT64
*MaximumVariableSize
761 SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO
*SmmQueryVariableInfo
;
763 SmmQueryVariableInfo
= NULL
;
765 if(MaximumVariableStorageSize
== NULL
|| RemainingVariableStorageSize
== NULL
|| MaximumVariableSize
== NULL
|| Attributes
== 0) {
766 return EFI_INVALID_PARAMETER
;
769 AcquireLockOnlyAtBootTime(&mVariableServicesLock
);
772 // Init the communicate buffer. The buffer data size is:
773 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize;
775 PayloadSize
= sizeof (SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO
);
776 Status
= InitCommunicateBuffer ((VOID
**)&SmmQueryVariableInfo
, PayloadSize
, SMM_VARIABLE_FUNCTION_QUERY_VARIABLE_INFO
);
777 if (EFI_ERROR (Status
)) {
780 ASSERT (SmmQueryVariableInfo
!= NULL
);
782 SmmQueryVariableInfo
->Attributes
= Attributes
;
787 Status
= SendCommunicateBuffer (PayloadSize
);
788 if (EFI_ERROR (Status
)) {
793 // Get data from SMM.
795 *MaximumVariableSize
= SmmQueryVariableInfo
->MaximumVariableSize
;
796 *MaximumVariableStorageSize
= SmmQueryVariableInfo
->MaximumVariableStorageSize
;
797 *RemainingVariableStorageSize
= SmmQueryVariableInfo
->RemainingVariableStorageSize
;
800 ReleaseLockOnlyAtBootTime (&mVariableServicesLock
);
806 Exit Boot Services Event notification handler.
808 Notify SMM variable driver about the event.
810 @param[in] Event Event whose notification function is being invoked.
811 @param[in] Context Pointer to the notification function's context.
822 // Init the communicate buffer. The buffer data size is:
823 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE.
825 InitCommunicateBuffer (NULL
, 0, SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE
);
830 SendCommunicateBuffer (0);
835 On Ready To Boot Services Event notification handler.
837 Notify SMM variable driver about the event.
839 @param[in] Event Event whose notification function is being invoked
840 @param[in] Context Pointer to the notification function's context
851 // Init the communicate buffer. The buffer data size is:
852 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE.
854 InitCommunicateBuffer (NULL
, 0, SMM_VARIABLE_FUNCTION_READY_TO_BOOT
);
859 SendCommunicateBuffer (0);
864 Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
866 This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
867 It convers pointer to new virtual address.
869 @param[in] Event Event whose notification function is being invoked.
870 @param[in] Context Pointer to the notification function's context.
875 VariableAddressChangeEvent (
880 EfiConvertPointer (0x0, (VOID
**) &mVariableBuffer
);
881 EfiConvertPointer (0x0, (VOID
**) &mSmmCommunication
);
886 Initialize variable service and install Variable Architectural protocol.
888 @param[in] Event Event whose notification function is being invoked.
889 @param[in] Context Pointer to the notification function's context.
901 Status
= gBS
->LocateProtocol (&gEfiSmmVariableProtocolGuid
, NULL
, (VOID
**)&mSmmVariable
);
902 if (EFI_ERROR (Status
)) {
906 Status
= gBS
->LocateProtocol (&gEfiSmmCommunicationProtocolGuid
, NULL
, (VOID
**) &mSmmCommunication
);
907 ASSERT_EFI_ERROR (Status
);
910 // Allocate memory for variable communicate buffer.
912 mVariableBufferPayloadSize
= MAX (PcdGet32 (PcdMaxVariableSize
), PcdGet32 (PcdMaxHardwareErrorVariableSize
)) +
913 OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY
, Name
) - sizeof (VARIABLE_HEADER
);
914 mVariableBufferSize
= SMM_COMMUNICATE_HEADER_SIZE
+ SMM_VARIABLE_COMMUNICATE_HEADER_SIZE
+ mVariableBufferPayloadSize
;
915 mVariableBuffer
= AllocateRuntimePool (mVariableBufferSize
);
916 ASSERT (mVariableBuffer
!= NULL
);
919 // Save the buffer physical address used for SMM conmunication.
921 mVariableBufferPhysical
= mVariableBuffer
;
923 gRT
->GetVariable
= RuntimeServiceGetVariable
;
924 gRT
->GetNextVariableName
= RuntimeServiceGetNextVariableName
;
925 gRT
->SetVariable
= RuntimeServiceSetVariable
;
926 gRT
->QueryVariableInfo
= RuntimeServiceQueryVariableInfo
;
929 // Install the Variable Architectural Protocol on a new handle.
931 Status
= gBS
->InstallProtocolInterface (
933 &gEfiVariableArchProtocolGuid
,
934 EFI_NATIVE_INTERFACE
,
937 ASSERT_EFI_ERROR (Status
);
942 SMM Non-Volatile variable write service is ready notify event handler.
944 @param[in] Event Event whose notification function is being invoked.
945 @param[in] Context Pointer to the notification function's context.
950 SmmVariableWriteReady (
959 // Check whether the protocol is installed or not.
961 Status
= gBS
->LocateProtocol (&gSmmVariableWriteGuid
, NULL
, (VOID
**) &ProtocolOps
);
962 if (EFI_ERROR (Status
)) {
966 Status
= gBS
->InstallProtocolInterface (
968 &gEfiVariableWriteArchProtocolGuid
,
969 EFI_NATIVE_INTERFACE
,
972 ASSERT_EFI_ERROR (Status
);
977 Variable Driver main entry point. The Variable driver places the 4 EFI
978 runtime services in the EFI System Table and installs arch protocols
979 for variable read and write services being available. It also registers
980 a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
982 @param[in] ImageHandle The firmware allocated handle for the EFI image.
983 @param[in] SystemTable A pointer to the EFI System Table.
985 @retval EFI_SUCCESS Variable service successfully initialized.
990 VariableSmmRuntimeInitialize (
991 IN EFI_HANDLE ImageHandle
,
992 IN EFI_SYSTEM_TABLE
*SystemTable
996 VOID
*SmmVariableRegistration
;
997 VOID
*SmmVariableWriteRegistration
;
998 EFI_EVENT OnReadyToBootEvent
;
999 EFI_EVENT ExitBootServiceEvent
;
1000 EFI_EVENT LegacyBootEvent
;
1002 EfiInitializeLock (&mVariableServicesLock
, TPL_NOTIFY
);
1004 mVariableLock
.RequestToLock
= VariableLockRequestToLock
;
1005 Status
= gBS
->InstallMultipleProtocolInterfaces (
1007 &gEdkiiVariableLockProtocolGuid
,
1011 ASSERT_EFI_ERROR (Status
);
1013 mVarCheck
.RegisterSetVariableCheckHandler
= VarCheckRegisterSetVariableCheckHandler
;
1014 mVarCheck
.VariablePropertySet
= VarCheckVariablePropertySet
;
1015 mVarCheck
.VariablePropertyGet
= VarCheckVariablePropertyGet
;
1016 Status
= gBS
->InstallMultipleProtocolInterfaces (
1018 &gEdkiiVarCheckProtocolGuid
,
1022 ASSERT_EFI_ERROR (Status
);
1025 // Smm variable service is ready
1027 EfiCreateProtocolNotifyEvent (
1028 &gEfiSmmVariableProtocolGuid
,
1032 &SmmVariableRegistration
1036 // Smm Non-Volatile variable write service is ready
1038 EfiCreateProtocolNotifyEvent (
1039 &gSmmVariableWriteGuid
,
1041 SmmVariableWriteReady
,
1043 &SmmVariableWriteRegistration
1047 // Register the event to reclaim variable for OS usage.
1049 EfiCreateEventReadyToBootEx (
1057 // Register the event to inform SMM variable that it is at runtime.
1059 gBS
->CreateEventEx (
1064 &gEfiEventExitBootServicesGuid
,
1065 &ExitBootServiceEvent
1069 // Register the event to inform SMM variable that it is at runtime for legacy boot.
1070 // Reuse OnExitBootServices() here.
1072 EfiCreateEventLegacyBootEx(
1080 // Register the event to convert the pointer for runtime.
1082 gBS
->CreateEventEx (
1085 VariableAddressChangeEvent
,
1087 &gEfiEventVirtualAddressChangeGuid
,
1088 &mVirtualAddressChangeEvent