]> git.proxmox.com Git - mirror_edk2.git/blobdiff - MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c
projects / mirror_edk2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
MdeModulePkg/Variable/RuntimeDxe: Restore Variable Lock Protocol behavior
[mirror_edk2.git] / MdeModulePkg / Universal / Variable / RuntimeDxe / VariableLockRequestToLock.c
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c
index 4aa854aaf26095cb03c1f8417e863b276c8c1687..7d87e50efdcd481cf9a51d14111ee462f486488d 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c
@@ -1,67 +1,90 @@
-/** @file -- VariableLockRequestToLock.c\r
-Temporary location of the RequestToLock shim code while\r
-projects are moved to VariablePolicy. Should be removed when deprecated.\r
+/** @file\r
+  Temporary location of the RequestToLock shim code while projects\r
+  are moved to VariablePolicy. Should be removed when deprecated.\r
 \r
-Copyright (c) Microsoft Corporation.\r
-SPDX-License-Identifier: BSD-2-Clause-Patent\r
+  Copyright (c) Microsoft Corporation.\r
+  SPDX-License-Identifier: BSD-2-Clause-Patent\r
 \r
 **/\r
 \r
 #include <Uefi.h>\r
-\r
 #include <Library/DebugLib.h>\r
 #include <Library/MemoryAllocationLib.h>\r
-\r
-#include <Protocol/VariableLock.h>\r
-\r
-#include <Protocol/VariablePolicy.h>\r
 #include <Library/VariablePolicyLib.h>\r
 #include <Library/VariablePolicyHelperLib.h>\r
-\r
+#include <Protocol/VariableLock.h>\r
 \r
 /**\r
   DEPRECATED. THIS IS ONLY HERE AS A CONVENIENCE WHILE PORTING.\r
-  Mark a variable that will become read-only after leaving the DXE phase of execution.\r
-  Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTOCOL is allowed.\r
+  Mark a variable that will become read-only after leaving the DXE phase of\r
+  execution. Write request coming from SMM environment through\r
+  EFI_SMM_VARIABLE_PROTOCOL is allowed.\r
 \r
   @param[in] This          The VARIABLE_LOCK_PROTOCOL instance.\r
-  @param[in] VariableName  A pointer to the variable name that will be made read-only subsequently.\r
-  @param[in] VendorGuid    A pointer to the vendor GUID that will be made read-only subsequently.\r
+  @param[in] VariableName  A pointer to the variable name that will be made\r
+                           read-only subsequently.\r
+  @param[in] VendorGuid    A pointer to the vendor GUID that will be made\r
+                           read-only subsequently.\r
 \r
-  @retval EFI_SUCCESS           The variable specified by the VariableName and the VendorGuid was marked\r
-                                as pending to be read-only.\r
+  @retval EFI_SUCCESS           The variable specified by the VariableName and\r
+                                the VendorGuid was marked as pending to be\r
+                                read-only.\r
   @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.\r
                                 Or VariableName is an empty string.\r
-  @retval EFI_ACCESS_DENIED     EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has\r
-                                already been signaled.\r
-  @retval EFI_OUT_OF_RESOURCES  There is not enough resource to hold the lock request.\r
+  @retval EFI_ACCESS_DENIED     EFI_END_OF_DXE_EVENT_GROUP_GUID or\r
+                                EFI_EVENT_GROUP_READY_TO_BOOT has already been\r
+                                signaled.\r
+  @retval EFI_OUT_OF_RESOURCES  There is not enough resource to hold the lock\r
+                                request.\r
 **/\r
 EFI_STATUS\r
 EFIAPI\r
 VariableLockRequestToLock (\r
-  IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,\r
-  IN       CHAR16                       *VariableName,\r
-  IN       EFI_GUID                     *VendorGuid\r
+  IN CONST EDKII_VARIABLE_LOCK_PROTOCOL  *This,\r
+  IN CHAR16                              *VariableName,\r
+  IN EFI_GUID                            *VendorGuid\r
   )\r
 {\r
-  EFI_STATUS              Status;\r
-  VARIABLE_POLICY_ENTRY   *NewPolicy;\r
+  EFI_STATUS             Status;\r
+  VARIABLE_POLICY_ENTRY  *NewPolicy;\r
+\r
+  DEBUG ((DEBUG_ERROR, "!!! DEPRECATED INTERFACE !!! %a() will go away soon!\n", __FUNCTION__));\r
+  DEBUG ((DEBUG_ERROR, "!!! DEPRECATED INTERFACE !!! Please move to use Variable Policy!\n"));\r
+  DEBUG ((DEBUG_ERROR, "!!! DEPRECATED INTERFACE !!! Variable: %g %s\n", VendorGuid, VariableName));\r
 \r
   NewPolicy = NULL;\r
-  Status = CreateBasicVariablePolicy( VendorGuid,\r
-                                      VariableName,\r
-                                      VARIABLE_POLICY_NO_MIN_SIZE,\r
-                                      VARIABLE_POLICY_NO_MAX_SIZE,\r
-                                      VARIABLE_POLICY_NO_MUST_ATTR,\r
-                                      VARIABLE_POLICY_NO_CANT_ATTR,\r
-                                      VARIABLE_POLICY_TYPE_LOCK_NOW,\r
-                                      &NewPolicy );\r
+  Status = CreateBasicVariablePolicy(\r
+             VendorGuid,\r
+             VariableName,\r
+             VARIABLE_POLICY_NO_MIN_SIZE,\r
+             VARIABLE_POLICY_NO_MAX_SIZE,\r
+             VARIABLE_POLICY_NO_MUST_ATTR,\r
+             VARIABLE_POLICY_NO_CANT_ATTR,\r
+             VARIABLE_POLICY_TYPE_LOCK_NOW,\r
+             &NewPolicy\r
+             );\r
   if (!EFI_ERROR( Status )) {\r
-    Status = RegisterVariablePolicy( NewPolicy );\r
+    Status = RegisterVariablePolicy (NewPolicy);\r
+\r
+    //\r
+    // If the error returned is EFI_ALREADY_STARTED, we need to check the\r
+    // current database for the variable and see whether it's locked. If it's\r
+    // locked, we're still fine, but also generate a DEBUG_ERROR message so the\r
+    // duplicate lock can be removed.\r
+    //\r
+    if (Status == EFI_ALREADY_STARTED) {\r
+      Status = ValidateSetVariable (VariableName, VendorGuid, 0, 0, NULL);\r
+      if (Status == EFI_WRITE_PROTECTED) {\r
+        DEBUG ((DEBUG_ERROR, "  Variable: %g %s is already locked!\n", VendorGuid, VariableName));\r
+        Status = EFI_SUCCESS;\r
+      } else {\r
+        DEBUG ((DEBUG_ERROR, "  Variable: %g %s can not be locked!\n", VendorGuid, VariableName));\r
+        Status = EFI_ACCESS_DENIED;\r
+      }\r
+    }\r
   }\r
-  if (EFI_ERROR( Status )) {\r
+  if (EFI_ERROR (Status)) {\r
     DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTION__, VariableName, Status ));\r
-    ASSERT_EFI_ERROR( Status );\r
   }\r
   if (NewPolicy != NULL) {\r
     FreePool( NewPolicy );\r
EFI Development Kit II mirror for PVE