]>
Commit | Line | Data |
---|---|---|
a18a9bde BB |
1 | /** @file\r |
2 | Temporary location of the RequestToLock shim code while projects\r | |
3 | are moved to VariablePolicy. Should be removed when deprecated.\r | |
124b3f92 | 4 | \r |
a18a9bde BB |
5 | Copyright (c) Microsoft Corporation.\r |
6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
124b3f92 BB |
7 | \r |
8 | **/\r | |
9 | \r | |
10 | #include <Uefi.h>\r | |
124b3f92 BB |
11 | #include <Library/DebugLib.h>\r |
12 | #include <Library/MemoryAllocationLib.h>\r | |
124b3f92 BB |
13 | #include <Library/VariablePolicyLib.h>\r |
14 | #include <Library/VariablePolicyHelperLib.h>\r | |
a18a9bde | 15 | #include <Protocol/VariableLock.h>\r |
124b3f92 BB |
16 | \r |
17 | /**\r | |
18 | DEPRECATED. THIS IS ONLY HERE AS A CONVENIENCE WHILE PORTING.\r | |
a18a9bde BB |
19 | Mark a variable that will become read-only after leaving the DXE phase of\r |
20 | execution. Write request coming from SMM environment through\r | |
21 | EFI_SMM_VARIABLE_PROTOCOL is allowed.\r | |
124b3f92 BB |
22 | \r |
23 | @param[in] This The VARIABLE_LOCK_PROTOCOL instance.\r | |
a18a9bde BB |
24 | @param[in] VariableName A pointer to the variable name that will be made\r |
25 | read-only subsequently.\r | |
26 | @param[in] VendorGuid A pointer to the vendor GUID that will be made\r | |
27 | read-only subsequently.\r | |
124b3f92 | 28 | \r |
a18a9bde BB |
29 | @retval EFI_SUCCESS The variable specified by the VariableName and\r |
30 | the VendorGuid was marked as pending to be\r | |
31 | read-only.\r | |
124b3f92 BB |
32 | @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.\r |
33 | Or VariableName is an empty string.\r | |
a18a9bde BB |
34 | @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or\r |
35 | EFI_EVENT_GROUP_READY_TO_BOOT has already been\r | |
36 | signaled.\r | |
37 | @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock\r | |
38 | request.\r | |
124b3f92 BB |
39 | **/\r |
40 | EFI_STATUS\r | |
41 | EFIAPI\r | |
42 | VariableLockRequestToLock (\r | |
a18a9bde BB |
43 | IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,\r |
44 | IN CHAR16 *VariableName,\r | |
45 | IN EFI_GUID *VendorGuid\r | |
124b3f92 BB |
46 | )\r |
47 | {\r | |
a18a9bde BB |
48 | EFI_STATUS Status;\r |
49 | VARIABLE_POLICY_ENTRY *NewPolicy;\r | |
50 | \r | |
cfa6ffb1 LE |
51 | DEBUG ((DEBUG_WARN, "!!! DEPRECATED INTERFACE !!! %a() will go away soon!\n", __FUNCTION__));\r |
52 | DEBUG ((DEBUG_WARN, "!!! DEPRECATED INTERFACE !!! Please move to use Variable Policy!\n"));\r | |
53 | DEBUG ((DEBUG_WARN, "!!! DEPRECATED INTERFACE !!! Variable: %g %s\n", VendorGuid, VariableName));\r | |
124b3f92 BB |
54 | \r |
55 | NewPolicy = NULL;\r | |
a18a9bde BB |
56 | Status = CreateBasicVariablePolicy(\r |
57 | VendorGuid,\r | |
58 | VariableName,\r | |
59 | VARIABLE_POLICY_NO_MIN_SIZE,\r | |
60 | VARIABLE_POLICY_NO_MAX_SIZE,\r | |
61 | VARIABLE_POLICY_NO_MUST_ATTR,\r | |
62 | VARIABLE_POLICY_NO_CANT_ATTR,\r | |
63 | VARIABLE_POLICY_TYPE_LOCK_NOW,\r | |
64 | &NewPolicy\r | |
65 | );\r | |
124b3f92 | 66 | if (!EFI_ERROR( Status )) {\r |
a18a9bde BB |
67 | Status = RegisterVariablePolicy (NewPolicy);\r |
68 | \r | |
69 | //\r | |
70 | // If the error returned is EFI_ALREADY_STARTED, we need to check the\r | |
71 | // current database for the variable and see whether it's locked. If it's\r | |
cfa6ffb1 | 72 | // locked, we're still fine, but also generate a DEBUG_WARN message so the\r |
a18a9bde BB |
73 | // duplicate lock can be removed.\r |
74 | //\r | |
75 | if (Status == EFI_ALREADY_STARTED) {\r | |
76 | Status = ValidateSetVariable (VariableName, VendorGuid, 0, 0, NULL);\r | |
77 | if (Status == EFI_WRITE_PROTECTED) {\r | |
cfa6ffb1 | 78 | DEBUG ((DEBUG_WARN, " Variable: %g %s is already locked!\n", VendorGuid, VariableName));\r |
a18a9bde BB |
79 | Status = EFI_SUCCESS;\r |
80 | } else {\r | |
81 | DEBUG ((DEBUG_ERROR, " Variable: %g %s can not be locked!\n", VendorGuid, VariableName));\r | |
82 | Status = EFI_ACCESS_DENIED;\r | |
83 | }\r | |
84 | }\r | |
124b3f92 | 85 | }\r |
a18a9bde | 86 | if (EFI_ERROR (Status)) {\r |
124b3f92 | 87 | DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTION__, VariableName, Status ));\r |
124b3f92 BB |
88 | }\r |
89 | if (NewPolicy != NULL) {\r | |
90 | FreePool( NewPolicy );\r | |
91 | }\r | |
92 | \r | |
93 | return Status;\r | |
94 | }\r |