2 Temporary location of the RequestToLock shim code while projects
3 are moved to VariablePolicy. Should be removed when deprecated.
5 Copyright (c) Microsoft Corporation.
6 SPDX-License-Identifier: BSD-2-Clause-Patent
11 #include <Library/DebugLib.h>
12 #include <Library/MemoryAllocationLib.h>
13 #include <Library/VariablePolicyLib.h>
14 #include <Library/VariablePolicyHelperLib.h>
15 #include <Protocol/VariableLock.h>
18 DEPRECATED. THIS IS ONLY HERE AS A CONVENIENCE WHILE PORTING.
19 Mark a variable that will become read-only after leaving the DXE phase of
20 execution. Write request coming from SMM environment through
21 EFI_SMM_VARIABLE_PROTOCOL is allowed.
23 @param[in] This The VARIABLE_LOCK_PROTOCOL instance.
24 @param[in] VariableName A pointer to the variable name that will be made
25 read-only subsequently.
26 @param[in] VendorGuid A pointer to the vendor GUID that will be made
27 read-only subsequently.
29 @retval EFI_SUCCESS The variable specified by the VariableName and
30 the VendorGuid was marked as pending to be
32 @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
33 Or VariableName is an empty string.
34 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or
35 EFI_EVENT_GROUP_READY_TO_BOOT has already been
37 @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock
42 VariableLockRequestToLock (
43 IN CONST EDKII_VARIABLE_LOCK_PROTOCOL
*This
,
44 IN CHAR16
*VariableName
,
45 IN EFI_GUID
*VendorGuid
49 VARIABLE_POLICY_ENTRY
*NewPolicy
;
51 DEBUG ((DEBUG_WARN
, "!!! DEPRECATED INTERFACE !!! %a() will go away soon!\n", __FUNCTION__
));
52 DEBUG ((DEBUG_WARN
, "!!! DEPRECATED INTERFACE !!! Please move to use Variable Policy!\n"));
53 DEBUG ((DEBUG_WARN
, "!!! DEPRECATED INTERFACE !!! Variable: %g %s\n", VendorGuid
, VariableName
));
56 Status
= CreateBasicVariablePolicy(
59 VARIABLE_POLICY_NO_MIN_SIZE
,
60 VARIABLE_POLICY_NO_MAX_SIZE
,
61 VARIABLE_POLICY_NO_MUST_ATTR
,
62 VARIABLE_POLICY_NO_CANT_ATTR
,
63 VARIABLE_POLICY_TYPE_LOCK_NOW
,
66 if (!EFI_ERROR( Status
)) {
67 Status
= RegisterVariablePolicy (NewPolicy
);
70 // If the error returned is EFI_ALREADY_STARTED, we need to check the
71 // current database for the variable and see whether it's locked. If it's
72 // locked, we're still fine, but also generate a DEBUG_WARN message so the
73 // duplicate lock can be removed.
75 if (Status
== EFI_ALREADY_STARTED
) {
76 Status
= ValidateSetVariable (VariableName
, VendorGuid
, 0, 0, NULL
);
77 if (Status
== EFI_WRITE_PROTECTED
) {
78 DEBUG ((DEBUG_WARN
, " Variable: %g %s is already locked!\n", VendorGuid
, VariableName
));
81 DEBUG ((DEBUG_ERROR
, " Variable: %g %s can not be locked!\n", VendorGuid
, VariableName
));
82 Status
= EFI_ACCESS_DENIED
;
86 if (EFI_ERROR (Status
)) {
87 DEBUG(( DEBUG_ERROR
, "%a - Failed to lock variable %s! %r\n", __FUNCTION__
, VariableName
, Status
));
89 if (NewPolicy
!= NULL
) {
90 FreePool( NewPolicy
);