]> git.proxmox.com Git - mirror_edk2.git/blob - MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
projects / mirror_edk2.git / blob
? search:


d5c409c914d151442b03edcb0f6141a5552b4f08
[mirror_edk2.git] / MdeModulePkg / Universal / Variable / RuntimeDxe / VariableDxe.c
1 /** @file
2 Implement all four UEFI Runtime Variable services for the nonvolatile
3 and volatile storage space and install variable architecture protocol.
4
5 Copyright (C) 2013, Red Hat, Inc.
6 Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
7 (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>
8 Copyright (c) Microsoft Corporation.
9 SPDX-License-Identifier: BSD-2-Clause-Patent
10
11 **/
12
13 #include "Variable.h"
14
15 #include <Protocol/VariablePolicy.h>
16 #include <Library/VariablePolicyLib.h>
17
18 EFI_STATUS
19 EFIAPI
20 ProtocolIsVariablePolicyEnabled (
21 OUT BOOLEAN *State
22 );
23
24 EFI_HANDLE mHandle = NULL;
25 EFI_EVENT mVirtualAddressChangeEvent = NULL;
26 VOID *mFtwRegistration = NULL;
27 VOID ***mVarCheckAddressPointer = NULL;
28 UINTN mVarCheckAddressPointerCount = 0;
29 EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock = { VariableLockRequestToLock };
30 EDKII_VARIABLE_POLICY_PROTOCOL mVariablePolicyProtocol = {
31 EDKII_VARIABLE_POLICY_PROTOCOL_REVISION,
32 DisableVariablePolicy,
33 ProtocolIsVariablePolicyEnabled,
34 RegisterVariablePolicy,
35 DumpVariablePolicy,
36 LockVariablePolicy
37 };
38 EDKII_VAR_CHECK_PROTOCOL mVarCheck = {
39 VarCheckRegisterSetVariableCheckHandler,
40 VarCheckVariablePropertySet,
41 VarCheckVariablePropertyGet
42 };
43
44 /**
45 Some Secure Boot Policy Variable may update following other variable changes(SecureBoot follows PK change, etc).
46 Record their initial State when variable write service is ready.
47
48 **/
49 VOID
50 EFIAPI
51 RecordSecureBootPolicyVarData (
52 VOID
53 );
54
55 /**
56 Return TRUE if ExitBootServices () has been called.
57
58 @retval TRUE If ExitBootServices () has been called.
59 **/
60 BOOLEAN
61 AtRuntime (
62 VOID
63 )
64 {
65 return EfiAtRuntime ();
66 }
67
68 /**
69 Initializes a basic mutual exclusion lock.
70
71 This function initializes a basic mutual exclusion lock to the released state
72 and returns the lock. Each lock provides mutual exclusion access at its task
73 priority level. Since there is no preemption or multiprocessor support in EFI,
74 acquiring the lock only consists of raising to the locks TPL.
75 If Lock is NULL, then ASSERT().
76 If Priority is not a valid TPL value, then ASSERT().
77
78 @param Lock A pointer to the lock data structure to initialize.
79 @param Priority EFI TPL is associated with the lock.
80
81 @return The lock.
82
83 **/
84 EFI_LOCK *
85 InitializeLock (
86 IN OUT EFI_LOCK *Lock,
87 IN EFI_TPL Priority
88 )
89 {
90 return EfiInitializeLock (Lock, Priority);
91 }
92
93 /**
94 Acquires lock only at boot time. Simply returns at runtime.
95
96 This is a temperary function that will be removed when
97 EfiAcquireLock() in UefiLib can handle the call in UEFI
98 Runtimer driver in RT phase.
99 It calls EfiAcquireLock() at boot time, and simply returns
100 at runtime.
101
102 @param Lock A pointer to the lock to acquire.
103
104 **/
105 VOID
106 AcquireLockOnlyAtBootTime (
107 IN EFI_LOCK *Lock
108 )
109 {
110 if (!AtRuntime ()) {
111 EfiAcquireLock (Lock);
112 }
113 }
114
115 /**
116 Releases lock only at boot time. Simply returns at runtime.
117
118 This is a temperary function which will be removed when
119 EfiReleaseLock() in UefiLib can handle the call in UEFI
120 Runtimer driver in RT phase.
121 It calls EfiReleaseLock() at boot time and simply returns
122 at runtime.
123
124 @param Lock A pointer to the lock to release.
125
126 **/
127 VOID
128 ReleaseLockOnlyAtBootTime (
129 IN EFI_LOCK *Lock
130 )
131 {
132 if (!AtRuntime ()) {
133 EfiReleaseLock (Lock);
134 }
135 }
136
137 /**
138 Retrieve the Fault Tolerent Write protocol interface.
139
140 @param[out] FtwProtocol The interface of Ftw protocol
141
142 @retval EFI_SUCCESS The FTW protocol instance was found and returned in FtwProtocol.
143 @retval EFI_NOT_FOUND The FTW protocol instance was not found.
144 @retval EFI_INVALID_PARAMETER SarProtocol is NULL.
145
146 **/
147 EFI_STATUS
148 GetFtwProtocol (
149 OUT VOID **FtwProtocol
150 )
151 {
152 EFI_STATUS Status;
153
154 //
155 // Locate Fault Tolerent Write protocol
156 //
157 Status = gBS->LocateProtocol (
158 &gEfiFaultTolerantWriteProtocolGuid,
159 NULL,
160 FtwProtocol
161 );
162 return Status;
163 }
164
165 /**
166 Retrieve the FVB protocol interface by HANDLE.
167
168 @param[in] FvBlockHandle The handle of FVB protocol that provides services for
169 reading, writing, and erasing the target block.
170 @param[out] FvBlock The interface of FVB protocol
171
172 @retval EFI_SUCCESS The interface information for the specified protocol was returned.
173 @retval EFI_UNSUPPORTED The device does not support the FVB protocol.
174 @retval EFI_INVALID_PARAMETER FvBlockHandle is not a valid EFI_HANDLE or FvBlock is NULL.
175
176 **/
177 EFI_STATUS
178 GetFvbByHandle (
179 IN EFI_HANDLE FvBlockHandle,
180 OUT EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL **FvBlock
181 )
182 {
183 //
184 // To get the FVB protocol interface on the handle
185 //
186 return gBS->HandleProtocol (
187 FvBlockHandle,
188 &gEfiFirmwareVolumeBlockProtocolGuid,
189 (VOID **)FvBlock
190 );
191 }
192
193 /**
194 Function returns an array of handles that support the FVB protocol
195 in a buffer allocated from pool.
196
197 @param[out] NumberHandles The number of handles returned in Buffer.
198 @param[out] Buffer A pointer to the buffer to return the requested
199 array of handles that support FVB protocol.
200
201 @retval EFI_SUCCESS The array of handles was returned in Buffer, and the number of
202 handles in Buffer was returned in NumberHandles.
203 @retval EFI_NOT_FOUND No FVB handle was found.
204 @retval EFI_OUT_OF_RESOURCES There is not enough pool memory to store the matching results.
205 @retval EFI_INVALID_PARAMETER NumberHandles is NULL or Buffer is NULL.
206
207 **/
208 EFI_STATUS
209 GetFvbCountAndBuffer (
210 OUT UINTN *NumberHandles,
211 OUT EFI_HANDLE **Buffer
212 )
213 {
214 EFI_STATUS Status;
215
216 //
217 // Locate all handles of Fvb protocol
218 //
219 Status = gBS->LocateHandleBuffer (
220 ByProtocol,
221 &gEfiFirmwareVolumeBlockProtocolGuid,
222 NULL,
223 NumberHandles,
224 Buffer
225 );
226 return Status;
227 }
228
229 /**
230 Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
231
232 This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
233 It convers pointer to new virtual address.
234
235 @param Event Event whose notification function is being invoked.
236 @param Context Pointer to the notification function's context.
237
238 **/
239 VOID
240 EFIAPI
241 VariableClassAddressChangeEvent (
242 IN EFI_EVENT Event,
243 IN VOID *Context
244 )
245 {
246 UINTN Index;
247
248 if (mVariableModuleGlobal->FvbInstance != NULL) {
249 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance->GetBlockSize);
250 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance->GetPhysicalAddress);
251 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance->GetAttributes);
252 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance->SetAttributes);
253 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance->Read);
254 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance->Write);
255 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance->EraseBlocks);
256 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->FvbInstance);
257 }
258
259 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->PlatformLangCodes);
260 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->LangCodes);
261 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->PlatformLang);
262 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase);
263 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->VariableGlobal.VolatileVariableBase);
264 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal->VariableGlobal.HobVariableBase);
265 EfiConvertPointer (0x0, (VOID **)&mVariableModuleGlobal);
266 EfiConvertPointer (0x0, (VOID **)&mNvVariableCache);
267 EfiConvertPointer (0x0, (VOID **)&mNvFvHeaderCache);
268
269 if (mAuthContextOut.AddressPointer != NULL) {
270 for (Index = 0; Index < mAuthContextOut.AddressPointerCount; Index++) {
271 EfiConvertPointer (0x0, (VOID **)mAuthContextOut.AddressPointer[Index]);
272 }
273 }
274
275 if (mVarCheckAddressPointer != NULL) {
276 for (Index = 0; Index < mVarCheckAddressPointerCount; Index++) {
277 EfiConvertPointer (0x0, (VOID **)mVarCheckAddressPointer[Index]);
278 }
279 }
280 }
281
282 /**
283 Notification function of EVT_GROUP_READY_TO_BOOT event group.
284
285 This is a notification function registered on EVT_GROUP_READY_TO_BOOT event group.
286 When the Boot Manager is about to load and execute a boot option, it reclaims variable
287 storage if free size is below the threshold.
288
289 @param Event Event whose notification function is being invoked.
290 @param Context Pointer to the notification function's context.
291
292 **/
293 VOID
294 EFIAPI
295 OnReadyToBoot (
296 EFI_EVENT Event,
297 VOID *Context
298 )
299 {
300 EFI_STATUS Status;
301
302 if (!mEndOfDxe) {
303 MorLockInitAtEndOfDxe ();
304
305 Status = LockVariablePolicy ();
306 ASSERT_EFI_ERROR (Status);
307 //
308 // Set the End Of DXE bit in case the EFI_END_OF_DXE_EVENT_GROUP_GUID event is not signaled.
309 //
310 mEndOfDxe = TRUE;
311 mVarCheckAddressPointer = VarCheckLibInitializeAtEndOfDxe (&mVarCheckAddressPointerCount);
312 //
313 // The initialization for variable quota.
314 //
315 InitializeVariableQuota ();
316 }
317
318 ReclaimForOS ();
319 if (FeaturePcdGet (PcdVariableCollectStatistics)) {
320 if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
321 gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid, gVariableInfo);
322 } else {
323 gBS->InstallConfigurationTable (&gEfiVariableGuid, gVariableInfo);
324 }
325 }
326
327 gBS->CloseEvent (Event);
328 }
329
330 /**
331 Notification function of EFI_END_OF_DXE_EVENT_GROUP_GUID event group.
332
333 This is a notification function registered on EFI_END_OF_DXE_EVENT_GROUP_GUID event group.
334
335 @param Event Event whose notification function is being invoked.
336 @param Context Pointer to the notification function's context.
337
338 **/
339 VOID
340 EFIAPI
341 OnEndOfDxe (
342 EFI_EVENT Event,
343 VOID *Context
344 )
345 {
346 EFI_STATUS Status;
347
348 DEBUG ((DEBUG_INFO, "[Variable]END_OF_DXE is signaled\n"));
349 MorLockInitAtEndOfDxe ();
350 Status = LockVariablePolicy ();
351 ASSERT_EFI_ERROR (Status);
352 mEndOfDxe = TRUE;
353 mVarCheckAddressPointer = VarCheckLibInitializeAtEndOfDxe (&mVarCheckAddressPointerCount);
354 //
355 // The initialization for variable quota.
356 //
357 InitializeVariableQuota ();
358 if (PcdGetBool (PcdReclaimVariableSpaceAtEndOfDxe)) {
359 ReclaimForOS ();
360 }
361
362 gBS->CloseEvent (Event);
363 }
364
365 /**
366 Initializes variable write service for DXE.
367
368 **/
369 VOID
370 VariableWriteServiceInitializeDxe (
371 VOID
372 )
373 {
374 EFI_STATUS Status;
375
376 Status = VariableWriteServiceInitialize ();
377 if (EFI_ERROR (Status)) {
378 DEBUG ((DEBUG_ERROR, "Variable write service initialization failed. Status = %r\n", Status));
379 }
380
381 //
382 // Some Secure Boot Policy Var (SecureBoot, etc) updates following other
383 // Secure Boot Policy Variable change. Record their initial value.
384 //
385 RecordSecureBootPolicyVarData ();
386
387 //
388 // Install the Variable Write Architectural protocol.
389 //
390 Status = gBS->InstallProtocolInterface (
391 &mHandle,
392 &gEfiVariableWriteArchProtocolGuid,
393 EFI_NATIVE_INTERFACE,
394 NULL
395 );
396 ASSERT_EFI_ERROR (Status);
397 }
398
399 /**
400 Fault Tolerant Write protocol notification event handler.
401
402 Non-Volatile variable write may needs FTW protocol to reclaim when
403 writting variable.
404
405 @param[in] Event Event whose notification function is being invoked.
406 @param[in] Context Pointer to the notification function's context.
407
408 **/
409 VOID
410 EFIAPI
411 FtwNotificationEvent (
412 IN EFI_EVENT Event,
413 IN VOID *Context
414 )
415 {
416 EFI_STATUS Status;
417 EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol;
418 EFI_FAULT_TOLERANT_WRITE_PROTOCOL *FtwProtocol;
419 EFI_PHYSICAL_ADDRESS NvStorageVariableBase;
420 EFI_GCD_MEMORY_SPACE_DESCRIPTOR GcdDescriptor;
421 EFI_PHYSICAL_ADDRESS BaseAddress;
422 UINT64 Length;
423 EFI_PHYSICAL_ADDRESS VariableStoreBase;
424 UINT64 VariableStoreLength;
425 UINTN FtwMaxBlockSize;
426 UINT32 NvStorageVariableSize;
427 UINT64 NvStorageVariableSize64;
428
429 //
430 // Ensure FTW protocol is installed.
431 //
432 Status = GetFtwProtocol ((VOID **)&FtwProtocol);
433 if (EFI_ERROR (Status)) {
434 return;
435 }
436
437 Status = GetVariableFlashNvStorageInfo (&NvStorageVariableBase, &NvStorageVariableSize64);
438 ASSERT_EFI_ERROR (Status);
439
440 Status = SafeUint64ToUint32 (NvStorageVariableSize64, &NvStorageVariableSize);
441 // This driver currently assumes the size will be UINT32 so assert the value is safe for now.
442 ASSERT_EFI_ERROR (Status);
443
444 VariableStoreBase = NvStorageVariableBase + mNvFvHeaderCache->HeaderLength;
445
446 Status = FtwProtocol->GetMaxBlockSize (FtwProtocol, &FtwMaxBlockSize);
447 if (!EFI_ERROR (Status)) {
448 ASSERT (NvStorageVariableSize <= FtwMaxBlockSize);
449 }
450
451 //
452 // Let NonVolatileVariableBase point to flash variable store base directly after FTW ready.
453 //
454 mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase = VariableStoreBase;
455
456 //
457 // Find the proper FVB protocol for variable.
458 //
459 Status = GetFvbInfoByAddress (NvStorageVariableBase, NULL, &FvbProtocol);
460 if (EFI_ERROR (Status)) {
461 return;
462 }
463
464 mVariableModuleGlobal->FvbInstance = FvbProtocol;
465
466 //
467 // Mark the variable storage region of the FLASH as RUNTIME.
468 //
469 VariableStoreLength = mNvVariableCache->Size;
470 BaseAddress = VariableStoreBase & (~EFI_PAGE_MASK);
471 Length = VariableStoreLength + (VariableStoreBase - BaseAddress);
472 Length = (Length + EFI_PAGE_SIZE - 1) & (~EFI_PAGE_MASK);
473
474 Status = gDS->GetMemorySpaceDescriptor (BaseAddress, &GcdDescriptor);
475 if (EFI_ERROR (Status)) {
476 DEBUG ((DEBUG_WARN, "Variable driver failed to get flash memory attribute.\n"));
477 } else {
478 if ((GcdDescriptor.Attributes & EFI_MEMORY_RUNTIME) == 0) {
479 Status = gDS->SetMemorySpaceAttributes (
480 BaseAddress,
481 Length,
482 GcdDescriptor.Attributes | EFI_MEMORY_RUNTIME
483 );
484 if (EFI_ERROR (Status)) {
485 DEBUG ((DEBUG_WARN, "Variable driver failed to add EFI_MEMORY_RUNTIME attribute to Flash.\n"));
486 }
487 }
488 }
489
490 //
491 // Initializes variable write service after FTW was ready.
492 //
493 VariableWriteServiceInitializeDxe ();
494
495 //
496 // Close the notify event to avoid install gEfiVariableWriteArchProtocolGuid again.
497 //
498 gBS->CloseEvent (Event);
499 }
500
501 /**
502 This API function returns whether or not the policy engine is
503 currently being enforced.
504
505 @param[out] State Pointer to a return value for whether the policy enforcement
506 is currently enabled.
507
508 @retval EFI_SUCCESS
509 @retval Others An error has prevented this command from completing.
510
511 **/
512 EFI_STATUS
513 EFIAPI
514 ProtocolIsVariablePolicyEnabled (
515 OUT BOOLEAN *State
516 )
517 {
518 *State = IsVariablePolicyEnabled ();
519 return EFI_SUCCESS;
520 }
521
522 /**
523 Variable Driver main entry point. The Variable driver places the 4 EFI
524 runtime services in the EFI System Table and installs arch protocols
525 for variable read and write services being available. It also registers
526 a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
527
528 @param[in] ImageHandle The firmware allocated handle for the EFI image.
529 @param[in] SystemTable A pointer to the EFI System Table.
530
531 @retval EFI_SUCCESS Variable service successfully initialized.
532
533 **/
534 EFI_STATUS
535 EFIAPI
536 VariableServiceInitialize (
537 IN EFI_HANDLE ImageHandle,
538 IN EFI_SYSTEM_TABLE *SystemTable
539 )
540 {
541 EFI_STATUS Status;
542 EFI_EVENT ReadyToBootEvent;
543 EFI_EVENT EndOfDxeEvent;
544
545 Status = VariableCommonInitialize ();
546 ASSERT_EFI_ERROR (Status);
547
548 Status = gBS->InstallMultipleProtocolInterfaces (
549 &mHandle,
550 &gEdkiiVariableLockProtocolGuid,
551 &mVariableLock,
552 NULL
553 );
554 ASSERT_EFI_ERROR (Status);
555
556 Status = gBS->InstallMultipleProtocolInterfaces (
557 &mHandle,
558 &gEdkiiVarCheckProtocolGuid,
559 &mVarCheck,
560 NULL
561 );
562 ASSERT_EFI_ERROR (Status);
563
564 SystemTable->RuntimeServices->GetVariable = VariableServiceGetVariable;
565 SystemTable->RuntimeServices->GetNextVariableName = VariableServiceGetNextVariableName;
566 SystemTable->RuntimeServices->SetVariable = VariableServiceSetVariable;
567 SystemTable->RuntimeServices->QueryVariableInfo = VariableServiceQueryVariableInfo;
568
569 //
570 // Now install the Variable Runtime Architectural protocol on a new handle.
571 //
572 Status = gBS->InstallProtocolInterface (
573 &mHandle,
574 &gEfiVariableArchProtocolGuid,
575 EFI_NATIVE_INTERFACE,
576 NULL
577 );
578 ASSERT_EFI_ERROR (Status);
579
580 if (!PcdGetBool (PcdEmuVariableNvModeEnable)) {
581 //
582 // Register FtwNotificationEvent () notify function.
583 //
584 EfiCreateProtocolNotifyEvent (
585 &gEfiFaultTolerantWriteProtocolGuid,
586 TPL_CALLBACK,
587 FtwNotificationEvent,
588 (VOID *)SystemTable,
589 &mFtwRegistration
590 );
591 } else {
592 //
593 // Emulated non-volatile variable mode does not depend on FVB and FTW.
594 //
595 VariableWriteServiceInitializeDxe ();
596 }
597
598 Status = gBS->CreateEventEx (
599 EVT_NOTIFY_SIGNAL,
600 TPL_NOTIFY,
601 VariableClassAddressChangeEvent,
602 NULL,
603 &gEfiEventVirtualAddressChangeGuid,
604 &mVirtualAddressChangeEvent
605 );
606 ASSERT_EFI_ERROR (Status);
607
608 //
609 // Register the event handling function to reclaim variable for OS usage.
610 //
611 Status = EfiCreateEventReadyToBootEx (
612 TPL_NOTIFY,
613 OnReadyToBoot,
614 NULL,
615 &ReadyToBootEvent
616 );
617 ASSERT_EFI_ERROR (Status);
618
619 //
620 // Register the event handling function to set the End Of DXE flag.
621 //
622 Status = gBS->CreateEventEx (
623 EVT_NOTIFY_SIGNAL,
624 TPL_CALLBACK,
625 OnEndOfDxe,
626 NULL,
627 &gEfiEndOfDxeEventGroupGuid,
628 &EndOfDxeEvent
629 );
630 ASSERT_EFI_ERROR (Status);
631
632 // Register and initialize the VariablePolicy engine.
633 Status = InitVariablePolicyLib (VariableServiceGetVariable);
634 ASSERT_EFI_ERROR (Status);
635 Status = VarCheckRegisterSetVariableCheckHandler (ValidateSetVariable);
636 ASSERT_EFI_ERROR (Status);
637 Status = gBS->InstallMultipleProtocolInterfaces (
638 &mHandle,
639 &gEdkiiVariablePolicyProtocolGuid,
640 &mVariablePolicyProtocol,
641 NULL
642 );
643 ASSERT_EFI_ERROR (Status);
644
645 return EFI_SUCCESS;
646 }
EFI Development Kit II mirror for PVE