]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg Variable: Introduce PcdReclaimVariableSpaceAtEndOfDxe
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / VariableDxe.c
1 /** @file
2 Implement all four UEFI Runtime Variable services for the nonvolatile
3 and volatile storage space and install variable architecture protocol.
4
5 Copyright (C) 2013, Red Hat, Inc.
6 Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
7 This program and the accompanying materials
8 are licensed and made available under the terms and conditions of the BSD License
9 which accompanies this distribution. The full text of the license may be found at
10 http://opensource.org/licenses/bsd-license.php
11
12 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
13 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
14
15 **/
16
17 #include "Variable.h"
18 #include "AuthService.h"
19
20 extern VARIABLE_STORE_HEADER *mNvVariableCache;
21 extern VARIABLE_INFO_ENTRY *gVariableInfo;
22 EFI_HANDLE mHandle = NULL;
23 EFI_EVENT mVirtualAddressChangeEvent = NULL;
24 EFI_EVENT mFtwRegistration = NULL;
25 extern LIST_ENTRY mLockedVariableList;
26 extern LIST_ENTRY mVarCheckVariableList;
27 extern UINT32 mNumberOfHandler;
28 extern VAR_CHECK_SET_VARIABLE_CHECK_HANDLER *mHandlerTable;
29 extern BOOLEAN mEndOfDxe;
30 EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock = { VariableLockRequestToLock };
31 EDKII_VAR_CHECK_PROTOCOL mVarCheck = { VarCheckRegisterSetVariableCheckHandler,
32 VarCheckVariablePropertySet,
33 VarCheckVariablePropertyGet };
34
35 /**
36 Return TRUE if ExitBootServices () has been called.
37
38 @retval TRUE If ExitBootServices () has been called.
39 **/
40 BOOLEAN
41 AtRuntime (
42 VOID
43 )
44 {
45 return EfiAtRuntime ();
46 }
47
48
49 /**
50 Initializes a basic mutual exclusion lock.
51
52 This function initializes a basic mutual exclusion lock to the released state
53 and returns the lock. Each lock provides mutual exclusion access at its task
54 priority level. Since there is no preemption or multiprocessor support in EFI,
55 acquiring the lock only consists of raising to the locks TPL.
56 If Lock is NULL, then ASSERT().
57 If Priority is not a valid TPL value, then ASSERT().
58
59 @param Lock A pointer to the lock data structure to initialize.
60 @param Priority EFI TPL is associated with the lock.
61
62 @return The lock.
63
64 **/
65 EFI_LOCK *
66 InitializeLock (
67 IN OUT EFI_LOCK *Lock,
68 IN EFI_TPL Priority
69 )
70 {
71 return EfiInitializeLock (Lock, Priority);
72 }
73
74
75 /**
76 Acquires lock only at boot time. Simply returns at runtime.
77
78 This is a temperary function that will be removed when
79 EfiAcquireLock() in UefiLib can handle the call in UEFI
80 Runtimer driver in RT phase.
81 It calls EfiAcquireLock() at boot time, and simply returns
82 at runtime.
83
84 @param Lock A pointer to the lock to acquire.
85
86 **/
87 VOID
88 AcquireLockOnlyAtBootTime (
89 IN EFI_LOCK *Lock
90 )
91 {
92 if (!AtRuntime ()) {
93 EfiAcquireLock (Lock);
94 }
95 }
96
97
98 /**
99 Releases lock only at boot time. Simply returns at runtime.
100
101 This is a temperary function which will be removed when
102 EfiReleaseLock() in UefiLib can handle the call in UEFI
103 Runtimer driver in RT phase.
104 It calls EfiReleaseLock() at boot time and simply returns
105 at runtime.
106
107 @param Lock A pointer to the lock to release.
108
109 **/
110 VOID
111 ReleaseLockOnlyAtBootTime (
112 IN EFI_LOCK *Lock
113 )
114 {
115 if (!AtRuntime ()) {
116 EfiReleaseLock (Lock);
117 }
118 }
119
120 /**
121 Retrive the Fault Tolerent Write protocol interface.
122
123 @param[out] FtwProtocol The interface of Ftw protocol
124
125 @retval EFI_SUCCESS The FTW protocol instance was found and returned in FtwProtocol.
126 @retval EFI_NOT_FOUND The FTW protocol instance was not found.
127 @retval EFI_INVALID_PARAMETER SarProtocol is NULL.
128
129 **/
130 EFI_STATUS
131 GetFtwProtocol (
132 OUT VOID **FtwProtocol
133 )
134 {
135 EFI_STATUS Status;
136
137 //
138 // Locate Fault Tolerent Write protocol
139 //
140 Status = gBS->LocateProtocol (
141 &gEfiFaultTolerantWriteProtocolGuid,
142 NULL,
143 FtwProtocol
144 );
145 return Status;
146 }
147
148 /**
149 Retrive the FVB protocol interface by HANDLE.
150
151 @param[in] FvBlockHandle The handle of FVB protocol that provides services for
152 reading, writing, and erasing the target block.
153 @param[out] FvBlock The interface of FVB protocol
154
155 @retval EFI_SUCCESS The interface information for the specified protocol was returned.
156 @retval EFI_UNSUPPORTED The device does not support the FVB protocol.
157 @retval EFI_INVALID_PARAMETER FvBlockHandle is not a valid EFI_HANDLE or FvBlock is NULL.
158
159 **/
160 EFI_STATUS
161 GetFvbByHandle (
162 IN EFI_HANDLE FvBlockHandle,
163 OUT EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL **FvBlock
164 )
165 {
166 //
167 // To get the FVB protocol interface on the handle
168 //
169 return gBS->HandleProtocol (
170 FvBlockHandle,
171 &gEfiFirmwareVolumeBlockProtocolGuid,
172 (VOID **) FvBlock
173 );
174 }
175
176
177 /**
178 Function returns an array of handles that support the FVB protocol
179 in a buffer allocated from pool.
180
181 @param[out] NumberHandles The number of handles returned in Buffer.
182 @param[out] Buffer A pointer to the buffer to return the requested
183 array of handles that support FVB protocol.
184
185 @retval EFI_SUCCESS The array of handles was returned in Buffer, and the number of
186 handles in Buffer was returned in NumberHandles.
187 @retval EFI_NOT_FOUND No FVB handle was found.
188 @retval EFI_OUT_OF_RESOURCES There is not enough pool memory to store the matching results.
189 @retval EFI_INVALID_PARAMETER NumberHandles is NULL or Buffer is NULL.
190
191 **/
192 EFI_STATUS
193 GetFvbCountAndBuffer (
194 OUT UINTN *NumberHandles,
195 OUT EFI_HANDLE **Buffer
196 )
197 {
198 EFI_STATUS Status;
199
200 //
201 // Locate all handles of Fvb protocol
202 //
203 Status = gBS->LocateHandleBuffer (
204 ByProtocol,
205 &gEfiFirmwareVolumeBlockProtocolGuid,
206 NULL,
207 NumberHandles,
208 Buffer
209 );
210 return Status;
211 }
212
213
214 /**
215 Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
216
217 This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
218 It convers pointer to new virtual address.
219
220 @param Event Event whose notification function is being invoked.
221 @param Context Pointer to the notification function's context.
222
223 **/
224 VOID
225 EFIAPI
226 VariableClassAddressChangeEvent (
227 IN EFI_EVENT Event,
228 IN VOID *Context
229 )
230 {
231 EFI_STATUS Status;
232 UINTN Index;
233
234 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetBlockSize);
235 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetPhysicalAddress);
236 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetAttributes);
237 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->SetAttributes);
238 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->Read);
239 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->Write);
240 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->EraseBlocks);
241 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance);
242 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLangCodes);
243 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->LangCodes);
244 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLang);
245 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase);
246 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.VolatileVariableBase);
247 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase);
248 EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal);
249 EfiConvertPointer (0x0, (VOID **) &mHashCtx);
250 EfiConvertPointer (0x0, (VOID **) &mSerializationRuntimeBuffer);
251 EfiConvertPointer (0x0, (VOID **) &mNvVariableCache);
252 EfiConvertPointer (0x0, (VOID **) &mPubKeyStore);
253 EfiConvertPointer (0x0, (VOID **) &mCertDbStore);
254 EfiConvertPointer (0x0, (VOID **) &mHandlerTable);
255 for (Index = 0; Index < mNumberOfHandler; Index++) {
256 EfiConvertPointer (0x0, (VOID **) &mHandlerTable[Index]);
257 }
258
259 Status = EfiConvertList (0x0, &mLockedVariableList);
260 ASSERT_EFI_ERROR (Status);
261
262 Status = EfiConvertList (0x0, &mVarCheckVariableList);
263 ASSERT_EFI_ERROR (Status);
264 }
265
266
267 /**
268 Notification function of EVT_GROUP_READY_TO_BOOT event group.
269
270 This is a notification function registered on EVT_GROUP_READY_TO_BOOT event group.
271 When the Boot Manager is about to load and execute a boot option, it reclaims variable
272 storage if free size is below the threshold.
273
274 @param Event Event whose notification function is being invoked.
275 @param Context Pointer to the notification function's context.
276
277 **/
278 VOID
279 EFIAPI
280 OnReadyToBoot (
281 EFI_EVENT Event,
282 VOID *Context
283 )
284 {
285 //
286 // Set the End Of DXE bit in case the EFI_END_OF_DXE_EVENT_GROUP_GUID event is not signaled.
287 //
288 mEndOfDxe = TRUE;
289 //
290 // The initialization for variable quota.
291 //
292 InitializeVariableQuota ();
293 ReclaimForOS ();
294 if (FeaturePcdGet (PcdVariableCollectStatistics)) {
295 gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid, gVariableInfo);
296 }
297 }
298
299 /**
300 Notification function of EFI_END_OF_DXE_EVENT_GROUP_GUID event group.
301
302 This is a notification function registered on EFI_END_OF_DXE_EVENT_GROUP_GUID event group.
303
304 @param Event Event whose notification function is being invoked.
305 @param Context Pointer to the notification function's context.
306
307 **/
308 VOID
309 EFIAPI
310 OnEndOfDxe (
311 EFI_EVENT Event,
312 VOID *Context
313 )
314 {
315 mEndOfDxe = TRUE;
316 //
317 // The initialization for variable quota.
318 //
319 InitializeVariableQuota ();
320 if (PcdGetBool (PcdReclaimVariableSpaceAtEndOfDxe)) {
321 ReclaimForOS ();
322 }
323 }
324
325 /**
326 Fault Tolerant Write protocol notification event handler.
327
328 Non-Volatile variable write may needs FTW protocol to reclaim when
329 writting variable.
330
331 @param[in] Event Event whose notification function is being invoked.
332 @param[in] Context Pointer to the notification function's context.
333
334 **/
335 VOID
336 EFIAPI
337 FtwNotificationEvent (
338 IN EFI_EVENT Event,
339 IN VOID *Context
340 )
341 {
342 EFI_STATUS Status;
343 EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol;
344 EFI_FAULT_TOLERANT_WRITE_PROTOCOL *FtwProtocol;
345 EFI_PHYSICAL_ADDRESS NvStorageVariableBase;
346 EFI_GCD_MEMORY_SPACE_DESCRIPTOR GcdDescriptor;
347 EFI_PHYSICAL_ADDRESS BaseAddress;
348 UINT64 Length;
349 EFI_PHYSICAL_ADDRESS VariableStoreBase;
350 UINT64 VariableStoreLength;
351 UINTN FtwMaxBlockSize;
352
353 //
354 // Ensure FTW protocol is installed.
355 //
356 Status = GetFtwProtocol ((VOID**) &FtwProtocol);
357 if (EFI_ERROR (Status)) {
358 return ;
359 }
360
361 Status = FtwProtocol->GetMaxBlockSize (FtwProtocol, &FtwMaxBlockSize);
362 if (!EFI_ERROR (Status)) {
363 ASSERT (PcdGet32 (PcdFlashNvStorageVariableSize) <= FtwMaxBlockSize);
364 }
365
366 //
367 // Find the proper FVB protocol for variable.
368 //
369 NvStorageVariableBase = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);
370 if (NvStorageVariableBase == 0) {
371 NvStorageVariableBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);
372 }
373 Status = GetFvbInfoByAddress (NvStorageVariableBase, NULL, &FvbProtocol);
374 if (EFI_ERROR (Status)) {
375 return ;
376 }
377 mVariableModuleGlobal->FvbInstance = FvbProtocol;
378
379 //
380 // Mark the variable storage region of the FLASH as RUNTIME.
381 //
382 VariableStoreBase = NvStorageVariableBase + (((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)(NvStorageVariableBase))->HeaderLength);
383 VariableStoreLength = ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase)->Size;
384 BaseAddress = VariableStoreBase & (~EFI_PAGE_MASK);
385 Length = VariableStoreLength + (VariableStoreBase - BaseAddress);
386 Length = (Length + EFI_PAGE_SIZE - 1) & (~EFI_PAGE_MASK);
387
388 Status = gDS->GetMemorySpaceDescriptor (BaseAddress, &GcdDescriptor);
389 if (EFI_ERROR (Status)) {
390 DEBUG ((DEBUG_WARN, "Variable driver failed to get flash memory attribute.\n"));
391 } else {
392 Status = gDS->SetMemorySpaceAttributes (
393 BaseAddress,
394 Length,
395 GcdDescriptor.Attributes | EFI_MEMORY_RUNTIME
396 );
397 if (EFI_ERROR (Status)) {
398 DEBUG ((DEBUG_WARN, "Variable driver failed to add EFI_MEMORY_RUNTIME attribute to Flash.\n"));
399 }
400 }
401
402 Status = VariableWriteServiceInitialize ();
403 if (EFI_ERROR (Status)) {
404 DEBUG ((DEBUG_ERROR, "Variable write service initialization failed. Status = %r\n", Status));
405 }
406
407 //
408 // Install the Variable Write Architectural protocol.
409 //
410 Status = gBS->InstallProtocolInterface (
411 &mHandle,
412 &gEfiVariableWriteArchProtocolGuid,
413 EFI_NATIVE_INTERFACE,
414 NULL
415 );
416 ASSERT_EFI_ERROR (Status);
417
418 //
419 // Close the notify event to avoid install gEfiVariableWriteArchProtocolGuid again.
420 //
421 gBS->CloseEvent (Event);
422
423 }
424
425
426 /**
427 Variable Driver main entry point. The Variable driver places the 4 EFI
428 runtime services in the EFI System Table and installs arch protocols
429 for variable read and write services being available. It also registers
430 a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
431
432 @param[in] ImageHandle The firmware allocated handle for the EFI image.
433 @param[in] SystemTable A pointer to the EFI System Table.
434
435 @retval EFI_SUCCESS Variable service successfully initialized.
436
437 **/
438 EFI_STATUS
439 EFIAPI
440 VariableServiceInitialize (
441 IN EFI_HANDLE ImageHandle,
442 IN EFI_SYSTEM_TABLE *SystemTable
443 )
444 {
445 EFI_STATUS Status;
446 EFI_EVENT ReadyToBootEvent;
447 EFI_EVENT EndOfDxeEvent;
448
449 Status = VariableCommonInitialize ();
450 ASSERT_EFI_ERROR (Status);
451
452 Status = gBS->InstallMultipleProtocolInterfaces (
453 &mHandle,
454 &gEdkiiVariableLockProtocolGuid,
455 &mVariableLock,
456 NULL
457 );
458 ASSERT_EFI_ERROR (Status);
459
460 Status = gBS->InstallMultipleProtocolInterfaces (
461 &mHandle,
462 &gEdkiiVarCheckProtocolGuid,
463 &mVarCheck,
464 NULL
465 );
466 ASSERT_EFI_ERROR (Status);
467
468 SystemTable->RuntimeServices->GetVariable = VariableServiceGetVariable;
469 SystemTable->RuntimeServices->GetNextVariableName = VariableServiceGetNextVariableName;
470 SystemTable->RuntimeServices->SetVariable = VariableServiceSetVariable;
471 SystemTable->RuntimeServices->QueryVariableInfo = VariableServiceQueryVariableInfo;
472
473 //
474 // Now install the Variable Runtime Architectural protocol on a new handle.
475 //
476 Status = gBS->InstallProtocolInterface (
477 &mHandle,
478 &gEfiVariableArchProtocolGuid,
479 EFI_NATIVE_INTERFACE,
480 NULL
481 );
482 ASSERT_EFI_ERROR (Status);
483
484 //
485 // Register FtwNotificationEvent () notify function.
486 //
487 EfiCreateProtocolNotifyEvent (
488 &gEfiFaultTolerantWriteProtocolGuid,
489 TPL_CALLBACK,
490 FtwNotificationEvent,
491 (VOID *)SystemTable,
492 &mFtwRegistration
493 );
494
495 Status = gBS->CreateEventEx (
496 EVT_NOTIFY_SIGNAL,
497 TPL_NOTIFY,
498 VariableClassAddressChangeEvent,
499 NULL,
500 &gEfiEventVirtualAddressChangeGuid,
501 &mVirtualAddressChangeEvent
502 );
503 ASSERT_EFI_ERROR (Status);
504
505 //
506 // Register the event handling function to reclaim variable for OS usage.
507 //
508 Status = EfiCreateEventReadyToBootEx (
509 TPL_NOTIFY,
510 OnReadyToBoot,
511 NULL,
512 &ReadyToBootEvent
513 );
514 ASSERT_EFI_ERROR (Status);
515
516 //
517 // Register the event handling function to set the End Of DXE flag.
518 //
519 Status = gBS->CreateEventEx (
520 EVT_NOTIFY_SIGNAL,
521 TPL_NOTIFY,
522 OnEndOfDxe,
523 NULL,
524 &gEfiEndOfDxeEventGroupGuid,
525 &EndOfDxeEvent
526 );
527 ASSERT_EFI_ERROR (Status);
528
529 return EFI_SUCCESS;
530 }
531
EFI Development Kit II mirror for PVE