+ if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) {\r
+ //\r
+ // If DataSize == AUTHINFO_SIZE and then PayloadSize is 0.\r
+ // Maybe it's the delete operation of common authenticated variable at user physical presence.\r
+ //\r
+ if (DataSize != AUTHINFO_SIZE) {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+ PayloadSize = DataSize - AUTHINFO_SIZE;\r
+ } else if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) {\r
+ //\r
+ // Sanity check for EFI_VARIABLE_AUTHENTICATION_2 descriptor.\r
+ //\r
+ if (DataSize < OFFSET_OF_AUTHINFO2_CERT_DATA ||\r
+ ((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->AuthInfo.Hdr.dwLength > DataSize - (OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo)) ||\r
+ ((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->AuthInfo.Hdr.dwLength < OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {\r
+ return EFI_SECURITY_VIOLATION;\r
+ }\r
+ PayloadSize = DataSize - AUTHINFO2_SIZE (Data);\r
+ } else {\r
+ PayloadSize = DataSize;\r
+ }\r
+\r
+ if ((UINTN)(~0) - PayloadSize < StrSize(VariableName)){\r
+ //\r
+ // Prevent whole variable size overflow\r
+ //\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // The size of the VariableName, including the Unicode Null in bytes plus\r
+ // the DataSize is limited to maximum size of PcdGet32 (PcdMaxHardwareErrorVariableSize)\r
+ // bytes for HwErrRec#### variable.\r
+ //\r
+ if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
+ if (StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxHardwareErrorVariableSize) - GetVariableHeaderSize ()) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ } else {\r
+ //\r
+ // The size of the VariableName, including the Unicode Null in bytes plus\r
+ // the DataSize is limited to maximum size of Max(Auth|Volatile)VariableSize bytes.\r
+ //\r
+ if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) {\r
+ if (StrSize (VariableName) + PayloadSize > mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ()) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ } else if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {\r
+ if (StrSize (VariableName) + PayloadSize > mVariableModuleGlobal->MaxVariableSize - GetVariableHeaderSize ()) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ } else {\r
+ if (StrSize (VariableName) + PayloadSize > mVariableModuleGlobal->MaxVolatileVariableSize - GetVariableHeaderSize ()) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ }\r
+ }\r
+\r
+ //\r
+ // Special Handling for MOR Lock variable.\r
+ //\r
+ Status = SetVariableCheckHandlerMor (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));\r
+ if (Status == EFI_ALREADY_STARTED) {\r
+ //\r
+ // EFI_ALREADY_STARTED means the SetVariable() action is handled inside of SetVariableCheckHandlerMor().\r
+ // Variable driver can just return SUCCESS.\r
+ //\r
+ return EFI_SUCCESS;\r
+ }\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
+\r
+ //\r
+ // Consider reentrant in MCA/INIT/NMI. It needs be reupdated.\r
+ //\r
+ if (1 < InterlockedIncrement (&mVariableModuleGlobal->VariableGlobal.ReentrantState)) {\r
+ Point = mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase;\r
+ //\r
+ // Parse non-volatile variable data and get last variable offset.\r
+ //\r
+ NextVariable = GetStartPointer ((VARIABLE_STORE_HEADER *) (UINTN) Point);\r
+ while (IsValidVariableHeader (NextVariable, GetEndPointer ((VARIABLE_STORE_HEADER *) (UINTN) Point))) {\r
+ NextVariable = GetNextVariablePtr (NextVariable);\r
+ }\r
+ mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) Point;\r
+ }\r
+\r
+ //\r
+ // Check whether the input variable is already existed.\r
+ //\r
+ Status = FindVariable (VariableName, VendorGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, TRUE);\r
+ if (!EFI_ERROR (Status)) {\r
+ if (((Variable.CurrPtr->Attributes & EFI_VARIABLE_RUNTIME_ACCESS) == 0) && AtRuntime ()) {\r
+ Status = EFI_WRITE_PROTECTED;\r
+ goto Done;\r
+ }\r
+ if (Attributes != 0 && (Attributes & (~EFI_VARIABLE_APPEND_WRITE)) != Variable.CurrPtr->Attributes) {\r
+ //\r
+ // If a preexisting variable is rewritten with different attributes, SetVariable() shall not\r
+ // modify the variable and shall return EFI_INVALID_PARAMETER. Two exceptions to this rule:\r
+ // 1. No access attributes specified\r
+ // 2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE\r
+ //\r
+ Status = EFI_INVALID_PARAMETER;\r
+ DEBUG ((EFI_D_INFO, "[Variable]: Rewritten a preexisting variable(0x%08x) with different attributes(0x%08x) - %g:%s\n", Variable.CurrPtr->Attributes, Attributes, VendorGuid, VariableName));\r
+ goto Done;\r
+ }\r
+ }\r
+\r
+ if (!FeaturePcdGet (PcdUefiVariableDefaultLangDeprecate)) {\r
+ //\r
+ // Hook the operation of setting PlatformLangCodes/PlatformLang and LangCodes/Lang.\r
+ //\r
+ Status = AutoUpdateLangVariable (VariableName, Data, DataSize);\r
+ if (EFI_ERROR (Status)) {\r
+ //\r
+ // The auto update operation failed, directly return to avoid inconsistency between PlatformLang and Lang.\r
+ //\r
+ goto Done;\r
+ }\r
+ }\r
+\r
+ if (mVariableModuleGlobal->VariableGlobal.AuthSupport) {\r
+ Status = AuthVariableLibProcessVariable (VariableName, VendorGuid, Data, DataSize, Attributes);\r
+ } else {\r
+ Status = UpdateVariable (VariableName, VendorGuid, Data, DataSize, Attributes, 0, 0, &Variable, NULL);\r
+ }\r
+\r
+Done:\r
+ InterlockedDecrement (&mVariableModuleGlobal->VariableGlobal.ReentrantState);\r
+ ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
+\r
+ if (!AtRuntime ()) {\r
+ if (!EFI_ERROR (Status)) {\r
+ SecureBootHook (\r
+ VariableName,\r
+ VendorGuid\r
+ );\r
+ }\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+\r
+ This code returns information about the EFI variables.\r
+\r
+ Caution: This function may receive untrusted input.\r
+ This function may be invoked in SMM mode. This function will do basic validation, before parse the data.\r
+\r
+ @param Attributes Attributes bitmask to specify the type of variables\r
+ on which to return information.\r
+ @param MaximumVariableStorageSize Pointer to the maximum size of the storage space available\r
+ for the EFI variables associated with the attributes specified.\r
+ @param RemainingVariableStorageSize Pointer to the remaining size of the storage space available\r
+ for EFI variables associated with the attributes specified.\r
+ @param MaximumVariableSize Pointer to the maximum size of an individual EFI variables\r
+ associated with the attributes specified.\r
+\r
+ @return EFI_SUCCESS Query successfully.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+VariableServiceQueryVariableInfoInternal (\r
+ IN UINT32 Attributes,\r
+ OUT UINT64 *MaximumVariableStorageSize,\r
+ OUT UINT64 *RemainingVariableStorageSize,\r
+ OUT UINT64 *MaximumVariableSize\r
+ )\r
+{\r
+ VARIABLE_HEADER *Variable;\r
+ VARIABLE_HEADER *NextVariable;\r
+ UINT64 VariableSize;\r
+ VARIABLE_STORE_HEADER *VariableStoreHeader;\r
+ UINT64 CommonVariableTotalSize;\r
+ UINT64 HwErrVariableTotalSize;\r
+ EFI_STATUS Status;\r
+ VARIABLE_POINTER_TRACK VariablePtrTrack;\r
+\r
+ CommonVariableTotalSize = 0;\r
+ HwErrVariableTotalSize = 0;\r
+\r
+ if((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) {\r
+ //\r
+ // Query is Volatile related.\r
+ //\r
+ VariableStoreHeader = (VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase);\r
+ } else {\r
+ //\r
+ // Query is Non-Volatile related.\r
+ //\r
+ VariableStoreHeader = mNvVariableCache;\r
+ }\r
+\r
+ //\r
+ // Now let's fill *MaximumVariableStorageSize *RemainingVariableStorageSize\r
+ // with the storage size (excluding the storage header size).\r
+ //\r
+ *MaximumVariableStorageSize = VariableStoreHeader->Size - sizeof (VARIABLE_STORE_HEADER);\r
+\r
+ //\r
+ // Harware error record variable needs larger size.\r
+ //\r
+ if ((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
+ *MaximumVariableStorageSize = PcdGet32 (PcdHwErrStorageSize);\r
+ *MaximumVariableSize = PcdGet32 (PcdMaxHardwareErrorVariableSize) - GetVariableHeaderSize ();\r
+ } else {\r
+ if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {\r
+ if (AtRuntime ()) {\r
+ *MaximumVariableStorageSize = mVariableModuleGlobal->CommonRuntimeVariableSpace;\r
+ } else {\r
+ *MaximumVariableStorageSize = mVariableModuleGlobal->CommonVariableSpace;\r
+ }\r
+ }\r
+\r
+ //\r
+ // Let *MaximumVariableSize be Max(Auth|Volatile)VariableSize with the exception of the variable header size.\r
+ //\r
+ if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) {\r
+ *MaximumVariableSize = mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ();\r
+ } else if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {\r
+ *MaximumVariableSize = mVariableModuleGlobal->MaxVariableSize - GetVariableHeaderSize ();\r
+ } else {\r
+ *MaximumVariableSize = mVariableModuleGlobal->MaxVolatileVariableSize - GetVariableHeaderSize ();\r
+ }\r
+ }\r
+\r
+ //\r
+ // Point to the starting address of the variables.\r
+ //\r
+ Variable = GetStartPointer (VariableStoreHeader);\r
+\r
+ //\r
+ // Now walk through the related variable store.\r
+ //\r
+ while (IsValidVariableHeader (Variable, GetEndPointer (VariableStoreHeader))) {\r
+ NextVariable = GetNextVariablePtr (Variable);\r
+ VariableSize = (UINT64) (UINTN) NextVariable - (UINT64) (UINTN) Variable;\r
+\r
+ if (AtRuntime ()) {\r
+ //\r
+ // We don't take the state of the variables in mind\r
+ // when calculating RemainingVariableStorageSize,\r
+ // since the space occupied by variables not marked with\r
+ // VAR_ADDED is not allowed to be reclaimed in Runtime.\r
+ //\r
+ if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
+ HwErrVariableTotalSize += VariableSize;\r
+ } else {\r
+ CommonVariableTotalSize += VariableSize;\r
+ }\r
+ } else {\r
+ //\r
+ // Only care about Variables with State VAR_ADDED, because\r
+ // the space not marked as VAR_ADDED is reclaimable now.\r
+ //\r
+ if (Variable->State == VAR_ADDED) {\r
+ if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
+ HwErrVariableTotalSize += VariableSize;\r
+ } else {\r
+ CommonVariableTotalSize += VariableSize;\r
+ }\r
+ } else if (Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {\r
+ //\r
+ // If it is a IN_DELETED_TRANSITION variable,\r
+ // and there is not also a same ADDED one at the same time,\r
+ // this IN_DELETED_TRANSITION variable is valid.\r
+ //\r
+ VariablePtrTrack.StartPtr = GetStartPointer (VariableStoreHeader);\r
+ VariablePtrTrack.EndPtr = GetEndPointer (VariableStoreHeader);\r
+ Status = FindVariableEx (\r
+ GetVariableNamePtr (Variable),\r
+ GetVendorGuidPtr (Variable),\r
+ FALSE,\r
+ &VariablePtrTrack\r
+ );\r
+ if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State != VAR_ADDED) {\r
+ if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
+ HwErrVariableTotalSize += VariableSize;\r
+ } else {\r
+ CommonVariableTotalSize += VariableSize;\r
+ }\r
+ }\r
+ }\r
+ }\r
+\r
+ //\r
+ // Go to the next one.\r
+ //\r
+ Variable = NextVariable;\r
+ }\r
+\r
+ if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD){\r
+ *RemainingVariableStorageSize = *MaximumVariableStorageSize - HwErrVariableTotalSize;\r
+ } else {\r
+ if (*MaximumVariableStorageSize < CommonVariableTotalSize) {\r
+ *RemainingVariableStorageSize = 0;\r
+ } else {\r
+ *RemainingVariableStorageSize = *MaximumVariableStorageSize - CommonVariableTotalSize;\r
+ }\r
+ }\r
+\r
+ if (*RemainingVariableStorageSize < GetVariableHeaderSize ()) {\r
+ *MaximumVariableSize = 0;\r
+ } else if ((*RemainingVariableStorageSize - GetVariableHeaderSize ()) < *MaximumVariableSize) {\r
+ *MaximumVariableSize = *RemainingVariableStorageSize - GetVariableHeaderSize ();\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+\r
+ This code returns information about the EFI variables.\r
+\r
+ Caution: This function may receive untrusted input.\r
+ This function may be invoked in SMM mode. This function will do basic validation, before parse the data.\r
+\r
+ @param Attributes Attributes bitmask to specify the type of variables\r
+ on which to return information.\r
+ @param MaximumVariableStorageSize Pointer to the maximum size of the storage space available\r
+ for the EFI variables associated with the attributes specified.\r
+ @param RemainingVariableStorageSize Pointer to the remaining size of the storage space available\r
+ for EFI variables associated with the attributes specified.\r
+ @param MaximumVariableSize Pointer to the maximum size of an individual EFI variables\r
+ associated with the attributes specified.\r
+\r
+ @return EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied.\r
+ @return EFI_SUCCESS Query successfully.\r
+ @return EFI_UNSUPPORTED The attribute is not supported on this platform.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+VariableServiceQueryVariableInfo (\r
+ IN UINT32 Attributes,\r
+ OUT UINT64 *MaximumVariableStorageSize,\r
+ OUT UINT64 *RemainingVariableStorageSize,\r
+ OUT UINT64 *MaximumVariableSize\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+\r
+ if(MaximumVariableStorageSize == NULL || RemainingVariableStorageSize == NULL || MaximumVariableSize == NULL || Attributes == 0) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {\r
+ //\r
+ // Deprecated attribute, make this check as highest priority.\r
+ //\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
+ if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) == 0) {\r
+ //\r
+ // Make sure the Attributes combination is supported by the platform.\r
+ //\r
+ return EFI_UNSUPPORTED;\r
+ } else if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) {\r
+ //\r
+ // Make sure if runtime bit is set, boot service bit is set also.\r
+ //\r
+ return EFI_INVALID_PARAMETER;\r
+ } else if (AtRuntime () && ((Attributes & EFI_VARIABLE_RUNTIME_ACCESS) == 0)) {\r
+ //\r
+ // Make sure RT Attribute is set if we are in Runtime phase.\r
+ //\r
+ return EFI_INVALID_PARAMETER;\r
+ } else if ((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
+ //\r
+ // Make sure Hw Attribute is set with NV.\r
+ //\r
+ return EFI_INVALID_PARAMETER;\r
+ } else if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) {\r
+ if (!mVariableModuleGlobal->VariableGlobal.AuthSupport) {\r
+ //\r
+ // Not support authenticated variable write.\r
+ //\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+ } else if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0) {\r
+ if (PcdGet32 (PcdHwErrStorageSize) == 0) {\r
+ //\r
+ // Not support harware error record variable variable.\r
+ //\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+ }\r
+\r
+ AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
+\r
+ Status = VariableServiceQueryVariableInfoInternal (\r
+ Attributes,\r
+ MaximumVariableStorageSize,\r
+ RemainingVariableStorageSize,\r
+ MaximumVariableSize\r
+ );\r
+\r
+ ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
+ return Status;\r
+}\r
+\r
+/**\r
+ This function reclaims variable storage if free size is below the threshold.\r
+\r
+ Caution: This function may be invoked at SMM mode.\r
+ Care must be taken to make sure not security issue.\r
+\r
+**/\r
+VOID\r
+ReclaimForOS(\r
+ VOID\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINTN RemainingCommonRuntimeVariableSpace;\r
+ UINTN RemainingHwErrVariableSpace;\r
+ STATIC BOOLEAN Reclaimed;\r
+\r
+ //\r
+ // This function will be called only once at EndOfDxe or ReadyToBoot event.\r
+ //\r
+ if (Reclaimed) {\r
+ return;\r
+ }\r
+ Reclaimed = TRUE;\r
+\r
+ Status = EFI_SUCCESS;\r
+\r
+ if (mVariableModuleGlobal->CommonRuntimeVariableSpace < mVariableModuleGlobal->CommonVariableTotalSize) {\r
+ RemainingCommonRuntimeVariableSpace = 0;\r
+ } else {\r
+ RemainingCommonRuntimeVariableSpace = mVariableModuleGlobal->CommonRuntimeVariableSpace - mVariableModuleGlobal->CommonVariableTotalSize;\r
+ }\r
+\r
+ RemainingHwErrVariableSpace = PcdGet32 (PcdHwErrStorageSize) - mVariableModuleGlobal->HwErrVariableTotalSize;\r
+\r
+ //\r
+ // Check if the free area is below a threshold.\r
+ //\r
+ if (((RemainingCommonRuntimeVariableSpace < mVariableModuleGlobal->MaxVariableSize) ||\r
+ (RemainingCommonRuntimeVariableSpace < mVariableModuleGlobal->MaxAuthVariableSize)) ||\r
+ ((PcdGet32 (PcdHwErrStorageSize) != 0) &&\r
+ (RemainingHwErrVariableSpace < PcdGet32 (PcdMaxHardwareErrorVariableSize)))){\r
+ Status = Reclaim (\r
+ mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase,\r
+ &mVariableModuleGlobal->NonVolatileLastVariableOffset,\r
+ FALSE,\r
+ NULL,\r
+ NULL,\r
+ 0\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+ }\r
+}\r
+\r
+/**\r
+ Get non-volatile maximum variable size.\r
+\r
+ @return Non-volatile maximum variable size.\r
+\r
+**/\r
+UINTN\r
+GetNonVolatileMaxVariableSize (\r
+ VOID\r
+ )\r
+{\r
+ if (PcdGet32 (PcdHwErrStorageSize) != 0) {\r
+ return MAX (MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxAuthVariableSize)),\r
+ PcdGet32 (PcdMaxHardwareErrorVariableSize));\r
+ } else {\r
+ return MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxAuthVariableSize));\r
+ }\r
+}\r
+\r
+/**\r
+ Get maximum variable size, covering both non-volatile and volatile variables.\r
+\r
+ @return Maximum variable size.\r
+\r
+**/\r
+UINTN\r
+GetMaxVariableSize (\r
+ VOID\r
+ )\r
+{\r
+ UINTN MaxVariableSize;\r
+\r
+ MaxVariableSize = GetNonVolatileMaxVariableSize();\r
+ //\r
+ // The condition below fails implicitly if PcdMaxVolatileVariableSize equals\r
+ // the default zero value.\r
+ //\r
+ if (MaxVariableSize < PcdGet32 (PcdMaxVolatileVariableSize)) {\r
+ MaxVariableSize = PcdGet32 (PcdMaxVolatileVariableSize);\r
+ }\r
+ return MaxVariableSize;\r
+}\r
+\r
+/**\r
+ Init non-volatile variable store.\r
+\r
+ @param[out] NvFvHeader Output pointer to non-volatile FV header address.\r
+\r
+ @retval EFI_SUCCESS Function successfully executed.\r
+ @retval EFI_OUT_OF_RESOURCES Fail to allocate enough memory resource.\r
+ @retval EFI_VOLUME_CORRUPTED Variable Store or Firmware Volume for Variable Store is corrupted.\r
+\r
+**/\r
+EFI_STATUS\r
+InitNonVolatileVariableStore (\r
+ OUT EFI_FIRMWARE_VOLUME_HEADER **NvFvHeader\r
+ )\r
+{\r
+ EFI_FIRMWARE_VOLUME_HEADER *FvHeader;\r
+ VARIABLE_HEADER *Variable;\r
+ VARIABLE_HEADER *NextVariable;\r
+ EFI_PHYSICAL_ADDRESS VariableStoreBase;\r
+ UINT64 VariableStoreLength;\r
+ UINTN VariableSize;\r
+ EFI_HOB_GUID_TYPE *GuidHob;\r
+ EFI_PHYSICAL_ADDRESS NvStorageBase;\r
+ UINT8 *NvStorageData;\r
+ UINT32 NvStorageSize;\r
+ FAULT_TOLERANT_WRITE_LAST_WRITE_DATA *FtwLastWriteData;\r
+ UINT32 BackUpOffset;\r
+ UINT32 BackUpSize;\r
+ UINT32 HwErrStorageSize;\r
+ UINT32 MaxUserNvVariableSpaceSize;\r
+ UINT32 BoottimeReservedNvVariableSpaceSize;\r
+ EFI_STATUS Status;\r
+ VOID *FtwProtocol;\r
+\r
+ mVariableModuleGlobal->FvbInstance = NULL;\r
+\r
+ //\r
+ // Allocate runtime memory used for a memory copy of the FLASH region.\r
+ // Keep the memory and the FLASH in sync as updates occur.\r
+ //\r
+ NvStorageSize = PcdGet32 (PcdFlashNvStorageVariableSize);\r
+ NvStorageData = AllocateRuntimeZeroPool (NvStorageSize);\r
+ if (NvStorageData == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);\r
+ if (NvStorageBase == 0) {\r
+ NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);\r
+ }\r
+ //\r
+ // Copy NV storage data to the memory buffer.\r
+ //\r
+ CopyMem (NvStorageData, (UINT8 *) (UINTN) NvStorageBase, NvStorageSize);\r
+\r
+ Status = GetFtwProtocol ((VOID **)&FtwProtocol);\r
+ //\r
+ // If FTW protocol has been installed, no need to check FTW last write data hob.\r
+ //\r
+ if (EFI_ERROR (Status)) {\r
+ //\r
+ // Check the FTW last write data hob.\r
+ //\r
+ GuidHob = GetFirstGuidHob (&gEdkiiFaultTolerantWriteGuid);\r
+ if (GuidHob != NULL) {\r
+ FtwLastWriteData = (FAULT_TOLERANT_WRITE_LAST_WRITE_DATA *) GET_GUID_HOB_DATA (GuidHob);\r
+ if (FtwLastWriteData->TargetAddress == NvStorageBase) {\r
+ DEBUG ((EFI_D_INFO, "Variable: NV storage is backed up in spare block: 0x%x\n", (UINTN) FtwLastWriteData->SpareAddress));\r
+ //\r
+ // Copy the backed up NV storage data to the memory buffer from spare block.\r
+ //\r
+ CopyMem (NvStorageData, (UINT8 *) (UINTN) (FtwLastWriteData->SpareAddress), NvStorageSize);\r
+ } else if ((FtwLastWriteData->TargetAddress > NvStorageBase) &&\r
+ (FtwLastWriteData->TargetAddress < (NvStorageBase + NvStorageSize))) {\r
+ //\r
+ // Flash NV storage from the Offset is backed up in spare block.\r
+ //\r
+ BackUpOffset = (UINT32) (FtwLastWriteData->TargetAddress - NvStorageBase);\r
+ BackUpSize = NvStorageSize - BackUpOffset;\r
+ DEBUG ((EFI_D_INFO, "Variable: High partial NV storage from offset: %x is backed up in spare block: 0x%x\n", BackUpOffset, (UINTN) FtwLastWriteData->SpareAddress));\r
+ //\r
+ // Copy the partial backed up NV storage data to the memory buffer from spare block.\r
+ //\r
+ CopyMem (NvStorageData + BackUpOffset, (UINT8 *) (UINTN) FtwLastWriteData->SpareAddress, BackUpSize);\r
+ }\r
+ }\r
+ }\r
+\r
+ FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) NvStorageData;\r
+\r
+ //\r
+ // Check if the Firmware Volume is not corrupted\r
+ //\r
+ if ((FvHeader->Signature != EFI_FVH_SIGNATURE) || (!CompareGuid (&gEfiSystemNvDataFvGuid, &FvHeader->FileSystemGuid))) {\r
+ FreePool (NvStorageData);\r
+ DEBUG ((EFI_D_ERROR, "Firmware Volume for Variable Store is corrupted\n"));\r
+ return EFI_VOLUME_CORRUPTED;\r
+ }\r
+\r
+ VariableStoreBase = (UINTN) FvHeader + FvHeader->HeaderLength;\r
+ VariableStoreLength = NvStorageSize - FvHeader->HeaderLength;\r
+\r
+ mNvFvHeaderCache = FvHeader;\r
+ mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase = VariableStoreBase;\r
+ mNvVariableCache = (VARIABLE_STORE_HEADER *) (UINTN) VariableStoreBase;\r
+ if (GetVariableStoreStatus (mNvVariableCache) != EfiValid) {\r
+ FreePool (NvStorageData);\r
+ mNvFvHeaderCache = NULL;\r
+ mNvVariableCache = NULL;\r
+ DEBUG((EFI_D_ERROR, "Variable Store header is corrupted\n"));\r
+ return EFI_VOLUME_CORRUPTED;\r
+ }\r
+ ASSERT(mNvVariableCache->Size == VariableStoreLength);\r
+\r
+ ASSERT (sizeof (VARIABLE_STORE_HEADER) <= VariableStoreLength);\r
+\r
+ mVariableModuleGlobal->VariableGlobal.AuthFormat = (BOOLEAN)(CompareGuid (&mNvVariableCache->Signature, &gEfiAuthenticatedVariableGuid));\r
+\r
+ HwErrStorageSize = PcdGet32 (PcdHwErrStorageSize);\r
+ MaxUserNvVariableSpaceSize = PcdGet32 (PcdMaxUserNvVariableSpaceSize);\r
+ BoottimeReservedNvVariableSpaceSize = PcdGet32 (PcdBoottimeReservedNvVariableSpaceSize);\r
+\r
+ //\r
+ // Note that in EdkII variable driver implementation, Hardware Error Record type variable\r
+ // is stored with common variable in the same NV region. So the platform integrator should\r
+ // ensure that the value of PcdHwErrStorageSize is less than the value of\r
+ // (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)).\r
+ //\r
+ ASSERT (HwErrStorageSize < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)));\r
+ //\r
+ // Ensure that the value of PcdMaxUserNvVariableSpaceSize is less than the value of\r
+ // (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)) - PcdGet32 (PcdHwErrStorageSize).\r
+ //\r
+ ASSERT (MaxUserNvVariableSpaceSize < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER) - HwErrStorageSize));\r
+ //\r
+ // Ensure that the value of PcdBoottimeReservedNvVariableSpaceSize is less than the value of\r
+ // (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)) - PcdGet32 (PcdHwErrStorageSize).\r
+ //\r
+ ASSERT (BoottimeReservedNvVariableSpaceSize < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER) - HwErrStorageSize));\r
+\r
+ mVariableModuleGlobal->CommonVariableSpace = ((UINTN) VariableStoreLength - sizeof (VARIABLE_STORE_HEADER) - HwErrStorageSize);\r
+ mVariableModuleGlobal->CommonMaxUserVariableSpace = ((MaxUserNvVariableSpaceSize != 0) ? MaxUserNvVariableSpaceSize : mVariableModuleGlobal->CommonVariableSpace);\r
+ mVariableModuleGlobal->CommonRuntimeVariableSpace = mVariableModuleGlobal->CommonVariableSpace - BoottimeReservedNvVariableSpaceSize;\r
+\r
+ DEBUG ((EFI_D_INFO, "Variable driver common space: 0x%x 0x%x 0x%x\n", mVariableModuleGlobal->CommonVariableSpace, mVariableModuleGlobal->CommonMaxUserVariableSpace, mVariableModuleGlobal->CommonRuntimeVariableSpace));\r
+\r
+ //\r
+ // The max NV variable size should be < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)).\r
+ //\r
+ ASSERT (GetNonVolatileMaxVariableSize () < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)));\r
+\r
+ mVariableModuleGlobal->MaxVariableSize = PcdGet32 (PcdMaxVariableSize);\r
+ mVariableModuleGlobal->MaxAuthVariableSize = ((PcdGet32 (PcdMaxAuthVariableSize) != 0) ? PcdGet32 (PcdMaxAuthVariableSize) : mVariableModuleGlobal->MaxVariableSize);\r
+\r
+ //\r
+ // Parse non-volatile variable data and get last variable offset.\r
+ //\r
+ Variable = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase);\r
+ while (IsValidVariableHeader (Variable, GetEndPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase))) {\r
+ NextVariable = GetNextVariablePtr (Variable);\r
+ VariableSize = (UINTN) NextVariable - (UINTN) Variable;\r
+ if ((Variable->Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
+ mVariableModuleGlobal->HwErrVariableTotalSize += VariableSize;\r
+ } else {\r
+ mVariableModuleGlobal->CommonVariableTotalSize += VariableSize;\r
+ }\r
+\r
+ Variable = NextVariable;\r
+ }\r
+ mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) Variable - (UINTN) VariableStoreBase;\r
+\r
+ *NvFvHeader = FvHeader;\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Flush the HOB variable to flash.\r
+\r
+ @param[in] VariableName Name of variable has been updated or deleted.\r
+ @param[in] VendorGuid Guid of variable has been updated or deleted.\r
+\r
+**/\r
+VOID\r
+FlushHobVariableToFlash (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ VARIABLE_STORE_HEADER *VariableStoreHeader;\r
+ VARIABLE_HEADER *Variable;\r
+ VOID *VariableData;\r
+ VARIABLE_POINTER_TRACK VariablePtrTrack;\r
+ BOOLEAN ErrorFlag;\r
+\r
+ ErrorFlag = FALSE;\r
+\r
+ //\r
+ // Flush the HOB variable to flash.\r
+ //\r
+ if (mVariableModuleGlobal->VariableGlobal.HobVariableBase != 0) {\r
+ VariableStoreHeader = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase;\r
+ //\r
+ // Set HobVariableBase to 0, it can avoid SetVariable to call back.\r
+ //\r
+ mVariableModuleGlobal->VariableGlobal.HobVariableBase = 0;\r
+ for ( Variable = GetStartPointer (VariableStoreHeader)\r
+ ; IsValidVariableHeader (Variable, GetEndPointer (VariableStoreHeader))\r
+ ; Variable = GetNextVariablePtr (Variable)\r
+ ) {\r
+ if (Variable->State != VAR_ADDED) {\r
+ //\r
+ // The HOB variable has been set to DELETED state in local.\r
+ //\r
+ continue;\r
+ }\r
+ ASSERT ((Variable->Attributes & EFI_VARIABLE_NON_VOLATILE) != 0);\r
+ if (VendorGuid == NULL || VariableName == NULL ||\r
+ !CompareGuid (VendorGuid, GetVendorGuidPtr (Variable)) ||\r
+ StrCmp (VariableName, GetVariableNamePtr (Variable)) != 0) {\r
+ VariableData = GetVariableDataPtr (Variable);\r
+ FindVariable (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &VariablePtrTrack, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
+ Status = UpdateVariable (\r
+ GetVariableNamePtr (Variable),\r
+ GetVendorGuidPtr (Variable),\r
+ VariableData,\r
+ DataSizeOfVariable (Variable),\r
+ Variable->Attributes,\r
+ 0,\r
+ 0,\r
+ &VariablePtrTrack,\r
+ NULL\r
+ );\r
+ DEBUG ((EFI_D_INFO, "Variable driver flush the HOB variable to flash: %g %s %r\n", GetVendorGuidPtr (Variable), GetVariableNamePtr (Variable), Status));\r
+ } else {\r
+ //\r
+ // The updated or deleted variable is matched with this HOB variable.\r
+ // Don't break here because we will try to set other HOB variables\r
+ // since this variable could be set successfully.\r
+ //\r
+ Status = EFI_SUCCESS;\r
+ }\r
+ if (!EFI_ERROR (Status)) {\r
+ //\r
+ // If set variable successful, or the updated or deleted variable is matched with the HOB variable,\r
+ // set the HOB variable to DELETED state in local.\r
+ //\r
+ DEBUG ((EFI_D_INFO, "Variable driver set the HOB variable to DELETED state in local: %g %s\n", GetVendorGuidPtr (Variable), GetVariableNamePtr (Variable)));\r
+ Variable->State &= VAR_DELETED;\r
+ } else {\r
+ ErrorFlag = TRUE;\r
+ }\r
+ }\r
+ if (ErrorFlag) {\r
+ //\r
+ // We still have HOB variable(s) not flushed in flash.\r
+ //\r
+ mVariableModuleGlobal->VariableGlobal.HobVariableBase = (EFI_PHYSICAL_ADDRESS) (UINTN) VariableStoreHeader;\r
+ } else {\r
+ //\r
+ // All HOB variables have been flushed in flash.\r
+ //\r
+ DEBUG ((EFI_D_INFO, "Variable driver: all HOB variables have been flushed in flash.\n"));\r
+ if (!AtRuntime ()) {\r
+ FreePool ((VOID *) VariableStoreHeader);\r
+ }\r
+ }\r
+ }\r
+\r
+}\r