Copyright (C) 2013, Red Hat, Inc.\r
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>\r
(C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>\r
+Copyright (c) Microsoft Corporation.\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "Variable.h"\r
\r
+#include <Protocol/VariablePolicy.h>\r
+#include <Library/VariablePolicyLib.h>\r
+\r
+EFI_STATUS\r
+EFIAPI\r
+ProtocolIsVariablePolicyEnabled (\r
+ OUT BOOLEAN *State\r
+ );\r
+\r
EFI_HANDLE mHandle = NULL;\r
EFI_EVENT mVirtualAddressChangeEvent = NULL;\r
VOID *mFtwRegistration = NULL;\r
VOID ***mVarCheckAddressPointer = NULL;\r
UINTN mVarCheckAddressPointerCount = 0;\r
EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock = { VariableLockRequestToLock };\r
+EDKII_VARIABLE_POLICY_PROTOCOL mVariablePolicyProtocol = { EDKII_VARIABLE_POLICY_PROTOCOL_REVISION,\r
+ DisableVariablePolicy,\r
+ ProtocolIsVariablePolicyEnabled,\r
+ RegisterVariablePolicy,\r
+ DumpVariablePolicy,\r
+ LockVariablePolicy };\r
EDKII_VAR_CHECK_PROTOCOL mVarCheck = { VarCheckRegisterSetVariableCheckHandler,\r
VarCheckVariablePropertySet,\r
VarCheckVariablePropertyGet };\r
VOID *Context\r
)\r
{\r
+ EFI_STATUS Status;\r
+\r
if (!mEndOfDxe) {\r
MorLockInitAtEndOfDxe ();\r
+\r
+ Status = LockVariablePolicy ();\r
+ ASSERT_EFI_ERROR (Status);\r
//\r
// Set the End Of DXE bit in case the EFI_END_OF_DXE_EVENT_GROUP_GUID event is not signaled.\r
//\r
VOID *Context\r
)\r
{\r
+ EFI_STATUS Status;\r
+\r
DEBUG ((EFI_D_INFO, "[Variable]END_OF_DXE is signaled\n"));\r
MorLockInitAtEndOfDxe ();\r
+ Status = LockVariablePolicy ();\r
+ ASSERT_EFI_ERROR (Status);\r
mEndOfDxe = TRUE;\r
mVarCheckAddressPointer = VarCheckLibInitializeAtEndOfDxe (&mVarCheckAddressPointerCount);\r
//\r
}\r
\r
\r
+/**\r
+ This API function returns whether or not the policy engine is\r
+ currently being enforced.\r
+\r
+ @param[out] State Pointer to a return value for whether the policy enforcement\r
+ is currently enabled.\r
+\r
+ @retval EFI_SUCCESS\r
+ @retval Others An error has prevented this command from completing.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+ProtocolIsVariablePolicyEnabled (\r
+ OUT BOOLEAN *State\r
+ )\r
+{\r
+ *State = IsVariablePolicyEnabled ();\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+\r
/**\r
Variable Driver main entry point. The Variable driver places the 4 EFI\r
runtime services in the EFI System Table and installs arch protocols\r
);\r
ASSERT_EFI_ERROR (Status);\r
\r
+ // Register and initialize the VariablePolicy engine.\r
+ Status = InitVariablePolicyLib (VariableServiceGetVariable);\r
+ ASSERT_EFI_ERROR (Status);\r
+ Status = VarCheckRegisterSetVariableCheckHandler (ValidateSetVariable);\r
+ ASSERT_EFI_ERROR (Status);\r
+ Status = gBS->InstallMultipleProtocolInterfaces (\r
+ &mHandle,\r
+ &gEdkiiVariablePolicyProtocolGuid,\r
+ &mVariablePolicyProtocol,\r
+ NULL\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
return EFI_SUCCESS;\r
}\r
\r
projects / mirror_edk2.git / blobdiff