2 Implementation functions and structures for var check protocol.
4 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16 #include "AuthService.h"
17 #include <Library/DevicePathLib.h>
19 extern LIST_ENTRY mLockedVariableList
;
20 extern BOOLEAN mEndOfDxe
;
21 extern BOOLEAN mEnableLocking
;
23 #define VAR_CHECK_HANDLER_TABLE_SIZE 0x8
25 UINT32 mNumberOfHandler
= 0;
26 UINT32 mMaxNumberOfHandler
= 0;
27 VAR_CHECK_SET_VARIABLE_CHECK_HANDLER
*mHandlerTable
= NULL
;
32 VAR_CHECK_VARIABLE_PROPERTY VariableProperty
;
34 } VAR_CHECK_VARIABLE_ENTRY
;
36 LIST_ENTRY mVarCheckVariableList
= INITIALIZE_LIST_HEAD_VARIABLE (mVarCheckVariableList
);
40 (EFIAPI
*INTERNAL_VAR_CHECK_FUNCTION
) (
41 IN VAR_CHECK_VARIABLE_PROPERTY
*Propery
,
48 VAR_CHECK_VARIABLE_PROPERTY VariableProperty
;
49 INTERNAL_VAR_CHECK_FUNCTION CheckFunction
;
50 } UEFI_DEFINED_VARIABLE_ENTRY
;
53 Internal check for load option.
55 @param[in] VariablePropery Pointer to variable property.
56 @param[in] DataSize Data size.
57 @param[in] Data Pointer to data buffer.
59 @retval EFI_SUCCESS The SetVariable check result was success.
60 @retval EFI_INVALID_PARAMETER The data buffer is not a valid load option.
65 InternalVarCheckLoadOption (
66 IN VAR_CHECK_VARIABLE_PROPERTY
*VariablePropery
,
71 UINT16 FilePathListLength
;
73 EFI_DEVICE_PATH_PROTOCOL
*FilePathList
;
75 FilePathListLength
= *((UINT16
*) ((UINTN
) Data
+ sizeof (UINT32
)));
80 Description
= (CHAR16
*) ((UINTN
) Data
+ sizeof (UINT32
) + sizeof (UINT16
));
81 while (Description
< (CHAR16
*) ((UINTN
) Data
+ DataSize
)) {
82 if (*Description
== L
'\0') {
87 if ((UINTN
) Description
>= ((UINTN
) Data
+ DataSize
)) {
88 return EFI_INVALID_PARAMETER
;
95 FilePathList
= (EFI_DEVICE_PATH_PROTOCOL
*) Description
;
96 if ((UINTN
) FilePathList
> (MAX_ADDRESS
- FilePathListLength
)) {
97 return EFI_INVALID_PARAMETER
;
99 if (((UINTN
) FilePathList
+ FilePathListLength
) > ((UINTN
) Data
+ DataSize
)) {
100 return EFI_INVALID_PARAMETER
;
102 if (FilePathListLength
< sizeof (EFI_DEVICE_PATH_PROTOCOL
)) {
103 return EFI_INVALID_PARAMETER
;
105 if (!IsDevicePathValid (FilePathList
, FilePathListLength
)) {
106 return EFI_INVALID_PARAMETER
;
113 Internal check for key option.
115 @param[in] VariablePropery Pointer to variable property.
116 @param[in] DataSize Data size.
117 @param[in] Data Pointer to data buffer.
119 @retval EFI_SUCCESS The SetVariable check result was success.
120 @retval EFI_INVALID_PARAMETER The data buffer is not a valid key option.
125 InternalVarCheckKeyOption (
126 IN VAR_CHECK_VARIABLE_PROPERTY
*VariablePropery
,
131 if (((DataSize
- sizeof (EFI_KEY_OPTION
)) % sizeof (EFI_INPUT_KEY
)) != 0) {
132 return EFI_INVALID_PARAMETER
;
139 Internal check for device path.
141 @param[in] VariablePropery Pointer to variable property.
142 @param[in] DataSize Data size.
143 @param[in] Data Pointer to data buffer.
145 @retval EFI_SUCCESS The SetVariable check result was success.
146 @retval EFI_INVALID_PARAMETER The data buffer is not a valid device path.
151 InternalVarCheckDevicePath (
152 IN VAR_CHECK_VARIABLE_PROPERTY
*VariablePropery
,
157 if (!IsDevicePathValid ((EFI_DEVICE_PATH_PROTOCOL
*) Data
, DataSize
)) {
158 return EFI_INVALID_PARAMETER
;
164 Internal check for ASCII string.
166 @param[in] VariablePropery Pointer to variable property.
167 @param[in] DataSize Data size.
168 @param[in] Data Pointer to data buffer.
170 @retval EFI_SUCCESS The SetVariable check result was success.
171 @retval EFI_INVALID_PARAMETER The data buffer is not a Null-terminated ASCII string.
176 InternalVarCheckAsciiString (
177 IN VAR_CHECK_VARIABLE_PROPERTY
*VariablePropery
,
185 String
= (CHAR8
*) Data
;
186 if (String
[DataSize
- 1] == '\0') {
189 for (Index
= 1; Index
< DataSize
&& (String
[DataSize
- 1 - Index
] != '\0'); Index
++);
190 if (Index
== DataSize
) {
191 return EFI_INVALID_PARAMETER
;
198 Internal check for size array.
200 @param[in] VariablePropery Pointer to variable property.
201 @param[in] DataSize Data size.
202 @param[in] Data Pointer to data buffer.
204 @retval EFI_SUCCESS The SetVariable check result was success.
205 @retval EFI_INVALID_PARAMETER The DataSize is not size array.
210 InternalVarCheckSizeArray (
211 IN VAR_CHECK_VARIABLE_PROPERTY
*VariablePropery
,
216 if ((DataSize
% VariablePropery
->MinSize
) != 0) {
217 return EFI_INVALID_PARAMETER
;
223 // To prevent name collisions with possible future globally defined variables,
224 // other internal firmware data variables that are not defined here must be
225 // saved with a unique VendorGuid other than EFI_GLOBAL_VARIABLE or
226 // any other GUID defined by the UEFI Specification. Implementations must
227 // only permit the creation of variables with a UEFI Specification-defined
228 // VendorGuid when these variables are documented in the UEFI Specification.
230 UEFI_DEFINED_VARIABLE_ENTRY mGlobalVariableList
[] = {
232 EFI_LANG_CODES_VARIABLE_NAME
,
234 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
236 VARIABLE_ATTRIBUTE_BS_RT
,
240 InternalVarCheckAsciiString
243 EFI_LANG_VARIABLE_NAME
,
245 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
247 VARIABLE_ATTRIBUTE_NV_BS_RT
,
251 InternalVarCheckAsciiString
254 EFI_TIME_OUT_VARIABLE_NAME
,
256 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
258 VARIABLE_ATTRIBUTE_NV_BS_RT
,
265 EFI_PLATFORM_LANG_CODES_VARIABLE_NAME
,
267 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
269 VARIABLE_ATTRIBUTE_BS_RT
,
273 InternalVarCheckAsciiString
276 EFI_PLATFORM_LANG_VARIABLE_NAME
,
278 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
280 VARIABLE_ATTRIBUTE_NV_BS_RT
,
284 InternalVarCheckAsciiString
287 EFI_CON_IN_VARIABLE_NAME
,
289 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
291 VARIABLE_ATTRIBUTE_NV_BS_RT
,
292 sizeof (EFI_DEVICE_PATH_PROTOCOL
),
295 InternalVarCheckDevicePath
298 EFI_CON_OUT_VARIABLE_NAME
,
300 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
302 VARIABLE_ATTRIBUTE_NV_BS_RT
,
303 sizeof (EFI_DEVICE_PATH_PROTOCOL
),
306 InternalVarCheckDevicePath
309 EFI_ERR_OUT_VARIABLE_NAME
,
311 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
313 VARIABLE_ATTRIBUTE_NV_BS_RT
,
314 sizeof (EFI_DEVICE_PATH_PROTOCOL
),
317 InternalVarCheckDevicePath
320 EFI_CON_IN_DEV_VARIABLE_NAME
,
322 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
324 VARIABLE_ATTRIBUTE_BS_RT
,
325 sizeof (EFI_DEVICE_PATH_PROTOCOL
),
328 InternalVarCheckDevicePath
331 EFI_CON_OUT_DEV_VARIABLE_NAME
,
333 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
335 VARIABLE_ATTRIBUTE_BS_RT
,
336 sizeof (EFI_DEVICE_PATH_PROTOCOL
),
339 InternalVarCheckDevicePath
342 EFI_ERR_OUT_DEV_VARIABLE_NAME
,
344 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
346 VARIABLE_ATTRIBUTE_BS_RT
,
347 sizeof (EFI_DEVICE_PATH_PROTOCOL
),
350 InternalVarCheckDevicePath
353 EFI_BOOT_ORDER_VARIABLE_NAME
,
355 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
357 VARIABLE_ATTRIBUTE_NV_BS_RT
,
361 InternalVarCheckSizeArray
364 EFI_BOOT_NEXT_VARIABLE_NAME
,
366 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
368 VARIABLE_ATTRIBUTE_NV_BS_RT
,
375 EFI_BOOT_CURRENT_VARIABLE_NAME
,
377 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
379 VARIABLE_ATTRIBUTE_BS_RT
,
386 EFI_BOOT_OPTION_SUPPORT_VARIABLE_NAME
,
388 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
390 VARIABLE_ATTRIBUTE_BS_RT
,
397 EFI_DRIVER_ORDER_VARIABLE_NAME
,
399 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
401 VARIABLE_ATTRIBUTE_NV_BS_RT
,
405 InternalVarCheckSizeArray
408 EFI_HW_ERR_REC_SUPPORT_VARIABLE_NAME
,
410 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
412 VARIABLE_ATTRIBUTE_NV_BS_RT
,
421 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
422 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
423 VARIABLE_ATTRIBUTE_BS_RT
,
430 EFI_KEY_EXCHANGE_KEY_NAME
,
432 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
434 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
441 EFI_PLATFORM_KEY_NAME
,
443 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
445 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
452 EFI_SIGNATURE_SUPPORT_NAME
,
454 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
455 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
456 VARIABLE_ATTRIBUTE_BS_RT
,
460 InternalVarCheckSizeArray
463 EFI_SECURE_BOOT_MODE_NAME
,
465 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
466 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
467 VARIABLE_ATTRIBUTE_BS_RT
,
474 EFI_KEK_DEFAULT_VARIABLE_NAME
,
476 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
477 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
478 VARIABLE_ATTRIBUTE_BS_RT
,
485 EFI_PK_DEFAULT_VARIABLE_NAME
,
487 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
488 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
489 VARIABLE_ATTRIBUTE_BS_RT
,
496 EFI_DB_DEFAULT_VARIABLE_NAME
,
498 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
499 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
500 VARIABLE_ATTRIBUTE_BS_RT
,
507 EFI_DBX_DEFAULT_VARIABLE_NAME
,
509 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
510 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
511 VARIABLE_ATTRIBUTE_BS_RT
,
518 EFI_DBT_DEFAULT_VARIABLE_NAME
,
520 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
521 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
522 VARIABLE_ATTRIBUTE_BS_RT
,
529 EFI_OS_INDICATIONS_SUPPORT_VARIABLE_NAME
,
531 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
533 VARIABLE_ATTRIBUTE_BS_RT
,
540 EFI_OS_INDICATIONS_VARIABLE_NAME
,
542 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
544 VARIABLE_ATTRIBUTE_NV_BS_RT
,
551 EFI_VENDOR_KEYS_VARIABLE_NAME
,
553 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
554 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
555 VARIABLE_ATTRIBUTE_BS_RT
,
562 UEFI_DEFINED_VARIABLE_ENTRY mGlobalVariableList2
[] = {
566 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
568 VARIABLE_ATTRIBUTE_NV_BS_RT
,
569 sizeof (UINT32
) + sizeof (UINT16
),
572 InternalVarCheckLoadOption
577 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
579 VARIABLE_ATTRIBUTE_NV_BS_RT
,
580 sizeof (UINT32
) + sizeof (UINT16
),
583 InternalVarCheckLoadOption
588 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
590 VARIABLE_ATTRIBUTE_NV_BS_RT
,
591 sizeof (EFI_KEY_OPTION
),
592 sizeof (EFI_KEY_OPTION
) + 3 * sizeof (EFI_INPUT_KEY
)
594 InternalVarCheckKeyOption
599 // EFI_IMAGE_SECURITY_DATABASE_GUID
601 UEFI_DEFINED_VARIABLE_ENTRY mImageSecurityVariableList
[] = {
603 EFI_IMAGE_SECURITY_DATABASE
,
605 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
607 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
614 EFI_IMAGE_SECURITY_DATABASE1
,
616 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
618 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
625 EFI_IMAGE_SECURITY_DATABASE2
,
627 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
629 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
640 VAR_CHECK_VARIABLE_PROPERTY VariableProperty
;
641 INTERNAL_VAR_CHECK_FUNCTION CheckFunction
;
642 } VARIABLE_DRIVER_VARIABLE_ENTRY
;
644 VARIABLE_DRIVER_VARIABLE_ENTRY mVariableDriverVariableList
[] = {
646 &gEfiSecureBootEnableDisableGuid
,
647 EFI_SECURE_BOOT_ENABLE_NAME
,
649 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
651 VARIABLE_ATTRIBUTE_NV_BS
,
657 &gEfiCustomModeEnableGuid
,
658 EFI_CUSTOM_MODE_NAME
,
660 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
662 VARIABLE_ATTRIBUTE_NV_BS
,
668 &gEfiVendorKeysNvGuid
,
669 EFI_VENDOR_KEYS_NV_VARIABLE_NAME
,
671 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
672 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
673 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
679 &gEfiAuthenticatedVariableGuid
,
682 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
683 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
684 VARIABLE_ATTRIBUTE_NV_BS_RT_AW
,
693 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
694 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
695 VARIABLE_ATTRIBUTE_NV_BS_RT_AT
,
701 &gEdkiiVarErrorFlagGuid
,
704 VAR_CHECK_VARIABLE_PROPERTY_REVISION
,
705 VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
,
706 VARIABLE_ATTRIBUTE_NV_BS_RT
,
707 sizeof (VAR_ERROR_FLAG
),
708 sizeof (VAR_ERROR_FLAG
)
714 Get UEFI defined global variable or image security database variable property.
715 The code will check if variable guid is global variable or image security database guid first.
716 If yes, further check if variable name is in mGlobalVariableList, mGlobalVariableList2 or mImageSecurityVariableList.
718 @param[in] VariableName Pointer to variable name.
719 @param[in] VendorGuid Variable Vendor Guid.
720 @param[in] WildcardMatch Try wildcard match or not.
721 @param[out] VariableProperty Pointer to variable property.
722 @param[out] VarCheckFunction Pointer to check function.
724 @retval EFI_SUCCESS Variable is not global variable or image security database variable.
725 @retval EFI_INVALID_PARAMETER Variable is global variable or image security database variable, but variable name is not in the lists.
729 GetUefiDefinedVariableProperty (
730 IN CHAR16
*VariableName
,
731 IN EFI_GUID
*VendorGuid
,
732 IN BOOLEAN WildcardMatch
,
733 OUT VAR_CHECK_VARIABLE_PROPERTY
**VariableProperty
,
734 OUT INTERNAL_VAR_CHECK_FUNCTION
*VarCheckFunction OPTIONAL
740 if (CompareGuid (VendorGuid
, &gEfiGlobalVariableGuid
)) {
742 // Try list 1, exactly match.
744 for (Index
= 0; Index
< sizeof (mGlobalVariableList
)/sizeof (mGlobalVariableList
[0]); Index
++) {
745 if (StrCmp (mGlobalVariableList
[Index
].Name
, VariableName
) == 0) {
746 if (VarCheckFunction
!= NULL
) {
747 *VarCheckFunction
= mGlobalVariableList
[Index
].CheckFunction
;
749 *VariableProperty
= &mGlobalVariableList
[Index
].VariableProperty
;
757 NameLength
= StrLen (VariableName
) - 4;
758 for (Index
= 0; Index
< sizeof (mGlobalVariableList2
)/sizeof (mGlobalVariableList2
[0]); Index
++) {
760 if ((StrLen (VariableName
) == StrLen (mGlobalVariableList2
[Index
].Name
)) &&
761 (StrnCmp (mGlobalVariableList2
[Index
].Name
, VariableName
, NameLength
) == 0) &&
762 IsHexaDecimalDigitCharacter (VariableName
[NameLength
]) &&
763 IsHexaDecimalDigitCharacter (VariableName
[NameLength
+ 1]) &&
764 IsHexaDecimalDigitCharacter (VariableName
[NameLength
+ 2]) &&
765 IsHexaDecimalDigitCharacter (VariableName
[NameLength
+ 3])) {
766 if (VarCheckFunction
!= NULL
) {
767 *VarCheckFunction
= mGlobalVariableList2
[Index
].CheckFunction
;
769 *VariableProperty
= &mGlobalVariableList2
[Index
].VariableProperty
;
773 if (StrCmp (mGlobalVariableList2
[Index
].Name
, VariableName
) == 0) {
774 if (VarCheckFunction
!= NULL
) {
775 *VarCheckFunction
= mGlobalVariableList2
[Index
].CheckFunction
;
777 *VariableProperty
= &mGlobalVariableList2
[Index
].VariableProperty
;
783 // The variable name is not in the lists.
785 return EFI_INVALID_PARAMETER
;
788 if (CompareGuid (VendorGuid
, &gEfiImageSecurityDatabaseGuid
)){
789 for (Index
= 0; Index
< sizeof (mImageSecurityVariableList
)/sizeof (mImageSecurityVariableList
[0]); Index
++) {
790 if (StrCmp (mImageSecurityVariableList
[Index
].Name
, VariableName
) == 0) {
791 if (VarCheckFunction
!= NULL
) {
792 *VarCheckFunction
= mImageSecurityVariableList
[Index
].CheckFunction
;
794 *VariableProperty
= &mImageSecurityVariableList
[Index
].VariableProperty
;
799 return EFI_INVALID_PARAMETER
;
803 // It is not global variable or image security database variable.
809 Get variable property for variables managed by Varaible driver.
811 @param[in] VariableName Pointer to variable name.
812 @param[in] VendorGuid Variable Vendor Guid.
814 @return Pointer to variable property.
817 VAR_CHECK_VARIABLE_PROPERTY
*
818 GetVariableDriverVariableProperty (
819 IN CHAR16
*VariableName
,
820 IN EFI_GUID
*VendorGuid
825 for (Index
= 0; Index
< sizeof (mVariableDriverVariableList
)/sizeof (mVariableDriverVariableList
[0]); Index
++) {
826 if ((CompareGuid (mVariableDriverVariableList
[Index
].Guid
, VendorGuid
)) && (StrCmp (mVariableDriverVariableList
[Index
].Name
, VariableName
) == 0)) {
827 return &mVariableDriverVariableList
[Index
].VariableProperty
;
835 Internal SetVariable check.
837 @param[in] VariableName Name of Variable to set.
838 @param[in] VendorGuid Variable vendor GUID.
839 @param[in] Attributes Attribute value of the variable.
840 @param[in] DataSize Size of Data to set.
841 @param[in] Data Data pointer.
843 @retval EFI_SUCCESS The SetVariable check result was success.
844 @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits, name, and GUID was supplied,
845 or the DataSize exceeds the minimum or maximum allowed,
846 or the Data value is not following UEFI spec for UEFI defined variables.
847 @retval EFI_WRITE_PROTECTED The variable in question is read-only.
848 @retval Others The return status from check handler.
853 InternalVarCheckSetVariableCheck (
854 IN CHAR16
*VariableName
,
855 IN EFI_GUID
*VendorGuid
,
856 IN UINT32 Attributes
,
864 VAR_CHECK_VARIABLE_ENTRY
*Entry
;
866 VAR_CHECK_VARIABLE_PROPERTY
*Property
;
867 INTERNAL_VAR_CHECK_FUNCTION VarCheckFunction
;
871 // Only do check after End Of Dxe.
877 VarCheckFunction
= NULL
;
879 for ( Link
= GetFirstNode (&mVarCheckVariableList
)
880 ; !IsNull (&mVarCheckVariableList
, Link
)
881 ; Link
= GetNextNode (&mVarCheckVariableList
, Link
)
883 Entry
= BASE_CR (Link
, VAR_CHECK_VARIABLE_ENTRY
, Link
);
884 Name
= (CHAR16
*) ((UINTN
) Entry
+ sizeof (*Entry
));
885 if (CompareGuid (&Entry
->Guid
, VendorGuid
) && (StrCmp (Name
, VariableName
) == 0)) {
886 Property
= &Entry
->VariableProperty
;
890 if (Property
== NULL
) {
891 Property
= GetVariableDriverVariableProperty (VariableName
, VendorGuid
);
893 if (Property
== NULL
) {
894 Status
= GetUefiDefinedVariableProperty (VariableName
, VendorGuid
, TRUE
, &Property
, &VarCheckFunction
);
895 if (EFI_ERROR (Status
)) {
896 DEBUG ((EFI_D_INFO
, "[Variable]: Var Check UEFI defined variable fail %r - %g:%s\n", Status
, VendorGuid
, VariableName
));
900 if (Property
!= NULL
) {
901 if (mEnableLocking
&& ((Property
->Property
& VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
) != 0)) {
902 DEBUG ((EFI_D_INFO
, "[Variable]: Var Check ReadOnly variable fail %r - %g:%s\n", EFI_WRITE_PROTECTED
, VendorGuid
, VariableName
));
903 return EFI_WRITE_PROTECTED
;
905 if (!((((Attributes
& EFI_VARIABLE_APPEND_WRITE
) == 0) && (DataSize
== 0)) || (Attributes
== 0))) {
907 // Not to delete variable.
909 if ((Attributes
& (~EFI_VARIABLE_APPEND_WRITE
)) != Property
->Attributes
) {
910 DEBUG ((EFI_D_INFO
, "[Variable]: Var Check Attributes(0x%08x to 0x%08x) fail %r - %g:%s\n", Property
->Attributes
, Attributes
, EFI_INVALID_PARAMETER
, VendorGuid
, VariableName
));
911 return EFI_INVALID_PARAMETER
;
914 if ((DataSize
< Property
->MinSize
) || (DataSize
> Property
->MaxSize
)) {
915 DEBUG ((EFI_D_INFO
, "[Variable]: Var Check DataSize fail(0x%x not in 0x%x - 0x%x) %r - %g:%s\n", DataSize
, Property
->MinSize
, Property
->MaxSize
, EFI_INVALID_PARAMETER
, VendorGuid
, VariableName
));
916 return EFI_INVALID_PARAMETER
;
918 if (VarCheckFunction
!= NULL
) {
919 Status
= VarCheckFunction (
924 if (EFI_ERROR (Status
)) {
925 DEBUG ((EFI_D_INFO
, "[Variable]: Internal Var Check function fail %r - %g:%s\n", Status
, VendorGuid
, VariableName
));
933 for (Index
= 0; Index
< mNumberOfHandler
; Index
++) {
934 Status
= mHandlerTable
[Index
] (
941 if (EFI_ERROR (Status
)) {
942 DEBUG ((EFI_D_INFO
, "[Variable]: Var Check handler fail %r - %g:%s\n", Status
, VendorGuid
, VariableName
));
950 Reallocates more global memory to store the registered handler list.
952 @retval RETURN_SUCCESS Reallocate memory successfully.
953 @retval RETURN_OUT_OF_RESOURCES No enough memory to allocate.
958 ReallocateHandlerTable (
962 VAR_CHECK_SET_VARIABLE_CHECK_HANDLER
*HandlerTable
;
965 // Reallocate memory for check handler table.
967 HandlerTable
= ReallocateRuntimePool (
968 mMaxNumberOfHandler
* sizeof (VAR_CHECK_SET_VARIABLE_CHECK_HANDLER
),
969 (mMaxNumberOfHandler
+ VAR_CHECK_HANDLER_TABLE_SIZE
) * sizeof (VAR_CHECK_SET_VARIABLE_CHECK_HANDLER
),
974 // No enough resource to allocate.
976 if (HandlerTable
== NULL
) {
977 return RETURN_OUT_OF_RESOURCES
;
980 mHandlerTable
= HandlerTable
;
982 // Increase max handler number.
984 mMaxNumberOfHandler
= mMaxNumberOfHandler
+ VAR_CHECK_HANDLER_TABLE_SIZE
;
985 return RETURN_SUCCESS
;
989 Register SetVariable check handler.
991 @param[in] Handler Pointer to check handler.
993 @retval EFI_SUCCESS The SetVariable check handler was registered successfully.
994 @retval EFI_INVALID_PARAMETER Handler is NULL.
995 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
996 already been signaled.
997 @retval EFI_OUT_OF_RESOURCES There is not enough resource for the SetVariable check handler register request.
998 @retval EFI_UNSUPPORTED This interface is not implemented.
999 For example, it is unsupported in VarCheck protocol if both VarCheck and SmmVarCheck protocols are present.
1004 VarCheckRegisterSetVariableCheckHandler (
1005 IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER Handler
1010 if (Handler
== NULL
) {
1011 return EFI_INVALID_PARAMETER
;
1015 return EFI_ACCESS_DENIED
;
1018 DEBUG ((EFI_D_INFO
, "RegisterSetVariableCheckHandler - 0x%x\n", Handler
));
1021 // Check whether the handler list is enough to store new handler.
1023 if (mNumberOfHandler
== mMaxNumberOfHandler
) {
1025 // Allocate more resources for new handler.
1027 Status
= ReallocateHandlerTable();
1028 if (EFI_ERROR (Status
)) {
1034 // Register new handler into the handler list.
1036 mHandlerTable
[mNumberOfHandler
] = Handler
;
1037 mNumberOfHandler
++;
1043 Variable property get function.
1045 @param[in] Name Pointer to the variable name.
1046 @param[in] Guid Pointer to the vendor GUID.
1047 @param[in] WildcardMatch Try wildcard match or not.
1049 @return Pointer to the property of variable specified by the Name and Guid.
1052 VAR_CHECK_VARIABLE_PROPERTY
*
1053 VariablePropertyGetFunction (
1056 IN BOOLEAN WildcardMatch
1060 VAR_CHECK_VARIABLE_ENTRY
*Entry
;
1061 CHAR16
*VariableName
;
1062 VAR_CHECK_VARIABLE_PROPERTY
*Property
;
1064 for ( Link
= GetFirstNode (&mVarCheckVariableList
)
1065 ; !IsNull (&mVarCheckVariableList
, Link
)
1066 ; Link
= GetNextNode (&mVarCheckVariableList
, Link
)
1068 Entry
= BASE_CR (Link
, VAR_CHECK_VARIABLE_ENTRY
, Link
);
1069 VariableName
= (CHAR16
*) ((UINTN
) Entry
+ sizeof (*Entry
));
1070 if (CompareGuid (&Entry
->Guid
, Guid
) && (StrCmp (VariableName
, Name
) == 0)) {
1071 return &Entry
->VariableProperty
;
1075 Property
= GetVariableDriverVariableProperty (Name
, Guid
);
1076 if (Property
== NULL
) {
1077 GetUefiDefinedVariableProperty (Name
, Guid
, WildcardMatch
, &Property
, NULL
);
1084 Variable property set.
1086 @param[in] Name Pointer to the variable name.
1087 @param[in] Guid Pointer to the vendor GUID.
1088 @param[in] VariableProperty Pointer to the input variable property.
1090 @retval EFI_SUCCESS The property of variable specified by the Name and Guid was set successfully.
1091 @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string,
1092 or the fields of VariableProperty are not valid.
1093 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
1094 already been signaled.
1095 @retval EFI_OUT_OF_RESOURCES There is not enough resource for the variable property set request.
1100 VarCheckVariablePropertySet (
1103 IN VAR_CHECK_VARIABLE_PROPERTY
*VariableProperty
1107 VAR_CHECK_VARIABLE_ENTRY
*Entry
;
1108 CHAR16
*VariableName
;
1109 VAR_CHECK_VARIABLE_PROPERTY
*Property
;
1111 if (Name
== NULL
|| Name
[0] == 0 || Guid
== NULL
) {
1112 return EFI_INVALID_PARAMETER
;
1115 if (VariableProperty
== NULL
) {
1116 return EFI_INVALID_PARAMETER
;
1119 if (VariableProperty
->Revision
!= VAR_CHECK_VARIABLE_PROPERTY_REVISION
) {
1120 return EFI_INVALID_PARAMETER
;
1124 return EFI_ACCESS_DENIED
;
1127 Status
= EFI_SUCCESS
;
1129 AcquireLockOnlyAtBootTime (&mVariableModuleGlobal
->VariableGlobal
.VariableServicesLock
);
1131 Property
= VariablePropertyGetFunction (Name
, Guid
, FALSE
);
1132 if (Property
!= NULL
) {
1133 CopyMem (Property
, VariableProperty
, sizeof (*VariableProperty
));
1135 Entry
= AllocateRuntimeZeroPool (sizeof (*Entry
) + StrSize (Name
));
1136 if (Entry
== NULL
) {
1137 Status
= EFI_OUT_OF_RESOURCES
;
1140 VariableName
= (CHAR16
*) ((UINTN
) Entry
+ sizeof (*Entry
));
1141 StrnCpy (VariableName
, Name
, StrLen (Name
));
1142 CopyGuid (&Entry
->Guid
, Guid
);
1143 CopyMem (&Entry
->VariableProperty
, VariableProperty
, sizeof (*VariableProperty
));
1144 InsertTailList (&mVarCheckVariableList
, &Entry
->Link
);
1148 ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal
->VariableGlobal
.VariableServicesLock
);
1154 Internal variable property get.
1156 @param[in] Name Pointer to the variable name.
1157 @param[in] Guid Pointer to the vendor GUID.
1158 @param[out] VariableProperty Pointer to the output variable property.
1160 @retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully.
1161 @retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found.
1166 InternalVarCheckVariablePropertyGet (
1169 OUT VAR_CHECK_VARIABLE_PROPERTY
*VariableProperty
1173 VARIABLE_ENTRY
*Entry
;
1174 CHAR16
*VariableName
;
1176 VAR_CHECK_VARIABLE_PROPERTY
*Property
;
1180 Property
= VariablePropertyGetFunction (Name
, Guid
, TRUE
);
1181 if (Property
!= NULL
) {
1182 CopyMem (VariableProperty
, Property
, sizeof (*VariableProperty
));
1186 for ( Link
= GetFirstNode (&mLockedVariableList
)
1187 ; !IsNull (&mLockedVariableList
, Link
)
1188 ; Link
= GetNextNode (&mLockedVariableList
, Link
)
1190 Entry
= BASE_CR (Link
, VARIABLE_ENTRY
, Link
);
1191 VariableName
= (CHAR16
*) ((UINTN
) Entry
+ sizeof (*Entry
));
1192 if (CompareGuid (&Entry
->Guid
, Guid
) && (StrCmp (VariableName
, Name
) == 0)) {
1193 VariableProperty
->Property
|= VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY
;
1195 VariableProperty
->Revision
= VAR_CHECK_VARIABLE_PROPERTY_REVISION
;
1201 return (Found
? EFI_SUCCESS
: EFI_NOT_FOUND
);
1205 Variable property get.
1207 @param[in] Name Pointer to the variable name.
1208 @param[in] Guid Pointer to the vendor GUID.
1209 @param[out] VariableProperty Pointer to the output variable property.
1211 @retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully.
1212 @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string.
1213 @retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found.
1218 VarCheckVariablePropertyGet (
1221 OUT VAR_CHECK_VARIABLE_PROPERTY
*VariableProperty
1226 if (Name
== NULL
|| Name
[0] == 0 || Guid
== NULL
) {
1227 return EFI_INVALID_PARAMETER
;
1230 if (VariableProperty
== NULL
) {
1231 return EFI_INVALID_PARAMETER
;
1234 AcquireLockOnlyAtBootTime (&mVariableModuleGlobal
->VariableGlobal
.VariableServicesLock
);
1236 Status
= InternalVarCheckVariablePropertyGet (Name
, Guid
, VariableProperty
);
1238 ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal
->VariableGlobal
.VariableServicesLock
);