--- /dev/null
+/** @file -- VariablePolicyHelperLib.h\r
+This library contains helper functions for marshalling and registering\r
+new policies with the VariablePolicy infrastructure.\r
+\r
+Copyright (c) Microsoft Corporation.\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
+\r
+**/\r
+\r
+#ifndef _EDKII_VARIABLE_POLICY_HELPER_LIB_H_\r
+#define _EDKII_VARIABLE_POLICY_HELPER_LIB_H_\r
+\r
+#include <Protocol/VariablePolicy.h>\r
+\r
+/**\r
+ This helper function will allocate and populate a new VariablePolicy\r
+ structure for a policy that does not contain any sub-structures (such as\r
+ VARIABLE_LOCK_ON_VAR_STATE_POLICY).\r
+\r
+ NOTE: Caller will need to free structure once finished.\r
+\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] LockPolicyType LockPolicyType for the VariablePolicy.\r
+ @param[out] NewEntry If successful, will be set to a pointer to the allocated buffer containing the\r
+ new policy.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully and structure is populated.\r
+ @retval EFI_INVALID_PARAMETER Namespace is NULL.\r
+ @retval EFI_INVALID_PARAMETER LockPolicyType is invalid for a basic structure.\r
+ @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in UINT16 size.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space for structure.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+CreateBasicVariablePolicy (\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN UINT8 LockPolicyType,\r
+ OUT VARIABLE_POLICY_ENTRY **NewEntry\r
+ );\r
+\r
+\r
+/**\r
+ This helper function will allocate and populate a new VariablePolicy\r
+ structure for a policy with a lock type of VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE.\r
+\r
+ NOTE: Caller will need to free structure once finished.\r
+\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Namespace.\r
+ @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Value.\r
+ @param[in] VarStateName Pointer to the CHAR16 array for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Name.\r
+ @param[out] NewEntry If successful, will be set to a pointer to the allocated buffer containing the\r
+ new policy.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully and structure is populated.\r
+ @retval EFI_INVALID_PARAMETER Namespace, VarStateNamespace, VarStateName is NULL.\r
+ @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in UINT16 size.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space for structure.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+CreateVarStateVariablePolicy (\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN CONST EFI_GUID *VarStateNamespace,\r
+ IN UINT8 VarStateValue,\r
+ IN CONST CHAR16 *VarStateName,\r
+ OUT VARIABLE_POLICY_ENTRY **NewEntry\r
+ );\r
+\r
+\r
+/**\r
+ This helper function does everything that CreateBasicVariablePolicy() does, but also\r
+ uses the passed in protocol to register the policy with the infrastructure.\r
+ Does not return a buffer, does not require the caller to free anything.\r
+\r
+ @param[in] VariablePolicy Pointer to a valid instance of the VariablePolicy protocol.\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] LockPolicyType LockPolicyType for the VariablePolicy.\r
+\r
+ @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL.\r
+ @retval EFI_STATUS Status returned by CreateBasicVariablePolicy() or RegisterVariablePolicy().\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+RegisterBasicVariablePolicy (\r
+ IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy,\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN UINT8 LockPolicyType\r
+ );\r
+\r
+\r
+/**\r
+ This helper function does everything that CreateBasicVariablePolicy() does, but also\r
+ uses the passed in protocol to register the policy with the infrastructure.\r
+ Does not return a buffer, does not require the caller to free anything.\r
+\r
+ @param[in] VariablePolicy Pointer to a valid instance of the VariablePolicy protocol.\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Namespace.\r
+ @param[in] VarStateName Pointer to the CHAR16 array for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Name.\r
+ @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Value.\r
+\r
+ @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL.\r
+ @retval EFI_STATUS Status returned by CreateBasicVariablePolicy() or RegisterVariablePolicy().\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+RegisterVarStateVariablePolicy (\r
+ IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy,\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN CONST EFI_GUID *VarStateNamespace,\r
+ IN CONST CHAR16 *VarStateName,\r
+ IN UINT8 VarStateValue\r
+ );\r
+\r
+#endif // _EDKII_VARIABLE_POLICY_HELPER_LIB_H_\r
--- /dev/null
+/** @file -- VariablePolicyHelperLib.c\r
+This library contains helper functions for marshalling and registering\r
+new policies with the VariablePolicy infrastructure.\r
+\r
+This library is currently written against VariablePolicy revision 0x00010000.\r
+\r
+Copyright (c) Microsoft Corporation.\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
+\r
+**/\r
+\r
+#include <Uefi.h>\r
+\r
+#include <Library/BaseLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/MemoryAllocationLib.h>\r
+\r
+#include <Protocol/VariablePolicy.h>\r
+\r
+/**\r
+ This internal helper function populates the header structure,\r
+ all common fields, and takes care of fix-ups.\r
+\r
+ NOTE: Only use this internally. Assumes correctly-sized buffers.\r
+\r
+ @param[out] EntPtr Pointer to the buffer to be populated.\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] LockPolicyType LockPolicyType for the VariablePolicy.\r
+\r
+**/\r
+STATIC\r
+VOID\r
+PopulateCommonData (\r
+ OUT VARIABLE_POLICY_ENTRY *EntPtr,\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN UINT8 LockPolicyType\r
+ )\r
+{\r
+ EntPtr->Version = VARIABLE_POLICY_ENTRY_REVISION;\r
+ CopyGuid( &EntPtr->Namespace, Namespace );\r
+ EntPtr->MinSize = MinSize;\r
+ EntPtr->MaxSize = MaxSize;\r
+ EntPtr->AttributesMustHave = AttributesMustHave;\r
+ EntPtr->AttributesCantHave = AttributesCantHave;\r
+ EntPtr->LockPolicyType = LockPolicyType;\r
+\r
+ // NOTE: As a heler, fix up MaxSize for compatibility with the old model.\r
+ if (EntPtr->MaxSize == 0) {\r
+ EntPtr->MaxSize = VARIABLE_POLICY_NO_MAX_SIZE;\r
+ }\r
+\r
+ return;\r
+}\r
+\r
+\r
+/**\r
+ This helper function will allocate and populate a new VariablePolicy\r
+ structure for a policy that does not contain any sub-structures (such as\r
+ VARIABLE_LOCK_ON_VAR_STATE_POLICY).\r
+\r
+ NOTE: Caller will need to free structure once finished.\r
+\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] LockPolicyType LockPolicyType for the VariablePolicy.\r
+ @param[out] NewEntry If successful, will be set to a pointer to the allocated buffer containing the\r
+ new policy.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully and structure is populated.\r
+ @retval EFI_INVALID_PARAMETER Namespace is NULL.\r
+ @retval EFI_INVALID_PARAMETER LockPolicyType is invalid for a basic structure.\r
+ @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in UINT16 size.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space for structure.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+CreateBasicVariablePolicy (\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN UINT8 LockPolicyType,\r
+ OUT VARIABLE_POLICY_ENTRY **NewEntry\r
+ )\r
+{\r
+ UINTN TotalSize;\r
+ UINTN NameSize;\r
+ VARIABLE_POLICY_ENTRY *EntPtr;\r
+ CHAR16 *CopyName;\r
+\r
+ // Check some initial invalid parameters for this function.\r
+ if (Namespace == NULL || NewEntry == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ if (LockPolicyType != VARIABLE_POLICY_TYPE_NO_LOCK &&\r
+ LockPolicyType != VARIABLE_POLICY_TYPE_LOCK_NOW &&\r
+ LockPolicyType != VARIABLE_POLICY_TYPE_LOCK_ON_CREATE) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ // Now we've gotta determine the total size of the buffer required for\r
+ // the VariablePolicy structure.\r
+ TotalSize = sizeof( VARIABLE_POLICY_ENTRY );\r
+ if (Name != NULL) {\r
+ NameSize = StrnSizeS( Name, MAX_UINT16 );\r
+ TotalSize += NameSize;\r
+ }\r
+ // Make sure the size fits within a VARIABLE_POLICY_ENTRY.Size.\r
+ ASSERT( TotalSize <= MAX_UINT16 );\r
+ if (TotalSize > MAX_UINT16) {\r
+ return EFI_BUFFER_TOO_SMALL;\r
+ }\r
+\r
+ // Allocate a buffer to hold all the data. We're on the home stretch.\r
+ *NewEntry = AllocatePool( TotalSize );\r
+ if (*NewEntry == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ // If we're still here, we're basically done.\r
+ // Copy the data and GET... OUT....\r
+ EntPtr = *NewEntry;\r
+ PopulateCommonData ( EntPtr,\r
+ Namespace,\r
+ MinSize,\r
+ MaxSize,\r
+ AttributesMustHave,\r
+ AttributesCantHave,\r
+ LockPolicyType );\r
+ EntPtr->Size = (UINT16)TotalSize; // This is safe because we've already checked.\r
+ EntPtr->OffsetToName = sizeof(VARIABLE_POLICY_ENTRY);\r
+ if (Name != NULL) {\r
+ CopyName = (CHAR16*)((UINT8*)EntPtr + EntPtr->OffsetToName);\r
+ CopyMem( CopyName, Name, NameSize );\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+\r
+/**\r
+ This helper function will allocate and populate a new VariablePolicy\r
+ structure for a policy with a lock type of VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE.\r
+\r
+ NOTE: Caller will need to free structure once finished.\r
+\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Namespace.\r
+ @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Value.\r
+ @param[in] VarStateName Pointer to the CHAR16 array for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Name.\r
+ @param[out] NewEntry If successful, will be set to a pointer to the allocated buffer containing the\r
+ new policy.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully and structure is populated.\r
+ @retval EFI_INVALID_PARAMETER Namespace, VarStateNamespace, VarStateName is NULL.\r
+ @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in UINT16 size.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space for structure.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+CreateVarStateVariablePolicy (\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN CONST EFI_GUID *VarStateNamespace,\r
+ IN UINT8 VarStateValue,\r
+ IN CONST CHAR16 *VarStateName,\r
+ OUT VARIABLE_POLICY_ENTRY **NewEntry\r
+ )\r
+{\r
+ UINTN TotalSize;\r
+ UINTN NameSize;\r
+ UINTN VarStateNameSize;\r
+ VARIABLE_POLICY_ENTRY *EntPtr;\r
+ CHAR16 *CopyName;\r
+ VARIABLE_LOCK_ON_VAR_STATE_POLICY *CopyPolicy;\r
+\r
+ // Check some initial invalid parameters for this function.\r
+ if (Namespace == NULL || VarStateNamespace == NULL ||\r
+ VarStateName == NULL || NewEntry == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ // Now we've gotta determine the total size of the buffer required for\r
+ // the VariablePolicy structure.\r
+ VarStateNameSize = StrnSizeS( VarStateName, MAX_UINT16 );\r
+ TotalSize = sizeof( VARIABLE_POLICY_ENTRY ) +\r
+ sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) +\r
+ VarStateNameSize;\r
+ if (Name != NULL) {\r
+ NameSize = StrnSizeS( Name, MAX_UINT16 );\r
+ TotalSize += NameSize;\r
+ }\r
+ // Make sure the size fits within a VARIABLE_POLICY_ENTRY.Size.\r
+ ASSERT( TotalSize <= MAX_UINT16 );\r
+ if (TotalSize > MAX_UINT16) {\r
+ return EFI_BUFFER_TOO_SMALL;\r
+ }\r
+\r
+ // Allocate a buffer to hold all the data. We're on the home stretch.\r
+ *NewEntry = AllocatePool( TotalSize );\r
+ if (*NewEntry == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ // If we're still here, we're basically done.\r
+ // Copy the data and GET... OUT....\r
+ EntPtr = *NewEntry;\r
+ PopulateCommonData ( EntPtr,\r
+ Namespace,\r
+ MinSize,\r
+ MaxSize,\r
+ AttributesMustHave,\r
+ AttributesCantHave,\r
+ VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE );\r
+ EntPtr->Size = (UINT16)TotalSize; // This is safe because we've already checked.\r
+ EntPtr->OffsetToName = sizeof(VARIABLE_POLICY_ENTRY) +\r
+ sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) +\r
+ (UINT16)VarStateNameSize;\r
+\r
+ CopyPolicy = (VARIABLE_LOCK_ON_VAR_STATE_POLICY*)((UINT8*)EntPtr + sizeof(VARIABLE_POLICY_ENTRY));\r
+ CopyName = (CHAR16*)((UINT8*)CopyPolicy + sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY));\r
+ CopyGuid( &CopyPolicy->Namespace, VarStateNamespace );\r
+ CopyPolicy->Value = VarStateValue;\r
+ CopyMem( CopyName, VarStateName, VarStateNameSize );\r
+\r
+ if (Name != NULL) {\r
+ CopyName = (CHAR16*)((UINT8*)EntPtr + EntPtr->OffsetToName);\r
+ CopyMem( CopyName, Name, NameSize );\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+\r
+/**\r
+ This helper function does everything that CreateBasicVariablePolicy() does, but also\r
+ uses the passed in protocol to register the policy with the infrastructure.\r
+ Does not return a buffer, does not require the caller to free anything.\r
+\r
+ @param[in] VariablePolicy Pointer to a valid instance of the VariablePolicy protocol.\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] LockPolicyType LockPolicyType for the VariablePolicy.\r
+\r
+ @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL.\r
+ @retval EFI_STATUS Status returned by CreateBasicVariablePolicy() or RegisterVariablePolicy().\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+RegisterBasicVariablePolicy (\r
+ IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy,\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN UINT8 LockPolicyType\r
+ )\r
+{\r
+ VARIABLE_POLICY_ENTRY *NewEntry;\r
+ EFI_STATUS Status;\r
+\r
+ // Check the simple things.\r
+ if (VariablePolicy == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ // Create the new entry and make sure that everything worked.\r
+ NewEntry = NULL;\r
+ Status = CreateBasicVariablePolicy( Namespace,\r
+ Name,\r
+ MinSize,\r
+ MaxSize,\r
+ AttributesMustHave,\r
+ AttributesCantHave,\r
+ LockPolicyType,\r
+ &NewEntry );\r
+\r
+ // If that was successful, attempt to register the new policy.\r
+ if (!EFI_ERROR( Status )) {\r
+ Status = VariablePolicy->RegisterVariablePolicy( NewEntry );\r
+ }\r
+\r
+ // If we allocated the buffer, free the buffer.\r
+ if (NewEntry != NULL) {\r
+ FreePool( NewEntry );\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+\r
+/**\r
+ This helper function does everything that CreateBasicVariablePolicy() does, but also\r
+ uses the passed in protocol to register the policy with the infrastructure.\r
+ Does not return a buffer, does not require the caller to free anything.\r
+\r
+ @param[in] VariablePolicy Pointer to a valid instance of the VariablePolicy protocol.\r
+ @param[in] Namespace Pointer to an EFI_GUID for the target variable namespace that this policy will protect.\r
+ @param[in] Name [Optional] If provided, a pointer to the CHAR16 array for the target variable name.\r
+ Otherwise, will create a policy that targets an entire namespace.\r
+ @param[in] MinSize MinSize for the VariablePolicy.\r
+ @param[in] MaxSize MaxSize for the VariablePolicy.\r
+ @param[in] AttributesMustHave AttributesMustHave for the VariablePolicy.\r
+ @param[in] AttributesCantHave AttributesCantHave for the VariablePolicy.\r
+ @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Namespace.\r
+ @param[in] VarStateName Pointer to the CHAR16 array for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Name.\r
+ @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STATE_POLICY.Value.\r
+\r
+ @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL.\r
+ @retval EFI_STATUS Status returned by CreateBasicVariablePolicy() or RegisterVariablePolicy().\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+RegisterVarStateVariablePolicy (\r
+ IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy,\r
+ IN CONST EFI_GUID *Namespace,\r
+ IN CONST CHAR16 *Name OPTIONAL,\r
+ IN UINT32 MinSize,\r
+ IN UINT32 MaxSize,\r
+ IN UINT32 AttributesMustHave,\r
+ IN UINT32 AttributesCantHave,\r
+ IN CONST EFI_GUID *VarStateNamespace,\r
+ IN CONST CHAR16 *VarStateName,\r
+ IN UINT8 VarStateValue\r
+ )\r
+{\r
+ VARIABLE_POLICY_ENTRY *NewEntry;\r
+ EFI_STATUS Status;\r
+\r
+ // Check the simple things.\r
+ if (VariablePolicy == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ // Create the new entry and make sure that everything worked.\r
+ NewEntry = NULL;\r
+ Status = CreateVarStateVariablePolicy( Namespace,\r
+ Name,\r
+ MinSize,\r
+ MaxSize,\r
+ AttributesMustHave,\r
+ AttributesCantHave,\r
+ VarStateNamespace,\r
+ VarStateValue,\r
+ VarStateName,\r
+ &NewEntry );\r
+\r
+ // If that was successful, attempt to register the new policy.\r
+ if (!EFI_ERROR( Status )) {\r
+ Status = VariablePolicy->RegisterVariablePolicy( NewEntry );\r
+ }\r
+\r
+ // If we allocated the buffer, free the buffer.\r
+ if (NewEntry != NULL) {\r
+ FreePool( NewEntry );\r
+ }\r
+\r
+ return Status;\r
+}\r