]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | Temporary location of the RequestToLock shim code while projects\r | |
3 | are moved to VariablePolicy. Should be removed when deprecated.\r | |
4 | \r | |
5 | Copyright (c) Microsoft Corporation.\r | |
6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
7 | \r | |
8 | **/\r | |
9 | \r | |
10 | #include <Uefi.h>\r | |
11 | #include <Library/DebugLib.h>\r | |
12 | #include <Library/MemoryAllocationLib.h>\r | |
13 | #include <Library/VariablePolicyLib.h>\r | |
14 | #include <Library/VariablePolicyHelperLib.h>\r | |
15 | #include <Protocol/VariableLock.h>\r | |
16 | \r | |
17 | /**\r | |
18 | DEPRECATED. THIS IS ONLY HERE AS A CONVENIENCE WHILE PORTING.\r | |
19 | Mark a variable that will become read-only after leaving the DXE phase of\r | |
20 | execution. Write request coming from SMM environment through\r | |
21 | EFI_SMM_VARIABLE_PROTOCOL is allowed.\r | |
22 | \r | |
23 | @param[in] This The VARIABLE_LOCK_PROTOCOL instance.\r | |
24 | @param[in] VariableName A pointer to the variable name that will be made\r | |
25 | read-only subsequently.\r | |
26 | @param[in] VendorGuid A pointer to the vendor GUID that will be made\r | |
27 | read-only subsequently.\r | |
28 | \r | |
29 | @retval EFI_SUCCESS The variable specified by the VariableName and\r | |
30 | the VendorGuid was marked as pending to be\r | |
31 | read-only.\r | |
32 | @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.\r | |
33 | Or VariableName is an empty string.\r | |
34 | @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or\r | |
35 | EFI_EVENT_GROUP_READY_TO_BOOT has already been\r | |
36 | signaled.\r | |
37 | @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock\r | |
38 | request.\r | |
39 | **/\r | |
40 | EFI_STATUS\r | |
41 | EFIAPI\r | |
42 | VariableLockRequestToLock (\r | |
43 | IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,\r | |
44 | IN CHAR16 *VariableName,\r | |
45 | IN EFI_GUID *VendorGuid\r | |
46 | )\r | |
47 | {\r | |
48 | EFI_STATUS Status;\r | |
49 | VARIABLE_POLICY_ENTRY *NewPolicy;\r | |
50 | \r | |
51 | DEBUG ((DEBUG_WARN, "!!! DEPRECATED INTERFACE !!! %a() will go away soon!\n", __FUNCTION__));\r | |
52 | DEBUG ((DEBUG_WARN, "!!! DEPRECATED INTERFACE !!! Please move to use Variable Policy!\n"));\r | |
53 | DEBUG ((DEBUG_WARN, "!!! DEPRECATED INTERFACE !!! Variable: %g %s\n", VendorGuid, VariableName));\r | |
54 | \r | |
55 | NewPolicy = NULL;\r | |
56 | Status = CreateBasicVariablePolicy(\r | |
57 | VendorGuid,\r | |
58 | VariableName,\r | |
59 | VARIABLE_POLICY_NO_MIN_SIZE,\r | |
60 | VARIABLE_POLICY_NO_MAX_SIZE,\r | |
61 | VARIABLE_POLICY_NO_MUST_ATTR,\r | |
62 | VARIABLE_POLICY_NO_CANT_ATTR,\r | |
63 | VARIABLE_POLICY_TYPE_LOCK_NOW,\r | |
64 | &NewPolicy\r | |
65 | );\r | |
66 | if (!EFI_ERROR( Status )) {\r | |
67 | Status = RegisterVariablePolicy (NewPolicy);\r | |
68 | \r | |
69 | //\r | |
70 | // If the error returned is EFI_ALREADY_STARTED, we need to check the\r | |
71 | // current database for the variable and see whether it's locked. If it's\r | |
72 | // locked, we're still fine, but also generate a DEBUG_WARN message so the\r | |
73 | // duplicate lock can be removed.\r | |
74 | //\r | |
75 | if (Status == EFI_ALREADY_STARTED) {\r | |
76 | Status = ValidateSetVariable (VariableName, VendorGuid, 0, 0, NULL);\r | |
77 | if (Status == EFI_WRITE_PROTECTED) {\r | |
78 | DEBUG ((DEBUG_WARN, " Variable: %g %s is already locked!\n", VendorGuid, VariableName));\r | |
79 | Status = EFI_SUCCESS;\r | |
80 | } else {\r | |
81 | DEBUG ((DEBUG_ERROR, " Variable: %g %s can not be locked!\n", VendorGuid, VariableName));\r | |
82 | Status = EFI_ACCESS_DENIED;\r | |
83 | }\r | |
84 | }\r | |
85 | }\r | |
86 | if (EFI_ERROR (Status)) {\r | |
87 | DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTION__, VariableName, Status ));\r | |
88 | }\r | |
89 | if (NewPolicy != NULL) {\r | |
90 | FreePool( NewPolicy );\r | |
91 | }\r | |
92 | \r | |
93 | return Status;\r | |
94 | }\r |