X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=SecurityPkg%2FVariableAuthenticated%2FRuntimeDxe%2FVariable.c;h=28d026a0a8eb1a8d9b64827bc47692b0e55623f6;hb=25da08c8b2a73b375f57652104cfdbd0db82d31e;hp=c99cd2310eefb2bed1f056232943f470a1c900f2;hpb=3a186b06f1f1bdc9b4508b5479e0530e629dd68c;p=mirror_edk2.git diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c index c99cd2310e..28d026a0a8 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c @@ -104,6 +104,20 @@ GLOBAL_VARIABLE_ENTRY mGlobalVariableList2[] = { {L"Key####", VARIABLE_ATTRIBUTE_NV_BS_RT}, }; +/** + + SecureBoot Hook for auth variable update. + + @param[in] VariableName Name of Variable to be found. + @param[in] VendorGuid Variable vendor GUID. +**/ +VOID +EFIAPI +SecureBootHook ( + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid + ); + /** Routine used to track statistical information about variable usage. The data is stored in the EFI system table so it can be accessed later. @@ -687,6 +701,7 @@ PubKeyStoreFilter ( *NewPubKeyIndex = AllocateZeroPool ((PubKeyNumber + 1) * sizeof (UINT32)); if (*NewPubKeyIndex == NULL) { FreePool (*NewPubKeyStore); + *NewPubKeyStore = NULL; return EFI_OUT_OF_RESOURCES; } @@ -717,11 +732,12 @@ PubKeyStoreFilter ( @param[in] IsVolatile The variable store is volatile or not; if it is non-volatile, need FTW. @param[in, out] UpdatingPtrTrack Pointer to updating variable pointer track structure. + @param[in] NewVariable Pointer to new variable. + @param[in] NewVariableSize New variable size. @param[in] ReclaimPubKeyStore Reclaim for public key database or not. - @param[in] ReclaimAnyway If TRUE, do reclaim anyway. @return EFI_SUCCESS Reclaim operation has finished successfully. - @return EFI_OUT_OF_RESOURCES No enough memory resources. + @return EFI_OUT_OF_RESOURCES No enough memory resources or variable space. @return EFI_DEVICE_ERROR The public key database doesn't exist. @return Others Unexpect error happened during reclaim operation. @@ -732,8 +748,9 @@ Reclaim ( OUT UINTN *LastVariableOffset, IN BOOLEAN IsVolatile, IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack, - IN BOOLEAN ReclaimPubKeyStore, - IN BOOLEAN ReclaimAnyway + IN VARIABLE_HEADER *NewVariable, + IN UINTN NewVariableSize, + IN BOOLEAN ReclaimPubKeyStore ) { VARIABLE_HEADER *Variable; @@ -744,31 +761,28 @@ Reclaim ( UINT8 *ValidBuffer; UINTN MaximumBufferSize; UINTN VariableSize; - UINTN VariableNameSize; - UINTN UpdatingVariableNameSize; UINTN NameSize; UINT8 *CurrPtr; VOID *Point0; VOID *Point1; BOOLEAN FoundAdded; EFI_STATUS Status; - CHAR16 *VariableNamePtr; - CHAR16 *UpdatingVariableNamePtr; UINTN CommonVariableTotalSize; UINTN HwErrVariableTotalSize; UINT32 *NewPubKeyIndex; UINT8 *NewPubKeyStore; UINT32 NewPubKeySize; VARIABLE_HEADER *PubKeyHeader; - BOOLEAN NeedDoReclaim; VARIABLE_HEADER *UpdatingVariable; + VARIABLE_HEADER *UpdatingInDeletedTransition; UpdatingVariable = NULL; + UpdatingInDeletedTransition = NULL; if (UpdatingPtrTrack != NULL) { UpdatingVariable = UpdatingPtrTrack->CurrPtr; + UpdatingInDeletedTransition = UpdatingPtrTrack->InDeletedTransitionPtr; } - NeedDoReclaim = FALSE; VariableStoreHeader = (VARIABLE_STORE_HEADER *) ((UINTN) VariableBase); CommonVariableTotalSize = 0; @@ -777,40 +791,50 @@ Reclaim ( NewPubKeyStore = NULL; NewPubKeySize = 0; PubKeyHeader = NULL; - - // - // Start Pointers for the variable. - // - Variable = GetStartPointer (VariableStoreHeader); - MaximumBufferSize = sizeof (VARIABLE_STORE_HEADER); - while (IsValidVariableHeader (Variable)) { - NextVariable = GetNextVariablePtr (Variable); - if (Variable->State == VAR_ADDED || - Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED) - ) { - VariableSize = (UINTN) NextVariable - (UINTN) Variable; - MaximumBufferSize += VariableSize; - } else { - NeedDoReclaim = TRUE; - } + if (IsVolatile) { + // + // Start Pointers for the variable. + // + Variable = GetStartPointer (VariableStoreHeader); + MaximumBufferSize = sizeof (VARIABLE_STORE_HEADER); - Variable = NextVariable; - } + while (IsValidVariableHeader (Variable)) { + NextVariable = GetNextVariablePtr (Variable); + if ((Variable->State == VAR_ADDED || Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) && + Variable != UpdatingVariable && + Variable != UpdatingInDeletedTransition + ) { + VariableSize = (UINTN) NextVariable - (UINTN) Variable; + MaximumBufferSize += VariableSize; + } - if (!ReclaimAnyway && !NeedDoReclaim) { - DEBUG ((EFI_D_INFO, "Variable driver: no DELETED variable found, so no variable space could be reclaimed.\n")); - return EFI_SUCCESS; - } + Variable = NextVariable; + } - // - // Reserve the 1 Bytes with Oxff to identify the - // end of the variable buffer. - // - MaximumBufferSize += 1; - ValidBuffer = AllocatePool (MaximumBufferSize); - if (ValidBuffer == NULL) { - return EFI_OUT_OF_RESOURCES; + if (NewVariable != NULL) { + // + // Add the new variable size. + // + MaximumBufferSize += NewVariableSize; + } + + // + // Reserve the 1 Bytes with Oxff to identify the + // end of the variable buffer. + // + MaximumBufferSize += 1; + ValidBuffer = AllocatePool (MaximumBufferSize); + if (ValidBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + } else { + // + // For NV variable reclaim, don't allocate pool here and just use mNvVariableCache + // as the buffer to reduce SMRAM consumption for SMM variable driver. + // + MaximumBufferSize = mNvVariableCache->Size; + ValidBuffer = (UINT8 *) mNvVariableCache; } SetMem (ValidBuffer, MaximumBufferSize, 0xff); @@ -822,6 +846,7 @@ Reclaim ( CurrPtr = (UINT8 *) GetStartPointer ((VARIABLE_STORE_HEADER *) ValidBuffer); if (ReclaimPubKeyStore) { + ASSERT (IsVolatile == FALSE); // // Trim the PubKeyStore and get new PubKeyIndex. // @@ -833,14 +858,13 @@ Reclaim ( &NewPubKeySize ); if (EFI_ERROR (Status)) { - FreePool (ValidBuffer); - return Status; + goto Done; } // // Refresh the PubKeyIndex for all valid variables (ADDED and IN_DELETED_TRANSITION). // - Variable = GetStartPointer (mNvVariableCache); + Variable = GetStartPointer (VariableStoreHeader); while (IsValidVariableHeader (Variable)) { NextVariable = GetNextVariablePtr (Variable); if (Variable->State == VAR_ADDED || Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) { @@ -858,9 +882,9 @@ Reclaim ( CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize); ((VARIABLE_HEADER*) CurrPtr)->PubKeyIndex = NewPubKeyIndex[Variable->PubKeyIndex]; CurrPtr += VariableSize; - if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { + if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { HwErrVariableTotalSize += VariableSize; - } else if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { + } else if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) { CommonVariableTotalSize += VariableSize; } } @@ -872,10 +896,8 @@ Reclaim ( // ASSERT (PubKeyHeader != NULL); if (PubKeyHeader == NULL) { - FreePool (ValidBuffer); - FreePool (NewPubKeyIndex); - FreePool (NewPubKeyStore); - return EFI_DEVICE_ERROR; + Status = EFI_DEVICE_ERROR; + goto Done; } CopyMem (CurrPtr, (UINT8*) PubKeyHeader, sizeof (VARIABLE_HEADER)); Variable = (VARIABLE_HEADER*) CurrPtr; @@ -891,25 +913,7 @@ Reclaim ( Variable = GetStartPointer (VariableStoreHeader); while (IsValidVariableHeader (Variable)) { NextVariable = GetNextVariablePtr (Variable); - if (Variable->State == VAR_ADDED) { - if (UpdatingVariable != NULL) { - if (UpdatingVariable == Variable) { - Variable = NextVariable; - continue; - } - - VariableNameSize = NameSizeOfVariable(Variable); - UpdatingVariableNameSize = NameSizeOfVariable(UpdatingVariable); - - VariableNamePtr = GetVariableNamePtr (Variable); - UpdatingVariableNamePtr = GetVariableNamePtr (UpdatingVariable); - if (CompareGuid (&Variable->VendorGuid, &UpdatingVariable->VendorGuid) && - VariableNameSize == UpdatingVariableNameSize && - CompareMem (VariableNamePtr, UpdatingVariableNamePtr, VariableNameSize) == 0 ) { - Variable = NextVariable; - continue; - } - } + if (Variable != UpdatingVariable && Variable->State == VAR_ADDED) { VariableSize = (UINTN) NextVariable - (UINTN) Variable; CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize); CurrPtr += VariableSize; @@ -922,29 +926,13 @@ Reclaim ( Variable = NextVariable; } - // - // Reinstall the variable being updated if it is not NULL. - // - if (UpdatingVariable != NULL) { - VariableSize = (UINTN)(GetNextVariablePtr (UpdatingVariable)) - (UINTN)UpdatingVariable; - CopyMem (CurrPtr, (UINT8 *) UpdatingVariable, VariableSize); - UpdatingPtrTrack->CurrPtr = (VARIABLE_HEADER *)((UINTN)UpdatingPtrTrack->StartPtr + ((UINTN)CurrPtr - (UINTN)GetStartPointer ((VARIABLE_STORE_HEADER *) ValidBuffer))); - UpdatingPtrTrack->InDeletedTransitionPtr = NULL; - CurrPtr += VariableSize; - if ((!IsVolatile) && ((UpdatingVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - HwErrVariableTotalSize += VariableSize; - } else if ((!IsVolatile) && ((UpdatingVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - CommonVariableTotalSize += VariableSize; - } - } - // // Reinstall all in delete transition variables. // - Variable = GetStartPointer (VariableStoreHeader); + Variable = GetStartPointer (VariableStoreHeader); while (IsValidVariableHeader (Variable)) { NextVariable = GetNextVariablePtr (Variable); - if (Variable != UpdatingVariable && Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) { + if (Variable != UpdatingVariable && Variable != UpdatingInDeletedTransition && Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) { // // Buffer has cached all ADDED variable. @@ -987,6 +975,42 @@ Reclaim ( Variable = NextVariable; } + + // + // Install the new variable if it is not NULL. + // + if (NewVariable != NULL) { + if ((UINTN) (CurrPtr - ValidBuffer) + NewVariableSize > VariableStoreHeader->Size) { + // + // No enough space to store the new variable. + // + Status = EFI_OUT_OF_RESOURCES; + goto Done; + } + if (!IsVolatile) { + if ((NewVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { + HwErrVariableTotalSize += NewVariableSize; + } else if ((NewVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) { + CommonVariableTotalSize += NewVariableSize; + } + if ((HwErrVariableTotalSize > PcdGet32 (PcdHwErrStorageSize)) || + (CommonVariableTotalSize > VariableStoreHeader->Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32 (PcdHwErrStorageSize))) { + // + // No enough space to store the new variable by NV or NV+HR attribute. + // + Status = EFI_OUT_OF_RESOURCES; + goto Done; + } + } + + CopyMem (CurrPtr, (UINT8 *) NewVariable, NewVariableSize); + ((VARIABLE_HEADER *) CurrPtr)->State = VAR_ADDED; + if (UpdatingVariable != NULL) { + UpdatingPtrTrack->CurrPtr = (VARIABLE_HEADER *)((UINTN)UpdatingPtrTrack->StartPtr + ((UINTN)CurrPtr - (UINTN)GetStartPointer ((VARIABLE_STORE_HEADER *) ValidBuffer))); + UpdatingPtrTrack->InDeletedTransitionPtr = NULL; + } + CurrPtr += NewVariableSize; + } } if (IsVolatile) { @@ -994,7 +1018,8 @@ Reclaim ( // If volatile variable store, just copy valid buffer. // SetMem ((UINT8 *) (UINTN) VariableBase, VariableStoreHeader->Size, 0xff); - CopyMem ((UINT8 *) (UINTN) VariableBase, ValidBuffer, (UINTN) (CurrPtr - (UINT8 *) ValidBuffer)); + CopyMem ((UINT8 *) (UINTN) VariableBase, ValidBuffer, (UINTN) (CurrPtr - ValidBuffer)); + *LastVariableOffset = (UINTN) (CurrPtr - ValidBuffer); Status = EFI_SUCCESS; } else { // @@ -1002,41 +1027,45 @@ Reclaim ( // Status = FtwVariableSpace ( VariableBase, - ValidBuffer, - (UINTN) (CurrPtr - (UINT8 *) ValidBuffer) + (VARIABLE_STORE_HEADER *) ValidBuffer ); - CopyMem (mNvVariableCache, (CHAR8 *)(UINTN)VariableBase, VariableStoreHeader->Size); - } - if (!EFI_ERROR (Status)) { - *LastVariableOffset = (UINTN) (CurrPtr - (UINT8 *) ValidBuffer); - if (!IsVolatile) { + if (!EFI_ERROR (Status)) { + *LastVariableOffset = (UINTN) (CurrPtr - ValidBuffer); mVariableModuleGlobal->HwErrVariableTotalSize = HwErrVariableTotalSize; mVariableModuleGlobal->CommonVariableTotalSize = CommonVariableTotalSize; - } - } else { - NextVariable = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase); - while (IsValidVariableHeader (NextVariable)) { - VariableSize = NextVariable->NameSize + NextVariable->DataSize + sizeof (VARIABLE_HEADER); - if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - mVariableModuleGlobal->HwErrVariableTotalSize += HEADER_ALIGN (VariableSize); - } else if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - mVariableModuleGlobal->CommonVariableTotalSize += HEADER_ALIGN (VariableSize); - } + } else { + NextVariable = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase); + while (IsValidVariableHeader (NextVariable)) { + VariableSize = NextVariable->NameSize + NextVariable->DataSize + sizeof (VARIABLE_HEADER); + if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { + mVariableModuleGlobal->HwErrVariableTotalSize += HEADER_ALIGN (VariableSize); + } else if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) { + mVariableModuleGlobal->CommonVariableTotalSize += HEADER_ALIGN (VariableSize); + } - NextVariable = GetNextVariablePtr (NextVariable); + NextVariable = GetNextVariablePtr (NextVariable); + } + *LastVariableOffset = (UINTN) NextVariable - (UINTN) VariableBase; } - *LastVariableOffset = (UINTN) NextVariable - (UINTN) VariableBase; } - if (NewPubKeyStore != NULL) { - FreePool (NewPubKeyStore); - } +Done: + if (IsVolatile) { + FreePool (ValidBuffer); + } else { + // + // For NV variable reclaim, we use mNvVariableCache as the buffer, so copy the data back. + // + CopyMem (mNvVariableCache, (UINT8 *)(UINTN)VariableBase, VariableStoreHeader->Size); + + if (NewPubKeyStore != NULL) { + FreePool (NewPubKeyStore); + } - if (NewPubKeyIndex != NULL) { - FreePool (NewPubKeyIndex); + if (NewPubKeyIndex != NULL) { + FreePool (NewPubKeyIndex); + } } - - FreePool (ValidBuffer); return Status; } @@ -1723,7 +1752,9 @@ UpdateVariable ( VARIABLE_POINTER_TRACK NvVariable; VARIABLE_STORE_HEADER *VariableStoreHeader; UINTN CacheOffset; - UINTN BufSize; + UINT8 *BufferForMerge; + UINTN MergedBufSize; + BOOLEAN DataReady; UINTN DataOffset; if (mVariableModuleGlobal->FvbInstance == NULL) { @@ -1773,7 +1804,8 @@ UpdateVariable ( // NextVariable = GetEndPointer ((VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase)); ScratchSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)); - + SetMem (NextVariable, ScratchSize, 0xff); + DataReady = FALSE; if (Variable->CurrPtr != NULL) { // @@ -1865,7 +1897,7 @@ UpdateVariable ( // then return to the caller immediately. // if (DataSizeOfVariable (Variable->CurrPtr) == DataSize && - (CompareMem (Data, GetVariableDataPtr (Variable->CurrPtr), DataSize) == 0) && + (CompareMem (Data, GetVariableDataPtr (Variable->CurrPtr), DataSize) == 0) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0) && (TimeStamp == NULL)) { // @@ -1882,42 +1914,42 @@ UpdateVariable ( // if ((Attributes & EFI_VARIABLE_APPEND_WRITE) != 0) { // - // Cache the previous variable data into StorageArea. + // NOTE: From 0 to DataOffset of NextVariable is reserved for Variable Header and Name. + // From DataOffset of NextVariable is to save the existing variable data. // DataOffset = sizeof (VARIABLE_HEADER) + Variable->CurrPtr->NameSize + GET_PAD_SIZE (Variable->CurrPtr->NameSize); - CopyMem (mStorageArea, (UINT8*)((UINTN) Variable->CurrPtr + DataOffset), Variable->CurrPtr->DataSize); + BufferForMerge = (UINT8 *) ((UINTN) NextVariable + DataOffset); + CopyMem (BufferForMerge, (UINT8 *) ((UINTN) Variable->CurrPtr + DataOffset), Variable->CurrPtr->DataSize); // // Set Max Common Variable Data Size as default MaxDataSize // - MaxDataSize = PcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - StrSize (VariableName) - GET_PAD_SIZE (StrSize (VariableName)); - + MaxDataSize = PcdGet32 (PcdMaxVariableSize) - DataOffset; if ((CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) && ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) || (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0))) || (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0))) { - // // For variables with formatted as EFI_SIGNATURE_LIST, the driver shall not perform an append of // EFI_SIGNATURE_DATA values that are already part of the existing variable value. // Status = AppendSignatureList ( - mStorageArea, + BufferForMerge, Variable->CurrPtr->DataSize, MaxDataSize - Variable->CurrPtr->DataSize, - Data, - DataSize, - &BufSize + Data, + DataSize, + &MergedBufSize ); if (Status == EFI_BUFFER_TOO_SMALL) { // - // Signture List is too long, Failed to Append + // Signature List is too long, Failed to Append. // Status = EFI_INVALID_PARAMETER; goto Done; } - if (BufSize == Variable->CurrPtr->DataSize) { + if (MergedBufSize == Variable->CurrPtr->DataSize) { if ((TimeStamp == NULL) || CompareTimeStamp (TimeStamp, &Variable->CurrPtr->TimeStamp)) { // // New EFI_SIGNATURE_DATA is not found and timestamp is not later @@ -1930,29 +1962,30 @@ UpdateVariable ( } } else { // - // For other Variables, append the new data to the end of previous data. + // For other Variables, append the new data to the end of existing data. // Max Harware error record variable data size is different from common variable // if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { - MaxDataSize = PcdGet32 (PcdMaxHardwareErrorVariableSize) - sizeof (VARIABLE_HEADER) - StrSize (VariableName) - GET_PAD_SIZE (StrSize (VariableName)); + MaxDataSize = PcdGet32 (PcdMaxHardwareErrorVariableSize) - DataOffset; } if (Variable->CurrPtr->DataSize + DataSize > MaxDataSize) { // - // Exsiting data + Appended data exceed maximum variable size limitation + // Existing data size + new data size exceed maximum variable size limitation. // Status = EFI_INVALID_PARAMETER; goto Done; } - CopyMem ((UINT8*)((UINTN) mStorageArea + Variable->CurrPtr->DataSize), Data, DataSize); - BufSize = Variable->CurrPtr->DataSize + DataSize; + CopyMem ((UINT8*) ((UINTN) BufferForMerge + Variable->CurrPtr->DataSize), Data, DataSize); + MergedBufSize = Variable->CurrPtr->DataSize + DataSize; } // - // Override Data and DataSize which are used for combined data area including previous and new data. + // BufferForMerge(from DataOffset of NextVariable) has included the merged existing and new data. // - Data = mStorageArea; - DataSize = BufSize; + Data = BufferForMerge; + DataSize = MergedBufSize; + DataReady = TRUE; } // @@ -2009,9 +2042,7 @@ UpdateVariable ( // // Function part - create a new variable and copy the data. // Both update a variable and create a variable will come here. - - SetMem (NextVariable, ScratchSize, 0xff); - + // NextVariable->StartId = VARIABLE_DATA; // // NextVariable->State = VAR_ADDED; @@ -2053,11 +2084,19 @@ UpdateVariable ( VarNameSize ); VarDataOffset = VarNameOffset + VarNameSize + GET_PAD_SIZE (VarNameSize); - CopyMem ( - (UINT8 *) ((UINTN) NextVariable + VarDataOffset), - Data, - DataSize - ); + + // + // If DataReady is TRUE, it means the variable data has been saved into + // NextVariable during EFI_VARIABLE_APPEND_WRITE operation preparation. + // + if (!DataReady) { + CopyMem ( + (UINT8 *) ((UINTN) NextVariable + VarDataOffset), + Data, + DataSize + ); + } + CopyMem (&NextVariable->VendorGuid, VendorGuid, sizeof (EFI_GUID)); // // There will be pad bytes after Data, the NextVariable->NameSize and @@ -2087,33 +2126,29 @@ UpdateVariable ( goto Done; } // - // Perform garbage collection & reclaim operation. + // Perform garbage collection & reclaim operation, and integrate the new variable at the same time. // Status = Reclaim ( mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase, &mVariableModuleGlobal->NonVolatileLastVariableOffset, FALSE, Variable, - FALSE, + NextVariable, + HEADER_ALIGN (VarSize), FALSE ); - if (EFI_ERROR (Status)) { - goto Done; - } - // - // If still no enough space, return out of resources. - // - if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0) - && ((VarSize + mVariableModuleGlobal->HwErrVariableTotalSize) > PcdGet32 (PcdHwErrStorageSize))) - || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0) - && ((VarSize + mVariableModuleGlobal->CommonVariableTotalSize) > NonVolatileVarableStoreSize - sizeof (VARIABLE_STORE_HEADER) - PcdGet32 (PcdHwErrStorageSize)))) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } - if (Variable->CurrPtr != NULL) { - CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr)); - CacheVariable->InDeletedTransitionPtr = NULL; + if (!EFI_ERROR (Status)) { + // + // The new variable has been integrated successfully during reclaiming. + // + if (Variable->CurrPtr != NULL) { + CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr)); + CacheVariable->InDeletedTransitionPtr = NULL; + } + UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE, FALSE, FALSE); + FlushHobVariableToFlash (VariableName, VendorGuid); } + goto Done; } // // Four steps @@ -2211,32 +2246,28 @@ UpdateVariable ( if ((UINT32) (VarSize + mVariableModuleGlobal->VolatileLastVariableOffset) > ((VARIABLE_STORE_HEADER *) ((UINTN) (mVariableModuleGlobal->VariableGlobal.VolatileVariableBase)))->Size) { // - // Perform garbage collection & reclaim operation. + // Perform garbage collection & reclaim operation, and integrate the new variable at the same time. // Status = Reclaim ( mVariableModuleGlobal->VariableGlobal.VolatileVariableBase, &mVariableModuleGlobal->VolatileLastVariableOffset, TRUE, Variable, - FALSE, + NextVariable, + HEADER_ALIGN (VarSize), FALSE ); - if (EFI_ERROR (Status)) { - goto Done; - } - // - // If still no enough space, return out of resources. - // - if ((UINT32) (VarSize + mVariableModuleGlobal->VolatileLastVariableOffset) > - ((VARIABLE_STORE_HEADER *) ((UINTN) (mVariableModuleGlobal->VariableGlobal.VolatileVariableBase)))->Size - ) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } - if (Variable->CurrPtr != NULL) { - CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr)); - CacheVariable->InDeletedTransitionPtr = NULL; + if (!EFI_ERROR (Status)) { + // + // The new variable has been integrated successfully during reclaiming. + // + if (Variable->CurrPtr != NULL) { + CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr)); + CacheVariable->InDeletedTransitionPtr = NULL; + } + UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE, FALSE, FALSE); } + goto Done; } NextVariable->State = VAR_ADDED; @@ -2981,6 +3012,15 @@ Done: InterlockedDecrement (&mVariableModuleGlobal->VariableGlobal.ReentrantState); ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock); + if (!AtRuntime ()) { + if (!EFI_ERROR (Status)) { + SecureBootHook ( + VariableName, + VendorGuid + ); + } + } + return Status; } @@ -3184,7 +3224,8 @@ ReclaimForOS( &mVariableModuleGlobal->NonVolatileLastVariableOffset, FALSE, NULL, - FALSE, + NULL, + 0, FALSE ); ASSERT_EFI_ERROR (Status); @@ -3455,8 +3496,9 @@ VariableWriteServiceInitialize ( &mVariableModuleGlobal->NonVolatileLastVariableOffset, FALSE, NULL, - FALSE, - TRUE + NULL, + 0, + FALSE ); if (EFI_ERROR (Status)) { return Status;