///\r
/// Define a memory cache that improves the search performance for a variable.\r
///\r
-VARIABLE_STORE_HEADER *mNvVariableCache = NULL;\r
+VARIABLE_STORE_HEADER *mNvVariableCache = NULL;\r
\r
///\r
/// The memory entry used for variable statistics data.\r
///\r
-VARIABLE_INFO_ENTRY *gVariableInfo = NULL;\r
+VARIABLE_INFO_ENTRY *gVariableInfo = NULL;\r
\r
+///\r
+/// The list to store the variables which cannot be set after the EFI_END_OF_DXE_EVENT_GROUP_GUID\r
+/// or EVT_GROUP_READY_TO_BOOT event.\r
+///\r
+LIST_ENTRY mLockedVariableList = INITIALIZE_LIST_HEAD_VARIABLE (mLockedVariableList);\r
+\r
+///\r
+/// The flag to indicate whether the platform has left the DXE phase of execution.\r
+///\r
+BOOLEAN mEndOfDxe = FALSE;\r
+\r
+///\r
+/// The flag to indicate whether the variable storage locking is enabled.\r
+///\r
+BOOLEAN mEnableLocking = TRUE;\r
+\r
+//\r
+// To prevent name collisions with possible future globally defined variables,\r
+// other internal firmware data variables that are not defined here must be\r
+// saved with a unique VendorGuid other than EFI_GLOBAL_VARIABLE or\r
+// any other GUID defined by the UEFI Specification. Implementations must\r
+// only permit the creation of variables with a UEFI Specification-defined\r
+// VendorGuid when these variables are documented in the UEFI Specification.\r
+//\r
+GLOBAL_VARIABLE_ENTRY mGlobalVariableList[] = {\r
+ {EFI_LANG_CODES_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_LANG_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_TIME_OUT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_PLATFORM_LANG_CODES_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_PLATFORM_LANG_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_CON_IN_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_CON_OUT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_ERR_OUT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_CON_IN_DEV_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_CON_OUT_DEV_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_ERR_OUT_DEV_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_BOOT_ORDER_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_BOOT_NEXT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_BOOT_CURRENT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_BOOT_OPTION_SUPPORT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_DRIVER_ORDER_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_HW_ERR_REC_SUPPORT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_SETUP_MODE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_KEY_EXCHANGE_KEY_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT_AT},\r
+ {EFI_PLATFORM_KEY_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT_AT},\r
+ {EFI_SIGNATURE_SUPPORT_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_SECURE_BOOT_MODE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_KEK_DEFAULT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_PK_DEFAULT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_DB_DEFAULT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_DBX_DEFAULT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_DBT_DEFAULT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_OS_INDICATIONS_SUPPORT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+ {EFI_OS_INDICATIONS_VARIABLE_NAME, VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {EFI_VENDOR_KEYS_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
+};\r
+GLOBAL_VARIABLE_ENTRY mGlobalVariableList2[] = {\r
+ {L"Boot####", VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {L"Driver####", VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+ {L"Key####", VARIABLE_ATTRIBUTE_NV_BS_RT},\r
+};\r
\r
/**\r
Routine used to track statistical information about variable usage.\r
\r
SetLanguageCodes = FALSE;\r
\r
- if (StrCmp (VariableName, L"PlatformLangCodes") == 0) {\r
+ if (StrCmp (VariableName, EFI_PLATFORM_LANG_CODES_VARIABLE_NAME) == 0) {\r
//\r
// PlatformLangCodes is a volatile variable, so it can not be updated at runtime.\r
//\r
mVariableModuleGlobal->PlatformLang = AllocateRuntimePool (DataSize);\r
ASSERT (mVariableModuleGlobal->PlatformLang != NULL);\r
\r
- } else if (StrCmp (VariableName, L"LangCodes") == 0) {\r
+ } else if (StrCmp (VariableName, EFI_LANG_CODES_VARIABLE_NAME) == 0) {\r
//\r
// LangCodes is a volatile variable, so it can not be updated at runtime.\r
//\r
// Update Lang if PlatformLang is already set\r
// Update PlatformLang if Lang is already set\r
//\r
- Status = FindVariable (L"PlatformLang", &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
+ Status = FindVariable (EFI_PLATFORM_LANG_VARIABLE_NAME, &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
if (!EFI_ERROR (Status)) {\r
//\r
// Update Lang\r
//\r
- VariableName = L"PlatformLang";\r
+ VariableName = EFI_PLATFORM_LANG_VARIABLE_NAME;\r
Data = GetVariableDataPtr (Variable.CurrPtr);\r
DataSize = Variable.CurrPtr->DataSize;\r
} else {\r
- Status = FindVariable (L"Lang", &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
+ Status = FindVariable (EFI_LANG_VARIABLE_NAME, &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
if (!EFI_ERROR (Status)) {\r
//\r
// Update PlatformLang\r
//\r
- VariableName = L"Lang";\r
+ VariableName = EFI_LANG_VARIABLE_NAME;\r
Data = GetVariableDataPtr (Variable.CurrPtr);\r
DataSize = Variable.CurrPtr->DataSize;\r
} else {\r
//\r
Attributes = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS;\r
\r
- if (StrCmp (VariableName, L"PlatformLang") == 0) {\r
+ if (StrCmp (VariableName, EFI_PLATFORM_LANG_VARIABLE_NAME) == 0) {\r
//\r
// Update Lang when PlatformLangCodes/LangCodes were set.\r
//\r
//\r
// Successfully convert PlatformLang to Lang, and set the BestLang value into Lang variable simultaneously.\r
//\r
- FindVariable (L"Lang", &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
+ FindVariable (EFI_LANG_VARIABLE_NAME, &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
\r
- Status = UpdateVariable (L"Lang", &gEfiGlobalVariableGuid, BestLang,\r
+ Status = UpdateVariable (EFI_LANG_VARIABLE_NAME, &gEfiGlobalVariableGuid, BestLang,\r
ISO_639_2_ENTRY_SIZE + 1, Attributes, 0, 0, &Variable, NULL);\r
\r
DEBUG ((EFI_D_INFO, "Variable Driver Auto Update PlatformLang, PlatformLang:%a, Lang:%a\n", BestPlatformLang, BestLang));\r
}\r
}\r
\r
- } else if (StrCmp (VariableName, L"Lang") == 0) {\r
+ } else if (StrCmp (VariableName, EFI_LANG_VARIABLE_NAME) == 0) {\r
//\r
// Update PlatformLang when PlatformLangCodes/LangCodes were set.\r
//\r
//\r
// Successfully convert Lang to PlatformLang, and set the BestPlatformLang value into PlatformLang variable simultaneously.\r
//\r
- FindVariable (L"PlatformLang", &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
+ FindVariable (EFI_PLATFORM_LANG_VARIABLE_NAME, &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);\r
\r
- Status = UpdateVariable (L"PlatformLang", &gEfiGlobalVariableGuid, BestPlatformLang,\r
+ Status = UpdateVariable (EFI_PLATFORM_LANG_VARIABLE_NAME, &gEfiGlobalVariableGuid, BestPlatformLang,\r
AsciiStrSize (BestPlatformLang), Attributes, 0, 0, &Variable, NULL);\r
\r
DEBUG ((EFI_D_INFO, "Variable Driver Auto Update Lang, Lang:%a, PlatformLang:%a\n", BestLang, BestPlatformLang));\r
EFI_STATUS Status;\r
VARIABLE_HEADER *NextVariable;\r
UINTN ScratchSize;\r
- UINTN ScratchDataSize;\r
+ UINTN MaxDataSize;\r
UINTN NonVolatileVarableStoreSize;\r
UINTN VarNameOffset;\r
UINTN VarDataOffset;\r
UINTN CacheOffset;\r
UINTN BufSize;\r
UINTN DataOffset;\r
- UINTN RevBufSize;\r
\r
if (mVariableModuleGlobal->FvbInstance == NULL) {\r
//\r
//\r
NextVariable = GetEndPointer ((VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase));\r
ScratchSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize));\r
- ScratchDataSize = ScratchSize - sizeof (VARIABLE_HEADER) - StrSize (VariableName) - GET_PAD_SIZE (StrSize (VariableName));\r
+\r
\r
if (Variable->CurrPtr != NULL) {\r
//\r
DataOffset = sizeof (VARIABLE_HEADER) + Variable->CurrPtr->NameSize + GET_PAD_SIZE (Variable->CurrPtr->NameSize);\r
CopyMem (mStorageArea, (UINT8*)((UINTN) Variable->CurrPtr + DataOffset), Variable->CurrPtr->DataSize);\r
\r
+ //\r
+ // Set Max Common Variable Data Size as default MaxDataSize \r
+ //\r
+ MaxDataSize = PcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - StrSize (VariableName) - GET_PAD_SIZE (StrSize (VariableName));\r
+\r
+\r
if ((CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&\r
((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) || (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0))) ||\r
(CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0))) {\r
+\r
//\r
// For variables with formatted as EFI_SIGNATURE_LIST, the driver shall not perform an append of\r
// EFI_SIGNATURE_DATA values that are already part of the existing variable value.\r
//\r
- BufSize = AppendSignatureList (mStorageArea, Variable->CurrPtr->DataSize, Data, DataSize);\r
+ Status = AppendSignatureList (\r
+ mStorageArea, \r
+ Variable->CurrPtr->DataSize, \r
+ MaxDataSize - Variable->CurrPtr->DataSize,\r
+ Data, \r
+ DataSize, \r
+ &BufSize\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ //\r
+ // Signture List is too long, Failed to Append\r
+ //\r
+ Status = EFI_INVALID_PARAMETER;\r
+ goto Done;\r
+ }\r
+\r
if (BufSize == Variable->CurrPtr->DataSize) {\r
if ((TimeStamp == NULL) || CompareTimeStamp (TimeStamp, &Variable->CurrPtr->TimeStamp)) {\r
//\r
} else {\r
//\r
// For other Variables, append the new data to the end of previous data.\r
+ // Max Harware error record variable data size is different from common variable\r
//\r
+ if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
+ MaxDataSize = PcdGet32 (PcdMaxHardwareErrorVariableSize) - sizeof (VARIABLE_HEADER) - StrSize (VariableName) - GET_PAD_SIZE (StrSize (VariableName));\r
+ }\r
+\r
+ if (Variable->CurrPtr->DataSize + DataSize > MaxDataSize) {\r
+ //\r
+ // Exsiting data + Appended data exceed maximum variable size limitation \r
+ //\r
+ Status = EFI_INVALID_PARAMETER;\r
+ goto Done;\r
+ }\r
CopyMem ((UINT8*)((UINTN) mStorageArea + Variable->CurrPtr->DataSize), Data, DataSize);\r
BufSize = Variable->CurrPtr->DataSize + DataSize;\r
}\r
\r
- RevBufSize = MIN (PcdGet32 (PcdMaxVariableSize), ScratchDataSize);\r
- if (BufSize > RevBufSize) {\r
- //\r
- // If variable size (previous + current) is bigger than reserved buffer in runtime,\r
- // return EFI_OUT_OF_RESOURCES.\r
- //\r
- return EFI_OUT_OF_RESOURCES;\r
- }\r
-\r
//\r
// Override Data and DataSize which are used for combined data area including previous and new data.\r
//\r
return TRUE;\r
}\r
\r
+/**\r
+ This code checks if variable guid is global variable guid first.\r
+ If yes, further check if variable name is in mGlobalVariableList or mGlobalVariableList2 and attributes matched.\r
+\r
+ @param[in] VariableName Pointer to variable name.\r
+ @param[in] VendorGuid Variable Vendor Guid.\r
+ @param[in] Attributes Attributes of the variable.\r
+\r
+ @retval EFI_SUCCESS Variable is not global variable, or Variable is global variable, variable name is in the lists and attributes matched.\r
+ @retval EFI_INVALID_PARAMETER Variable is global variable, but variable name is not in the lists or attributes unmatched.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+CheckEfiGlobalVariable (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN UINT32 Attributes\r
+ )\r
+{\r
+ UINTN Index;\r
+ UINTN NameLength;\r
+\r
+ if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid)){\r
+ //\r
+ // Try list 1, exactly match.\r
+ //\r
+ for (Index = 0; Index < sizeof (mGlobalVariableList)/sizeof (mGlobalVariableList[0]); Index++) {\r
+ if ((StrCmp (mGlobalVariableList[Index].Name, VariableName) == 0) &&\r
+ (Attributes == 0 || (Attributes & (~EFI_VARIABLE_APPEND_WRITE)) == mGlobalVariableList[Index].Attributes)) {\r
+ return EFI_SUCCESS;\r
+ }\r
+ }\r
+\r
+ //\r
+ // Try list 2.\r
+ //\r
+ NameLength = StrLen (VariableName) - 4;\r
+ for (Index = 0; Index < sizeof (mGlobalVariableList2)/sizeof (mGlobalVariableList2[0]); Index++) {\r
+ if ((StrLen (VariableName) == StrLen (mGlobalVariableList2[Index].Name)) &&\r
+ (StrnCmp (mGlobalVariableList2[Index].Name, VariableName, NameLength) == 0) &&\r
+ IsHexaDecimalDigitCharacter (VariableName[NameLength]) &&\r
+ IsHexaDecimalDigitCharacter (VariableName[NameLength + 1]) &&\r
+ IsHexaDecimalDigitCharacter (VariableName[NameLength + 2]) &&\r
+ IsHexaDecimalDigitCharacter (VariableName[NameLength + 3]) &&\r
+ (Attributes == 0 || (Attributes & (~EFI_VARIABLE_APPEND_WRITE)) == mGlobalVariableList2[Index].Attributes)) {\r
+ return EFI_SUCCESS;\r
+ }\r
+ }\r
+\r
+ DEBUG ((EFI_D_INFO, "[Variable]: set global variable with invalid variable name or attributes - %g:%s:%x\n", VendorGuid, VariableName, Attributes));\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Mark a variable that will become read-only after leaving the DXE phase of execution.\r
+\r
+ @param[in] This The VARIABLE_LOCK_PROTOCOL instance.\r
+ @param[in] VariableName A pointer to the variable name that will be made read-only subsequently.\r
+ @param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently.\r
+\r
+ @retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked\r
+ as pending to be read-only.\r
+ @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.\r
+ Or VariableName is an empty string.\r
+ @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has\r
+ already been signaled.\r
+ @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+VariableLockRequestToLock (\r
+ IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid\r
+ )\r
+{\r
+ VARIABLE_ENTRY *Entry;\r
+\r
+ if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ if (mEndOfDxe) {\r
+ return EFI_ACCESS_DENIED;\r
+ }\r
+\r
+ Entry = AllocateRuntimePool (sizeof (*Entry) + StrSize (VariableName));\r
+ if (Entry == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s\n", VendorGuid, VariableName));\r
+\r
+ AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
+\r
+ Entry->Name = (CHAR16 *) (Entry + 1);\r
+ StrCpy (Entry->Name, VariableName);\r
+ CopyGuid (&Entry->Guid, VendorGuid);\r
+ InsertTailList (&mLockedVariableList, &Entry->Link);\r
+\r
+ ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
/**\r
This code checks if variable should be treated as read-only variable.\r
\r
VARIABLE_HEADER *NextVariable;\r
EFI_PHYSICAL_ADDRESS Point;\r
UINTN PayloadSize;\r
+ LIST_ENTRY *Link;\r
+ VARIABLE_ENTRY *Entry;\r
\r
//\r
// Check input parameters.\r
PayloadSize = DataSize;\r
}\r
\r
+ if ((UINTN)(~0) - PayloadSize < StrSize(VariableName)){\r
+ //\r
+ // Prevent whole variable size overflow \r
+ // \r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
//\r
// The size of the VariableName, including the Unicode Null in bytes plus\r
// the DataSize is limited to maximum size of PcdGet32 (PcdMaxHardwareErrorVariableSize)\r
// bytes for HwErrRec, and PcdGet32 (PcdMaxVariableSize) bytes for the others.\r
//\r
if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
- if ((PayloadSize > PcdGet32 (PcdMaxHardwareErrorVariableSize)) ||\r
- (sizeof (VARIABLE_HEADER) + StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxHardwareErrorVariableSize))) {\r
+ if (StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxHardwareErrorVariableSize) - sizeof (VARIABLE_HEADER)) {\r
return EFI_INVALID_PARAMETER;\r
}\r
if (!IsHwErrRecVariable(VariableName, VendorGuid)) {\r
// The size of the VariableName, including the Unicode Null in bytes plus\r
// the DataSize is limited to maximum size of PcdGet32 (PcdMaxVariableSize) bytes.\r
//\r
- if ((PayloadSize > PcdGet32 (PcdMaxVariableSize)) ||\r
- (sizeof (VARIABLE_HEADER) + StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxVariableSize))) {\r
+ if (StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER)) {\r
return EFI_INVALID_PARAMETER;\r
}\r
}\r
\r
- if (AtRuntime ()) {\r
- //\r
- // HwErrRecSupport Global Variable identifies the level of hardware error record persistence\r
- // support implemented by the platform. This variable is only modified by firmware and is read-only to the OS.\r
- //\r
- if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, L"HwErrRecSupport") == 0)) {\r
- return EFI_WRITE_PROTECTED;\r
- }\r
+ Status = CheckEfiGlobalVariable (VariableName, VendorGuid, Attributes);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
}\r
\r
AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) Point;\r
}\r
\r
+ if (mEndOfDxe && mEnableLocking) {\r
+ //\r
+ // Treat the variables listed in the forbidden variable list as read-only after leaving DXE phase.\r
+ //\r
+ for ( Link = GetFirstNode (&mLockedVariableList)\r
+ ; !IsNull (&mLockedVariableList, Link)\r
+ ; Link = GetNextNode (&mLockedVariableList, Link)\r
+ ) {\r
+ Entry = BASE_CR (Link, VARIABLE_ENTRY, Link);\r
+ if (CompareGuid (&Entry->Guid, VendorGuid) && (StrCmp (Entry->Name, VariableName) == 0)) {\r
+ Status = EFI_WRITE_PROTECTED;\r
+ DEBUG ((EFI_D_INFO, "[Variable]: Changing readonly variable after leaving DXE phase - %g:%s\n", VendorGuid, VariableName));\r
+ goto Done;\r
+ }\r
+ }\r
+ }\r
+\r
//\r
// Check whether the input variable is already existed.\r
//\r
Status = FindVariable (VariableName, VendorGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, TRUE);\r
if (!EFI_ERROR (Status)) {\r
if (((Variable.CurrPtr->Attributes & EFI_VARIABLE_RUNTIME_ACCESS) == 0) && AtRuntime ()) {\r
- return EFI_WRITE_PROTECTED;\r
+ Status = EFI_WRITE_PROTECTED;\r
+ goto Done;\r
+ }\r
+ if (Attributes != 0 && (Attributes & (~EFI_VARIABLE_APPEND_WRITE)) != Variable.CurrPtr->Attributes) {\r
+ //\r
+ // If a preexisting variable is rewritten with different attributes, SetVariable() shall not\r
+ // modify the variable and shall return EFI_INVALID_PARAMETER. Two exceptions to this rule:\r
+ // 1. No access attributes specified\r
+ // 2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE\r
+ //\r
+ Status = EFI_INVALID_PARAMETER;\r
+ goto Done;\r
}\r
}\r
\r
Status = ProcessVariable (VariableName, VendorGuid, Data, DataSize, &Variable, Attributes);\r
}\r
\r
+Done:\r
InterlockedDecrement (&mVariableModuleGlobal->VariableGlobal.ReentrantState);\r
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
\r
}\r
}\r
\r
+/**\r
+ Init non-volatile variable store.\r
+\r
+ @retval EFI_SUCCESS Function successfully executed.\r
+ @retval EFI_OUT_OF_RESOURCES Fail to allocate enough memory resource.\r
+ @retval EFI_VOLUME_CORRUPTED Variable Store or Firmware Volume for Variable Store is corrupted.\r
+\r
+**/\r
+EFI_STATUS\r
+InitNonVolatileVariableStore (\r
+ VOID\r
+ )\r
+{\r
+ EFI_FIRMWARE_VOLUME_HEADER *FvHeader;\r
+ VARIABLE_HEADER *NextVariable;\r
+ EFI_PHYSICAL_ADDRESS VariableStoreBase;\r
+ UINT64 VariableStoreLength;\r
+ UINTN VariableSize;\r
+ EFI_HOB_GUID_TYPE *GuidHob;\r
+ EFI_PHYSICAL_ADDRESS NvStorageBase;\r
+ UINT8 *NvStorageData;\r
+ UINT32 NvStorageSize;\r
+ FAULT_TOLERANT_WRITE_LAST_WRITE_DATA *FtwLastWriteData;\r
+ UINT32 BackUpOffset;\r
+ UINT32 BackUpSize;\r
+\r
+ mVariableModuleGlobal->FvbInstance = NULL;\r
+\r
+ //\r
+ // Note that in EdkII variable driver implementation, Hardware Error Record type variable\r
+ // is stored with common variable in the same NV region. So the platform integrator should\r
+ // ensure that the value of PcdHwErrStorageSize is less than or equal to the value of\r
+ // PcdFlashNvStorageVariableSize.\r
+ //\r
+ ASSERT (PcdGet32 (PcdHwErrStorageSize) <= PcdGet32 (PcdFlashNvStorageVariableSize));\r
+\r
+ //\r
+ // Allocate runtime memory used for a memory copy of the FLASH region.\r
+ // Keep the memory and the FLASH in sync as updates occur.\r
+ //\r
+ NvStorageSize = PcdGet32 (PcdFlashNvStorageVariableSize);\r
+ NvStorageData = AllocateRuntimeZeroPool (NvStorageSize);\r
+ if (NvStorageData == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);\r
+ if (NvStorageBase == 0) {\r
+ NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);\r
+ }\r
+ //\r
+ // Copy NV storage data to the memory buffer.\r
+ //\r
+ CopyMem (NvStorageData, (UINT8 *) (UINTN) NvStorageBase, NvStorageSize);\r
+\r
+ //\r
+ // Check the FTW last write data hob.\r
+ //\r
+ GuidHob = GetFirstGuidHob (&gEdkiiFaultTolerantWriteGuid);\r
+ if (GuidHob != NULL) {\r
+ FtwLastWriteData = (FAULT_TOLERANT_WRITE_LAST_WRITE_DATA *) GET_GUID_HOB_DATA (GuidHob);\r
+ if (FtwLastWriteData->TargetAddress == NvStorageBase) {\r
+ DEBUG ((EFI_D_INFO, "Variable: NV storage is backed up in spare block: 0x%x\n", (UINTN) FtwLastWriteData->SpareAddress));\r
+ //\r
+ // Copy the backed up NV storage data to the memory buffer from spare block.\r
+ //\r
+ CopyMem (NvStorageData, (UINT8 *) (UINTN) (FtwLastWriteData->SpareAddress), NvStorageSize);\r
+ } else if ((FtwLastWriteData->TargetAddress > NvStorageBase) &&\r
+ (FtwLastWriteData->TargetAddress < (NvStorageBase + NvStorageSize))) {\r
+ //\r
+ // Flash NV storage from the Offset is backed up in spare block.\r
+ //\r
+ BackUpOffset = (UINT32) (FtwLastWriteData->TargetAddress - NvStorageBase);\r
+ BackUpSize = NvStorageSize - BackUpOffset;\r
+ DEBUG ((EFI_D_INFO, "Variable: High partial NV storage from offset: %x is backed up in spare block: 0x%x\n", BackUpOffset, (UINTN) FtwLastWriteData->SpareAddress));\r
+ //\r
+ // Copy the partial backed up NV storage data to the memory buffer from spare block.\r
+ //\r
+ CopyMem (NvStorageData + BackUpOffset, (UINT8 *) (UINTN) FtwLastWriteData->SpareAddress, BackUpSize);\r
+ }\r
+ }\r
+\r
+ FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *) NvStorageData;\r
+\r
+ //\r
+ // Check if the Firmware Volume is not corrupted\r
+ //\r
+ if ((FvHeader->Signature != EFI_FVH_SIGNATURE) || (!CompareGuid (&gEfiSystemNvDataFvGuid, &FvHeader->FileSystemGuid))) {\r
+ FreePool (NvStorageData);\r
+ DEBUG ((EFI_D_ERROR, "Firmware Volume for Variable Store is corrupted\n"));\r
+ return EFI_VOLUME_CORRUPTED;\r
+ }\r
+\r
+ VariableStoreBase = (EFI_PHYSICAL_ADDRESS) ((UINTN) FvHeader + FvHeader->HeaderLength);\r
+ VariableStoreLength = (UINT64) (NvStorageSize - FvHeader->HeaderLength);\r
+\r
+ mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase = VariableStoreBase;\r
+ mNvVariableCache = (VARIABLE_STORE_HEADER *) (UINTN) VariableStoreBase;\r
+ if (GetVariableStoreStatus (mNvVariableCache) != EfiValid) {\r
+ FreePool (NvStorageData);\r
+ DEBUG((EFI_D_ERROR, "Variable Store header is corrupted\n"));\r
+ return EFI_VOLUME_CORRUPTED;\r
+ }\r
+ ASSERT(mNvVariableCache->Size == VariableStoreLength);\r
+\r
+ //\r
+ // The max variable or hardware error variable size should be < variable store size.\r
+ //\r
+ ASSERT(MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)) < VariableStoreLength);\r
+\r
+ //\r
+ // Parse non-volatile variable data and get last variable offset.\r
+ //\r
+ NextVariable = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase);\r
+ while (IsValidVariableHeader (NextVariable)) {\r
+ VariableSize = NextVariable->NameSize + NextVariable->DataSize + sizeof (VARIABLE_HEADER);\r
+ if ((NextVariable->Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
+ mVariableModuleGlobal->HwErrVariableTotalSize += HEADER_ALIGN (VariableSize);\r
+ } else {\r
+ mVariableModuleGlobal->CommonVariableTotalSize += HEADER_ALIGN (VariableSize);\r
+ }\r
+\r
+ NextVariable = GetNextVariablePtr (NextVariable);\r
+ }\r
+ mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) VariableStoreBase;\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
/**\r
Flush the HOB variable to flash.\r
\r
}\r
\r
/**\r
- Initializes variable write service after FVB was ready.\r
+ Initializes variable write service after FTW was ready.\r
\r
@retval EFI_SUCCESS Function successfully executed.\r
@retval Others Fail to initialize the variable service.\r
UINTN Index;\r
UINT8 Data;\r
EFI_PHYSICAL_ADDRESS VariableStoreBase;\r
+ EFI_PHYSICAL_ADDRESS NvStorageBase;\r
+\r
+ NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);\r
+ if (NvStorageBase == 0) {\r
+ NvStorageBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);\r
+ }\r
+ VariableStoreBase = NvStorageBase + (((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)(NvStorageBase))->HeaderLength);\r
\r
- VariableStoreBase = mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase;\r
+ //\r
+ // Let NonVolatileVariableBase point to flash variable store base directly after FTW ready.\r
+ //\r
+ mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase = VariableStoreBase;\r
VariableStoreHeader = (VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase;\r
\r
//\r
EFI_STATUS Status;\r
VARIABLE_STORE_HEADER *VolatileVariableStore;\r
VARIABLE_STORE_HEADER *VariableStoreHeader;\r
- VARIABLE_HEADER *NextVariable;\r
- EFI_PHYSICAL_ADDRESS TempVariableStoreHeader;\r
- EFI_PHYSICAL_ADDRESS VariableStoreBase;\r
UINT64 VariableStoreLength;\r
UINTN ScratchSize;\r
- UINTN VariableSize;\r
EFI_HOB_GUID_TYPE *GuidHob;\r
\r
//\r
\r
InitializeLock (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock, TPL_NOTIFY);\r
\r
- //\r
- // Note that in EdkII variable driver implementation, Hardware Error Record type variable\r
- // is stored with common variable in the same NV region. So the platform integrator should\r
- // ensure that the value of PcdHwErrStorageSize is less than or equal to the value of\r
- // PcdFlashNvStorageVariableSize.\r
- //\r
- ASSERT (PcdGet32 (PcdHwErrStorageSize) <= PcdGet32 (PcdFlashNvStorageVariableSize));\r
-\r
//\r
// Get HOB variable store.\r
//\r
if (GetVariableStoreStatus (VariableStoreHeader) == EfiValid) {\r
mVariableModuleGlobal->VariableGlobal.HobVariableBase = (EFI_PHYSICAL_ADDRESS) (UINTN) AllocateRuntimeCopyPool ((UINTN) VariableStoreLength, (VOID *) VariableStoreHeader);\r
if (mVariableModuleGlobal->VariableGlobal.HobVariableBase == 0) {\r
+ FreePool (mVariableModuleGlobal);\r
return EFI_OUT_OF_RESOURCES;\r
}\r
} else {\r
ScratchSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize));\r
VolatileVariableStore = AllocateRuntimePool (PcdGet32 (PcdVariableStoreSize) + ScratchSize);\r
if (VolatileVariableStore == NULL) {\r
+ if (mVariableModuleGlobal->VariableGlobal.HobVariableBase != 0) {\r
+ FreePool ((VOID *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase);\r
+ }\r
FreePool (mVariableModuleGlobal);\r
return EFI_OUT_OF_RESOURCES;\r
}\r
//\r
mVariableModuleGlobal->VariableGlobal.VolatileVariableBase = (EFI_PHYSICAL_ADDRESS) (UINTN) VolatileVariableStore;\r
mVariableModuleGlobal->VolatileLastVariableOffset = (UINTN) GetStartPointer (VolatileVariableStore) - (UINTN) VolatileVariableStore;\r
- mVariableModuleGlobal->FvbInstance = NULL;\r
\r
CopyGuid (&VolatileVariableStore->Signature, &gEfiAuthenticatedVariableGuid);\r
VolatileVariableStore->Size = PcdGet32 (PcdVariableStoreSize);\r
VolatileVariableStore->Reserved1 = 0;\r
\r
//\r
- // Get non-volatile variable store.\r
- //\r
-\r
- TempVariableStoreHeader = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);\r
- if (TempVariableStoreHeader == 0) {\r
- TempVariableStoreHeader = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);\r
- }\r
- \r
- //\r
- // Check if the Firmware Volume is not corrupted\r
- //\r
- if ((((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)(TempVariableStoreHeader))->Signature != EFI_FVH_SIGNATURE) ||\r
- (!CompareGuid (&gEfiSystemNvDataFvGuid, &((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)(TempVariableStoreHeader))->FileSystemGuid))) {\r
- Status = EFI_VOLUME_CORRUPTED;\r
- DEBUG ((EFI_D_ERROR, "Firmware Volume for Variable Store is corrupted\n"));\r
- goto Done;\r
- }\r
-\r
- VariableStoreBase = TempVariableStoreHeader + \\r
- (((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)(TempVariableStoreHeader)) -> HeaderLength);\r
- VariableStoreLength = (UINT64) PcdGet32 (PcdFlashNvStorageVariableSize) - \\r
- (((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)(TempVariableStoreHeader)) -> HeaderLength);\r
-\r
- mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase = VariableStoreBase;\r
- VariableStoreHeader = (VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase;\r
- if (GetVariableStoreStatus (VariableStoreHeader) != EfiValid) {\r
- Status = EFI_VOLUME_CORRUPTED;\r
- DEBUG((EFI_D_INFO, "Variable Store header is corrupted\n"));\r
- goto Done;\r
- }\r
- ASSERT(VariableStoreHeader->Size == VariableStoreLength);\r
-\r
- //\r
- // Parse non-volatile variable data and get last variable offset.\r
+ // Init non-volatile variable store.\r
//\r
- NextVariable = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase);\r
- while (IsValidVariableHeader (NextVariable)) {\r
- VariableSize = NextVariable->NameSize + NextVariable->DataSize + sizeof (VARIABLE_HEADER);\r
- if ((NextVariable->Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
- mVariableModuleGlobal->HwErrVariableTotalSize += HEADER_ALIGN (VariableSize);\r
- } else {\r
- mVariableModuleGlobal->CommonVariableTotalSize += HEADER_ALIGN (VariableSize);\r
- }\r
-\r
- NextVariable = GetNextVariablePtr (NextVariable);\r
- }\r
-\r
- mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) VariableStoreBase;\r
-\r
- //\r
- // Allocate runtime memory used for a memory copy of the FLASH region.\r
- // Keep the memory and the FLASH in sync as updates occur\r
- //\r
- mNvVariableCache = AllocateRuntimeZeroPool ((UINTN)VariableStoreLength);\r
- if (mNvVariableCache == NULL) {\r
- Status = EFI_OUT_OF_RESOURCES;\r
- goto Done;\r
- }\r
- CopyMem (mNvVariableCache, (CHAR8 *)(UINTN)VariableStoreBase, (UINTN)VariableStoreLength);\r
- Status = EFI_SUCCESS;\r
-\r
-Done:\r
+ Status = InitNonVolatileVariableStore ();\r
if (EFI_ERROR (Status)) {\r
+ if (mVariableModuleGlobal->VariableGlobal.HobVariableBase != 0) {\r
+ FreePool ((VOID *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase);\r
+ }\r
FreePool (mVariableModuleGlobal);\r
FreePool (VolatileVariableStore);\r
}\r