/** @file\r
- Implementation functions and structures for var check protocol.\r
+ Implementation functions and structures for var check protocol\r
+ and variable lock protocol based on VarCheckLib.\r
\r
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
**/\r
\r
#include "Variable.h"\r
-#include <Library/DevicePathLib.h>\r
-\r
-extern LIST_ENTRY mLockedVariableList;\r
-extern BOOLEAN mEndOfDxe;\r
-extern BOOLEAN mEnableLocking;\r
-\r
-#define VAR_CHECK_HANDLER_TABLE_SIZE 0x8\r
-\r
-UINT32 mNumberOfHandler = 0;\r
-UINT32 mMaxNumberOfHandler = 0;\r
-VAR_CHECK_SET_VARIABLE_CHECK_HANDLER *mHandlerTable = NULL;\r
-\r
-typedef struct {\r
- LIST_ENTRY Link;\r
- EFI_GUID Guid;\r
- VAR_CHECK_VARIABLE_PROPERTY VariableProperty;\r
- //CHAR16 *Name;\r
-} VAR_CHECK_VARIABLE_ENTRY;\r
-\r
-LIST_ENTRY mVarCheckVariableList = INITIALIZE_LIST_HEAD_VARIABLE (mVarCheckVariableList);\r
-\r
-typedef\r
-EFI_STATUS\r
-(EFIAPI *INTERNAL_VAR_CHECK_FUNCTION) (\r
- IN VAR_CHECK_VARIABLE_PROPERTY *Propery,\r
- IN UINTN DataSize,\r
- IN VOID *Data\r
- );\r
-\r
-typedef struct {\r
- CHAR16 *Name;\r
- VAR_CHECK_VARIABLE_PROPERTY VariableProperty;\r
- INTERNAL_VAR_CHECK_FUNCTION CheckFunction;\r
-} UEFI_DEFINED_VARIABLE_ENTRY;\r
-\r
-/**\r
- Internal check for load option.\r
-\r
- @param[in] VariablePropery Pointer to variable property.\r
- @param[in] DataSize Data size.\r
- @param[in] Data Pointer to data buffer.\r
-\r
- @retval EFI_SUCCESS The SetVariable check result was success.\r
- @retval EFI_INVALID_PARAMETER The data buffer is not a valid load option.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-InternalVarCheckLoadOption (\r
- IN VAR_CHECK_VARIABLE_PROPERTY *VariablePropery,\r
- IN UINTN DataSize,\r
- IN VOID *Data\r
- )\r
-{\r
- UINT16 FilePathListLength;\r
- CHAR16 *Description;\r
- EFI_DEVICE_PATH_PROTOCOL *FilePathList;\r
-\r
- FilePathListLength = *((UINT16 *) ((UINTN) Data + sizeof (UINT32)));\r
-\r
- //\r
- // Check Description\r
- //\r
- Description = (CHAR16 *) ((UINTN) Data + sizeof (UINT32) + sizeof (UINT16));\r
- while (Description < (CHAR16 *) ((UINTN) Data + DataSize)) {\r
- if (*Description == L'\0') {\r
- break;\r
- }\r
- Description++;\r
- }\r
- if ((UINTN) Description >= ((UINTN) Data + DataSize)) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- Description++;\r
-\r
- //\r
- // Check FilePathList\r
- //\r
- FilePathList = (EFI_DEVICE_PATH_PROTOCOL *) Description;\r
- if ((UINTN) FilePathList > (MAX_ADDRESS - FilePathListLength)) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- if (((UINTN) FilePathList + FilePathListLength) > ((UINTN) Data + DataSize)) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- if (FilePathListLength < sizeof (EFI_DEVICE_PATH_PROTOCOL)) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- if (!IsDevicePathValid (FilePathList, FilePathListLength)) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- return EFI_SUCCESS;\r
-}\r
-\r
-/**\r
- Internal check for key option.\r
-\r
- @param[in] VariablePropery Pointer to variable property.\r
- @param[in] DataSize Data size.\r
- @param[in] Data Pointer to data buffer.\r
-\r
- @retval EFI_SUCCESS The SetVariable check result was success.\r
- @retval EFI_INVALID_PARAMETER The data buffer is not a valid key option.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-InternalVarCheckKeyOption (\r
- IN VAR_CHECK_VARIABLE_PROPERTY *VariablePropery,\r
- IN UINTN DataSize,\r
- IN VOID *Data\r
- )\r
-{\r
- if (((DataSize - sizeof (EFI_KEY_OPTION)) % sizeof (EFI_INPUT_KEY)) != 0) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- return EFI_SUCCESS;\r
-}\r
-\r
-/**\r
- Internal check for device path.\r
-\r
- @param[in] VariablePropery Pointer to variable property.\r
- @param[in] DataSize Data size.\r
- @param[in] Data Pointer to data buffer.\r
-\r
- @retval EFI_SUCCESS The SetVariable check result was success.\r
- @retval EFI_INVALID_PARAMETER The data buffer is not a valid device path.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-InternalVarCheckDevicePath (\r
- IN VAR_CHECK_VARIABLE_PROPERTY *VariablePropery,\r
- IN UINTN DataSize,\r
- IN VOID *Data\r
- )\r
-{\r
- if (!IsDevicePathValid ((EFI_DEVICE_PATH_PROTOCOL *) Data, DataSize)) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- return EFI_SUCCESS;\r
-}\r
\r
/**\r
- Internal check for ASCII string.\r
+ Mark a variable that will become read-only after leaving the DXE phase of execution.\r
+ Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTOCOL is allowed.\r
\r
- @param[in] VariablePropery Pointer to variable property.\r
- @param[in] DataSize Data size.\r
- @param[in] Data Pointer to data buffer.\r
-\r
- @retval EFI_SUCCESS The SetVariable check result was success.\r
- @retval EFI_INVALID_PARAMETER The data buffer is not a Null-terminated ASCII string.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-InternalVarCheckAsciiString (\r
- IN VAR_CHECK_VARIABLE_PROPERTY *VariablePropery,\r
- IN UINTN DataSize,\r
- IN VOID *Data\r
- )\r
-{\r
- CHAR8 *String;\r
- UINTN Index;\r
-\r
- String = (CHAR8 *) Data;\r
- if (String[DataSize - 1] == '\0') {\r
- return EFI_SUCCESS;\r
- } else {\r
- for (Index = 1; Index < DataSize && (String[DataSize - 1 - Index] != '\0'); Index++);\r
- if (Index == DataSize) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- }\r
- return EFI_SUCCESS;\r
-}\r
-\r
-/**\r
- Internal check for size array.\r
-\r
- @param[in] VariablePropery Pointer to variable property.\r
- @param[in] DataSize Data size.\r
- @param[in] Data Pointer to data buffer.\r
-\r
- @retval EFI_SUCCESS The SetVariable check result was success.\r
- @retval EFI_INVALID_PARAMETER The DataSize is not size array.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-InternalVarCheckSizeArray (\r
- IN VAR_CHECK_VARIABLE_PROPERTY *VariablePropery,\r
- IN UINTN DataSize,\r
- IN VOID *Data\r
- )\r
-{\r
- if ((DataSize % VariablePropery->MinSize) != 0) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- return EFI_SUCCESS;\r
-}\r
-\r
-//\r
-// To prevent name collisions with possible future globally defined variables,\r
-// other internal firmware data variables that are not defined here must be\r
-// saved with a unique VendorGuid other than EFI_GLOBAL_VARIABLE or\r
-// any other GUID defined by the UEFI Specification. Implementations must\r
-// only permit the creation of variables with a UEFI Specification-defined\r
-// VendorGuid when these variables are documented in the UEFI Specification.\r
-//\r
-UEFI_DEFINED_VARIABLE_ENTRY mGlobalVariableList[] = {\r
- {\r
- EFI_LANG_CODES_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- InternalVarCheckAsciiString\r
- },\r
- {\r
- EFI_LANG_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- InternalVarCheckAsciiString\r
- },\r
- {\r
- EFI_TIME_OUT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT16),\r
- sizeof (UINT16)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_PLATFORM_LANG_CODES_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- InternalVarCheckAsciiString\r
- },\r
- {\r
- EFI_PLATFORM_LANG_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- InternalVarCheckAsciiString\r
- },\r
- {\r
- EFI_CON_IN_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (EFI_DEVICE_PATH_PROTOCOL),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckDevicePath\r
- },\r
- {\r
- EFI_CON_OUT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (EFI_DEVICE_PATH_PROTOCOL),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckDevicePath\r
- },\r
- {\r
- EFI_ERR_OUT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (EFI_DEVICE_PATH_PROTOCOL),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckDevicePath\r
- },\r
- {\r
- EFI_CON_IN_DEV_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (EFI_DEVICE_PATH_PROTOCOL),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckDevicePath\r
- },\r
- {\r
- EFI_CON_OUT_DEV_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (EFI_DEVICE_PATH_PROTOCOL),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckDevicePath\r
- },\r
- {\r
- EFI_ERR_OUT_DEV_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (EFI_DEVICE_PATH_PROTOCOL),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckDevicePath\r
- },\r
- {\r
- EFI_BOOT_ORDER_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT16),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckSizeArray\r
- },\r
- {\r
- EFI_BOOT_NEXT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT16),\r
- sizeof (UINT16)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_BOOT_CURRENT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (UINT16),\r
- sizeof (UINT16)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_BOOT_OPTION_SUPPORT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (UINT32),\r
- sizeof (UINT32)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_DRIVER_ORDER_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT16),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckSizeArray\r
- },\r
- {\r
- EFI_SYS_PREP_ORDER_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT16),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckSizeArray\r
- },\r
- {\r
- EFI_HW_ERR_REC_SUPPORT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT16),\r
- sizeof (UINT16)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_SETUP_MODE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (UINT8),\r
- sizeof (UINT8)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_KEY_EXCHANGE_KEY_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT_AT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_PLATFORM_KEY_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT_AT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_SIGNATURE_SUPPORT_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (EFI_GUID),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckSizeArray\r
- },\r
- {\r
- EFI_SECURE_BOOT_MODE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (UINT8),\r
- sizeof (UINT8)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_KEK_DEFAULT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_PK_DEFAULT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_DB_DEFAULT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_DBX_DEFAULT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_DBT_DEFAULT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_OS_INDICATIONS_SUPPORT_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (UINT64),\r
- sizeof (UINT64)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_OS_INDICATIONS_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT64),\r
- sizeof (UINT64)\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_VENDOR_KEYS_VARIABLE_NAME,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY,\r
- VARIABLE_ATTRIBUTE_BS_RT,\r
- sizeof (UINT8),\r
- sizeof (UINT8)\r
- },\r
- NULL\r
- },\r
-};\r
-UEFI_DEFINED_VARIABLE_ENTRY mGlobalVariableList2[] = {\r
- {\r
- L"Boot####",\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT32) + sizeof (UINT16),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckLoadOption\r
- },\r
- {\r
- L"Driver####",\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT32) + sizeof (UINT16),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckLoadOption\r
- },\r
- {\r
- L"SysPrep####",\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (UINT32) + sizeof (UINT16),\r
- MAX_UINTN\r
- },\r
- InternalVarCheckLoadOption\r
- },\r
- {\r
- L"Key####",\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT,\r
- sizeof (EFI_KEY_OPTION),\r
- sizeof (EFI_KEY_OPTION) + 3 * sizeof (EFI_INPUT_KEY)\r
- },\r
- InternalVarCheckKeyOption\r
- },\r
-};\r
-\r
-//\r
-// EFI_IMAGE_SECURITY_DATABASE_GUID\r
-//\r
-UEFI_DEFINED_VARIABLE_ENTRY mImageSecurityVariableList[] = {\r
- {\r
- EFI_IMAGE_SECURITY_DATABASE,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT_AT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_IMAGE_SECURITY_DATABASE1,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT_AT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
- {\r
- EFI_IMAGE_SECURITY_DATABASE2,\r
- {\r
- VAR_CHECK_VARIABLE_PROPERTY_REVISION,\r
- 0,\r
- VARIABLE_ATTRIBUTE_NV_BS_RT_AT,\r
- 1,\r
- MAX_UINTN\r
- },\r
- NULL\r
- },\r
-};\r
-\r
-/**\r
- Get UEFI defined global variable or image security database variable property.\r
- The code will check if variable guid is global variable or image security database guid first.\r
- If yes, further check if variable name is in mGlobalVariableList, mGlobalVariableList2 or mImageSecurityVariableList.\r
-\r
- @param[in] VariableName Pointer to variable name.\r
- @param[in] VendorGuid Variable Vendor Guid.\r
- @param[in] WildcardMatch Try wildcard match or not.\r
- @param[out] VariableProperty Pointer to variable property.\r
- @param[out] VarCheckFunction Pointer to check function.\r
-\r
- @retval EFI_SUCCESS Variable is not global variable or image security database variable.\r
- @retval EFI_INVALID_PARAMETER Variable is global variable or image security database variable, but variable name is not in the lists.\r
-\r
-**/\r
-EFI_STATUS\r
-GetUefiDefinedVariableProperty (\r
- IN CHAR16 *VariableName,\r
- IN EFI_GUID *VendorGuid,\r
- IN BOOLEAN WildcardMatch,\r
- OUT VAR_CHECK_VARIABLE_PROPERTY **VariableProperty,\r
- OUT INTERNAL_VAR_CHECK_FUNCTION *VarCheckFunction OPTIONAL\r
- )\r
-{\r
- UINTN Index;\r
- UINTN NameLength;\r
-\r
- if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid)) {\r
- //\r
- // Try list 1, exactly match.\r
- //\r
- for (Index = 0; Index < sizeof (mGlobalVariableList)/sizeof (mGlobalVariableList[0]); Index++) {\r
- if (StrCmp (mGlobalVariableList[Index].Name, VariableName) == 0) {\r
- if (VarCheckFunction != NULL) {\r
- *VarCheckFunction = mGlobalVariableList[Index].CheckFunction;\r
- }\r
- *VariableProperty = &mGlobalVariableList[Index].VariableProperty;\r
- return EFI_SUCCESS;\r
- }\r
- }\r
-\r
- //\r
- // Try list 2.\r
- //\r
- NameLength = StrLen (VariableName) - 4;\r
- for (Index = 0; Index < sizeof (mGlobalVariableList2)/sizeof (mGlobalVariableList2[0]); Index++) {\r
- if (WildcardMatch) {\r
- if ((StrLen (VariableName) == StrLen (mGlobalVariableList2[Index].Name)) &&\r
- (StrnCmp (mGlobalVariableList2[Index].Name, VariableName, NameLength) == 0) &&\r
- IsHexaDecimalDigitCharacter (VariableName[NameLength]) &&\r
- IsHexaDecimalDigitCharacter (VariableName[NameLength + 1]) &&\r
- IsHexaDecimalDigitCharacter (VariableName[NameLength + 2]) &&\r
- IsHexaDecimalDigitCharacter (VariableName[NameLength + 3])) {\r
- if (VarCheckFunction != NULL) {\r
- *VarCheckFunction = mGlobalVariableList2[Index].CheckFunction;\r
- }\r
- *VariableProperty = &mGlobalVariableList2[Index].VariableProperty;\r
- return EFI_SUCCESS;\r
- }\r
- }\r
- if (StrCmp (mGlobalVariableList2[Index].Name, VariableName) == 0) {\r
- if (VarCheckFunction != NULL) {\r
- *VarCheckFunction = mGlobalVariableList2[Index].CheckFunction;\r
- }\r
- *VariableProperty = &mGlobalVariableList2[Index].VariableProperty;\r
- return EFI_SUCCESS;\r
- }\r
- }\r
-\r
- //\r
- // The variable name is not in the lists.\r
- //\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- if (CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid)) {\r
- for (Index = 0; Index < sizeof (mImageSecurityVariableList)/sizeof (mImageSecurityVariableList[0]); Index++) {\r
- if (StrCmp (mImageSecurityVariableList[Index].Name, VariableName) == 0) {\r
- if (VarCheckFunction != NULL) {\r
- *VarCheckFunction = mImageSecurityVariableList[Index].CheckFunction;\r
- }\r
- *VariableProperty = &mImageSecurityVariableList[Index].VariableProperty;\r
- return EFI_SUCCESS;\r
- }\r
- }\r
-\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- //\r
- // It is not global variable, image security database variable.\r
- //\r
- return EFI_SUCCESS;\r
-}\r
-\r
-/**\r
- Internal SetVariable check.\r
-\r
- @param[in] VariableName Name of Variable to set.\r
- @param[in] VendorGuid Variable vendor GUID.\r
- @param[in] Attributes Attribute value of the variable.\r
- @param[in] DataSize Size of Data to set.\r
- @param[in] Data Data pointer.\r
-\r
- @retval EFI_SUCCESS The SetVariable check result was success.\r
- @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits, name, and GUID was supplied,\r
- or the DataSize exceeds the minimum or maximum allowed,\r
- or the Data value is not following UEFI spec for UEFI defined variables.\r
- @retval EFI_WRITE_PROTECTED The variable in question is read-only.\r
- @retval Others The return status from check handler.\r
+ @param[in] This The VARIABLE_LOCK_PROTOCOL instance.\r
+ @param[in] VariableName A pointer to the variable name that will be made read-only subsequently.\r
+ @param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently.\r
\r
+ @retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked\r
+ as pending to be read-only.\r
+ @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.\r
+ Or VariableName is an empty string.\r
+ @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has\r
+ already been signaled.\r
+ @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request.\r
**/\r
EFI_STATUS\r
EFIAPI\r
-InternalVarCheckSetVariableCheck (\r
- IN CHAR16 *VariableName,\r
- IN EFI_GUID *VendorGuid,\r
- IN UINT32 Attributes,\r
- IN UINTN DataSize,\r
- IN VOID *Data\r
+VariableLockRequestToLock (\r
+ IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid\r
)\r
{\r
EFI_STATUS Status;\r
- UINTN Index;\r
- LIST_ENTRY *Link;\r
- VAR_CHECK_VARIABLE_ENTRY *Entry;\r
- CHAR16 *Name;\r
- VAR_CHECK_VARIABLE_PROPERTY *Property;\r
- INTERNAL_VAR_CHECK_FUNCTION VarCheckFunction;\r
-\r
- if (!mEndOfDxe) {\r
- //\r
- // Only do check after End Of Dxe.\r
- //\r
- return EFI_SUCCESS;\r
- }\r
+ VAR_CHECK_VARIABLE_PROPERTY Property;\r
\r
- Property = NULL;\r
- VarCheckFunction = NULL;\r
-\r
- for ( Link = GetFirstNode (&mVarCheckVariableList)\r
- ; !IsNull (&mVarCheckVariableList, Link)\r
- ; Link = GetNextNode (&mVarCheckVariableList, Link)\r
- ) {\r
- Entry = BASE_CR (Link, VAR_CHECK_VARIABLE_ENTRY, Link);\r
- Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
- if (CompareGuid (&Entry->Guid, VendorGuid) && (StrCmp (Name, VariableName) == 0)) {\r
- Property = &Entry->VariableProperty;\r
- break;\r
- }\r
- }\r
- if (Property == NULL) {\r
- Status = GetUefiDefinedVariableProperty (VariableName, VendorGuid, TRUE, &Property, &VarCheckFunction);\r
- if (EFI_ERROR (Status)) {\r
- //\r
- // To prevent name collisions with possible future globally defined variables,\r
- // other internal firmware data variables that are not defined here must be\r
- // saved with a unique VendorGuid other than EFI_GLOBAL_VARIABLE or\r
- // any other GUID defined by the UEFI Specification. Implementations must\r
- // only permit the creation of variables with a UEFI Specification-defined\r
- // VendorGuid when these variables are documented in the UEFI Specification.\r
- //\r
- DEBUG ((EFI_D_INFO, "Variable Check UEFI defined variable fail %r - %s not in %g namespace\n", Status, VariableName, VendorGuid));\r
- return Status;\r
- }\r
- }\r
- if (Property != NULL) {\r
- if (mEnableLocking && ((Property->Property & VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY) != 0)) {\r
- DEBUG ((EFI_D_INFO, "Variable Check ReadOnly variable fail %r - %g:%s\n", EFI_WRITE_PROTECTED, VendorGuid, VariableName));\r
- return EFI_WRITE_PROTECTED;\r
- }\r
- if (!((((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0) && (DataSize == 0)) || (Attributes == 0))) {\r
- //\r
- // Not to delete variable.\r
- //\r
- if ((Property->Attributes != 0) && ((Attributes & (~EFI_VARIABLE_APPEND_WRITE)) != Property->Attributes)) {\r
- DEBUG ((EFI_D_INFO, "Variable Check Attributes(0x%08x to 0x%08x) fail %r - %g:%s\n", Property->Attributes, Attributes, EFI_INVALID_PARAMETER, VendorGuid, VariableName));\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- if (DataSize != 0) {\r
- if ((DataSize < Property->MinSize) || (DataSize > Property->MaxSize)) {\r
- DEBUG ((EFI_D_INFO, "Variable Check DataSize fail(0x%x not in 0x%x - 0x%x) %r - %g:%s\n", DataSize, Property->MinSize, Property->MaxSize, EFI_INVALID_PARAMETER, VendorGuid, VariableName));\r
- return EFI_INVALID_PARAMETER;\r
- }\r
- if (VarCheckFunction != NULL) {\r
- Status = VarCheckFunction (\r
- Property,\r
- DataSize,\r
- Data\r
- );\r
- if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_INFO, "Internal Variable Check function fail %r - %g:%s\n", Status, VendorGuid, VariableName));\r
- return Status;\r
- }\r
- }\r
- }\r
- }\r
- }\r
+ AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
\r
- for (Index = 0; Index < mNumberOfHandler; Index++) {\r
- Status = mHandlerTable[Index] (\r
- VariableName,\r
- VendorGuid,\r
- Attributes,\r
- DataSize,\r
- Data\r
- );\r
- if (EFI_ERROR (Status)) {\r
- DEBUG ((EFI_D_INFO, "Variable Check handler fail %r - %g:%s\n", Status, VendorGuid, VariableName));\r
- return Status;\r
- }\r
+ Status = VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Property);\r
+ if (!EFI_ERROR (Status)) {\r
+ Property.Property |= VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;\r
+ } else {\r
+ Property.Revision = VAR_CHECK_VARIABLE_PROPERTY_REVISION;\r
+ Property.Property = VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;\r
+ Property.Attributes = 0;\r
+ Property.MinSize = 1;\r
+ Property.MaxSize = MAX_UINTN;\r
}\r
- return EFI_SUCCESS;\r
-}\r
-\r
-/**\r
- Reallocates more global memory to store the registered handler list.\r
-\r
- @retval RETURN_SUCCESS Reallocate memory successfully.\r
- @retval RETURN_OUT_OF_RESOURCES No enough memory to allocate.\r
+ Status = VarCheckLibVariablePropertySet (VariableName, VendorGuid, &Property);\r
\r
-**/\r
-RETURN_STATUS\r
-EFIAPI\r
-ReallocateHandlerTable (\r
- VOID\r
- )\r
-{\r
- VAR_CHECK_SET_VARIABLE_CHECK_HANDLER *HandlerTable;\r
+ DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s %r\n", VendorGuid, VariableName, Status));\r
\r
- //\r
- // Reallocate memory for check handler table.\r
- //\r
- HandlerTable = ReallocateRuntimePool (\r
- mMaxNumberOfHandler * sizeof (VAR_CHECK_SET_VARIABLE_CHECK_HANDLER),\r
- (mMaxNumberOfHandler + VAR_CHECK_HANDLER_TABLE_SIZE) * sizeof (VAR_CHECK_SET_VARIABLE_CHECK_HANDLER),\r
- mHandlerTable\r
- );\r
-\r
- //\r
- // No enough resource to allocate.\r
- //\r
- if (HandlerTable == NULL) {\r
- return RETURN_OUT_OF_RESOURCES;\r
- }\r
+ ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
\r
- mHandlerTable = HandlerTable;\r
- //\r
- // Increase max handler number.\r
- //\r
- mMaxNumberOfHandler = mMaxNumberOfHandler + VAR_CHECK_HANDLER_TABLE_SIZE;\r
- return RETURN_SUCCESS;\r
+ return Status;\r
}\r
\r
/**\r
{\r
EFI_STATUS Status;\r
\r
- if (Handler == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- if (mEndOfDxe) {\r
- return EFI_ACCESS_DENIED;\r
- }\r
-\r
- DEBUG ((EFI_D_INFO, "RegisterSetVariableCheckHandler - 0x%x\n", Handler));\r
-\r
- Status = EFI_SUCCESS;\r
-\r
AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
-\r
- //\r
- // Check whether the handler list is enough to store new handler.\r
- //\r
- if (mNumberOfHandler == mMaxNumberOfHandler) {\r
- //\r
- // Allocate more resources for new handler.\r
- //\r
- Status = ReallocateHandlerTable();\r
- if (EFI_ERROR (Status)) {\r
- goto Done;\r
- }\r
- }\r
-\r
- //\r
- // Register new handler into the handler list.\r
- //\r
- mHandlerTable[mNumberOfHandler] = Handler;\r
- mNumberOfHandler++;\r
-\r
-Done:\r
+ Status = VarCheckLibRegisterSetVariableCheckHandler (Handler);\r
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
\r
return Status;\r
}\r
\r
-/**\r
- Variable property get function.\r
-\r
- @param[in] Name Pointer to the variable name.\r
- @param[in] Guid Pointer to the vendor GUID.\r
- @param[in] WildcardMatch Try wildcard match or not.\r
-\r
- @return Pointer to the property of variable specified by the Name and Guid.\r
-\r
-**/\r
-VAR_CHECK_VARIABLE_PROPERTY *\r
-VariablePropertyGetFunction (\r
- IN CHAR16 *Name,\r
- IN EFI_GUID *Guid,\r
- IN BOOLEAN WildcardMatch\r
- )\r
-{\r
- LIST_ENTRY *Link;\r
- VAR_CHECK_VARIABLE_ENTRY *Entry;\r
- CHAR16 *VariableName;\r
- VAR_CHECK_VARIABLE_PROPERTY *Property;\r
-\r
- Property = NULL;\r
-\r
- for ( Link = GetFirstNode (&mVarCheckVariableList)\r
- ; !IsNull (&mVarCheckVariableList, Link)\r
- ; Link = GetNextNode (&mVarCheckVariableList, Link)\r
- ) {\r
- Entry = BASE_CR (Link, VAR_CHECK_VARIABLE_ENTRY, Link);\r
- VariableName = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
- if (CompareGuid (&Entry->Guid, Guid) && (StrCmp (VariableName, Name) == 0)) {\r
- return &Entry->VariableProperty;\r
- }\r
- }\r
-\r
- GetUefiDefinedVariableProperty (Name, Guid, WildcardMatch, &Property, NULL);\r
-\r
- return Property;\r
-}\r
-\r
-/**\r
- Internal variable property set.\r
-\r
- @param[in] Name Pointer to the variable name.\r
- @param[in] Guid Pointer to the vendor GUID.\r
- @param[in] VariableProperty Pointer to the input variable property.\r
-\r
- @retval EFI_SUCCESS The property of variable specified by the Name and Guid was set successfully.\r
- @retval EFI_OUT_OF_RESOURCES There is not enough resource for the variable property set request.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-InternalVarCheckVariablePropertySet (\r
- IN CHAR16 *Name,\r
- IN EFI_GUID *Guid,\r
- IN VAR_CHECK_VARIABLE_PROPERTY *VariableProperty\r
- )\r
-{\r
- EFI_STATUS Status;\r
- VAR_CHECK_VARIABLE_ENTRY *Entry;\r
- CHAR16 *VariableName;\r
- VAR_CHECK_VARIABLE_PROPERTY *Property;\r
-\r
- Status = EFI_SUCCESS;\r
-\r
- Property = VariablePropertyGetFunction (Name, Guid, FALSE);\r
- if (Property != NULL) {\r
- CopyMem (Property, VariableProperty, sizeof (*VariableProperty));\r
- } else {\r
- Entry = AllocateRuntimeZeroPool (sizeof (*Entry) + StrSize (Name));\r
- if (Entry == NULL) {\r
- Status = EFI_OUT_OF_RESOURCES;\r
- goto Done;\r
- }\r
- VariableName = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
- StrCpyS (VariableName, StrSize(Name)/sizeof(CHAR16), Name);\r
- CopyGuid (&Entry->Guid, Guid);\r
- CopyMem (&Entry->VariableProperty, VariableProperty, sizeof (*VariableProperty));\r
- InsertTailList (&mVarCheckVariableList, &Entry->Link);\r
- }\r
-\r
-Done:\r
- return Status;\r
-}\r
-\r
/**\r
Variable property set.\r
\r
IN VAR_CHECK_VARIABLE_PROPERTY *VariableProperty\r
)\r
{\r
- EFI_STATUS Status;\r
-\r
- if (Name == NULL || Name[0] == 0 || Guid == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- if (VariableProperty == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- if (VariableProperty->Revision != VAR_CHECK_VARIABLE_PROPERTY_REVISION) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- if (mEndOfDxe) {\r
- return EFI_ACCESS_DENIED;\r
- }\r
+ EFI_STATUS Status;\r
\r
AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
-\r
- Status = InternalVarCheckVariablePropertySet (Name, Guid, VariableProperty);\r
-\r
+ Status = VarCheckLibVariablePropertySet (Name, Guid, VariableProperty);\r
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
\r
return Status;\r
}\r
\r
-/**\r
- Internal variable property get.\r
-\r
- @param[in] Name Pointer to the variable name.\r
- @param[in] Guid Pointer to the vendor GUID.\r
- @param[out] VariableProperty Pointer to the output variable property.\r
-\r
- @retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully.\r
- @retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-InternalVarCheckVariablePropertyGet (\r
- IN CHAR16 *Name,\r
- IN EFI_GUID *Guid,\r
- OUT VAR_CHECK_VARIABLE_PROPERTY *VariableProperty\r
- )\r
-{\r
- LIST_ENTRY *Link;\r
- VARIABLE_ENTRY *Entry;\r
- CHAR16 *VariableName;\r
- BOOLEAN Found;\r
- VAR_CHECK_VARIABLE_PROPERTY *Property;\r
-\r
- Found = FALSE;\r
-\r
- Property = VariablePropertyGetFunction (Name, Guid, TRUE);\r
- if (Property != NULL) {\r
- CopyMem (VariableProperty, Property, sizeof (*VariableProperty));\r
- Found = TRUE;\r
- }\r
-\r
- for ( Link = GetFirstNode (&mLockedVariableList)\r
- ; !IsNull (&mLockedVariableList, Link)\r
- ; Link = GetNextNode (&mLockedVariableList, Link)\r
- ) {\r
- Entry = BASE_CR (Link, VARIABLE_ENTRY, Link);\r
- VariableName = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
- if (CompareGuid (&Entry->Guid, Guid) && (StrCmp (VariableName, Name) == 0)) {\r
- VariableProperty->Property |= VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;\r
- if (!Found) {\r
- VariableProperty->Revision = VAR_CHECK_VARIABLE_PROPERTY_REVISION;\r
- Found = TRUE;\r
- }\r
- }\r
- }\r
-\r
- return (Found ? EFI_SUCCESS : EFI_NOT_FOUND);\r
-}\r
-\r
/**\r
Variable property get.\r
\r
{\r
EFI_STATUS Status;\r
\r
- if (Name == NULL || Name[0] == 0 || Guid == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- if (VariableProperty == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
-\r
- Status = InternalVarCheckVariablePropertyGet (Name, Guid, VariableProperty);\r
-\r
+ Status = VarCheckLibVariablePropertyGet (Name, Guid, VariableProperty);\r
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
\r
return Status;\r
///\r
VARIABLE_INFO_ENTRY *gVariableInfo = NULL;\r
\r
-///\r
-/// The list to store the variables which cannot be set after the EFI_END_OF_DXE_EVENT_GROUP_GUID\r
-/// or EVT_GROUP_READY_TO_BOOT event.\r
-///\r
-LIST_ENTRY mLockedVariableList = INITIALIZE_LIST_HEAD_VARIABLE (mLockedVariableList);\r
-\r
///\r
/// The flag to indicate whether the platform has left the DXE phase of execution.\r
///\r
BOOLEAN mEndOfDxe = FALSE;\r
\r
///\r
-/// The flag to indicate whether the variable storage locking is enabled.\r
+/// It indicates the var check request source.\r
+/// In the implementation, DXE is regarded as untrusted, and SMM is trusted.\r
///\r
-BOOLEAN mEnableLocking = TRUE;\r
+VAR_CHECK_REQUEST_SOURCE mRequestSource = VarCheckFromUntrusted;\r
\r
//\r
// It will record the current boot error flag before EndOfDxe.\r
},\r
};\r
\r
-AUTH_VAR_LIB_CONTEXT_IN mContextIn = {\r
+AUTH_VAR_LIB_CONTEXT_IN mAuthContextIn = {\r
AUTH_VAR_LIB_CONTEXT_IN_STRUCT_VERSION,\r
//\r
// StructSize, TO BE FILLED\r
VariableExLibAtRuntime,\r
};\r
\r
-AUTH_VAR_LIB_CONTEXT_OUT mContextOut;\r
+AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut;\r
\r
/**\r
\r
// then no need to check if the variable is user variable or not specially.\r
//\r
if (mEndOfDxe && (mVariableModuleGlobal->CommonMaxUserVariableSpace != mVariableModuleGlobal->CommonVariableSpace)) {\r
- if (InternalVarCheckVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {\r
+ if (VarCheckLibVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {\r
return TRUE;\r
}\r
}\r
NextVariable = GetNextVariablePtr (Variable);\r
VariableSize = (UINTN) NextVariable - (UINTN) Variable;\r
if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
- if (InternalVarCheckVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {\r
+ if (VarCheckLibVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {\r
//\r
// No property, it is user variable.\r
//\r
VOID\r
)\r
{\r
- STATIC BOOLEAN Initialized;\r
-\r
- if (!mEndOfDxe || Initialized) {\r
+ if (!mEndOfDxe) {\r
return;\r
}\r
- Initialized = TRUE;\r
\r
InitializeVarErrorFlag ();\r
CalculateCommonUserVariableTotalSize ();\r
return Status;\r
}\r
\r
-/**\r
- Check if a Unicode character is a hexadecimal character.\r
-\r
- This function checks if a Unicode character is a\r
- hexadecimal character. The valid hexadecimal character is\r
- L'0' to L'9', L'a' to L'f', or L'A' to L'F'.\r
-\r
-\r
- @param Char The character to check against.\r
-\r
- @retval TRUE If the Char is a hexadecmial character.\r
- @retval FALSE If the Char is not a hexadecmial character.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-IsHexaDecimalDigitCharacter (\r
- IN CHAR16 Char\r
- )\r
-{\r
- return (BOOLEAN) ((Char >= L'0' && Char <= L'9') || (Char >= L'A' && Char <= L'F') || (Char >= L'a' && Char <= L'f'));\r
-}\r
-\r
-/**\r
-\r
- This code checks if variable is hardware error record variable or not.\r
-\r
- According to UEFI spec, hardware error record variable should use the EFI_HARDWARE_ERROR_VARIABLE VendorGuid\r
- and have the L"HwErrRec####" name convention, #### is a printed hex value and no 0x or h is included in the hex value.\r
-\r
- @param VariableName Pointer to variable name.\r
- @param VendorGuid Variable Vendor Guid.\r
-\r
- @retval TRUE Variable is hardware error record variable.\r
- @retval FALSE Variable is not hardware error record variable.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-IsHwErrRecVariable (\r
- IN CHAR16 *VariableName,\r
- IN EFI_GUID *VendorGuid\r
- )\r
-{\r
- if (!CompareGuid (VendorGuid, &gEfiHardwareErrorVariableGuid) ||\r
- (StrLen (VariableName) != StrLen (L"HwErrRec####")) ||\r
- (StrnCmp(VariableName, L"HwErrRec", StrLen (L"HwErrRec")) != 0) ||\r
- !IsHexaDecimalDigitCharacter (VariableName[0x8]) ||\r
- !IsHexaDecimalDigitCharacter (VariableName[0x9]) ||\r
- !IsHexaDecimalDigitCharacter (VariableName[0xA]) ||\r
- !IsHexaDecimalDigitCharacter (VariableName[0xB])) {\r
- return FALSE;\r
- }\r
-\r
- return TRUE;\r
-}\r
-\r
-/**\r
- Mark a variable that will become read-only after leaving the DXE phase of execution.\r
-\r
-\r
- @param[in] This The VARIABLE_LOCK_PROTOCOL instance.\r
- @param[in] VariableName A pointer to the variable name that will be made read-only subsequently.\r
- @param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently.\r
-\r
- @retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked\r
- as pending to be read-only.\r
- @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.\r
- Or VariableName is an empty string.\r
- @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has\r
- already been signaled.\r
- @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request.\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-VariableLockRequestToLock (\r
- IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,\r
- IN CHAR16 *VariableName,\r
- IN EFI_GUID *VendorGuid\r
- )\r
-{\r
- VARIABLE_ENTRY *Entry;\r
- CHAR16 *Name;\r
- LIST_ENTRY *Link;\r
- VARIABLE_ENTRY *LockedEntry;\r
-\r
- if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
-\r
- if (mEndOfDxe) {\r
- return EFI_ACCESS_DENIED;\r
- }\r
-\r
- Entry = AllocateRuntimeZeroPool (sizeof (*Entry) + StrSize (VariableName));\r
- if (Entry == NULL) {\r
- return EFI_OUT_OF_RESOURCES;\r
- }\r
-\r
- DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s\n", VendorGuid, VariableName));\r
-\r
- AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
-\r
- for ( Link = GetFirstNode (&mLockedVariableList)\r
- ; !IsNull (&mLockedVariableList, Link)\r
- ; Link = GetNextNode (&mLockedVariableList, Link)\r
- ) {\r
- LockedEntry = BASE_CR (Link, VARIABLE_ENTRY, Link);\r
- Name = (CHAR16 *) ((UINTN) LockedEntry + sizeof (*LockedEntry));\r
- if (CompareGuid (&LockedEntry->Guid, VendorGuid) && (StrCmp (Name, VariableName) == 0)) {\r
- goto Done;\r
- }\r
- }\r
-\r
- Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
- StrCpyS (Name, StrSize (VariableName)/sizeof(CHAR16), VariableName);\r
- CopyGuid (&Entry->Guid, VendorGuid);\r
- InsertTailList (&mLockedVariableList, &Entry->Link);\r
-\r
-Done:\r
- ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
-\r
- return EFI_SUCCESS;\r
-}\r
-\r
/**\r
\r
This code finds variable in storage blocks (Volatile or Non-Volatile).\r
VARIABLE_HEADER *NextVariable;\r
EFI_PHYSICAL_ADDRESS Point;\r
UINTN PayloadSize;\r
- LIST_ENTRY *Link;\r
- VARIABLE_ENTRY *Entry;\r
- CHAR16 *Name;\r
\r
//\r
// Check input parameters.\r
if (StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxHardwareErrorVariableSize) - GetVariableHeaderSize ()) {\r
return EFI_INVALID_PARAMETER;\r
}\r
- if (!IsHwErrRecVariable(VariableName, VendorGuid)) {\r
- return EFI_INVALID_PARAMETER;\r
- }\r
} else {\r
//\r
// The size of the VariableName, including the Unicode Null in bytes plus\r
}\r
}\r
\r
- Status = InternalVarCheckSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));\r
+ Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) Point;\r
}\r
\r
- if (mEndOfDxe && mEnableLocking) {\r
- //\r
- // Treat the variables listed in the forbidden variable list as read-only after leaving DXE phase.\r
- //\r
- for ( Link = GetFirstNode (&mLockedVariableList)\r
- ; !IsNull (&mLockedVariableList, Link)\r
- ; Link = GetNextNode (&mLockedVariableList, Link)\r
- ) {\r
- Entry = BASE_CR (Link, VARIABLE_ENTRY, Link);\r
- Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
- if (CompareGuid (&Entry->Guid, VendorGuid) && (StrCmp (Name, VariableName) == 0)) {\r
- Status = EFI_WRITE_PROTECTED;\r
- DEBUG ((EFI_D_INFO, "[Variable]: Changing readonly variable after leaving DXE phase - %g:%s\n", VendorGuid, VariableName));\r
- goto Done;\r
- }\r
- }\r
- }\r
-\r
//\r
// Check whether the input variable is already existed.\r
//\r
FlushHobVariableToFlash (NULL, NULL);\r
\r
Status = EFI_SUCCESS;\r
- ZeroMem (&mContextOut, sizeof (mContextOut));\r
+ ZeroMem (&mAuthContextOut, sizeof (mAuthContextOut));\r
if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {\r
//\r
// Authenticated variable initialize.\r
//\r
- mContextIn.StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_IN);\r
- mContextIn.MaxAuthVariableSize = mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ();\r
- Status = AuthVariableLibInitialize (&mContextIn, &mContextOut);\r
+ mAuthContextIn.StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_IN);\r
+ mAuthContextIn.MaxAuthVariableSize = mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ();\r
+ Status = AuthVariableLibInitialize (&mAuthContextIn, &mAuthContextOut);\r
if (!EFI_ERROR (Status)) {\r
DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable support!\n"));\r
mVariableModuleGlobal->VariableGlobal.AuthSupport = TRUE;\r
- if (mContextOut.AuthVarEntry != NULL) {\r
- for (Index = 0; Index < mContextOut.AuthVarEntryCount; Index++) {\r
- VariableEntry = &mContextOut.AuthVarEntry[Index];\r
- Status = InternalVarCheckVariablePropertySet (\r
+ if (mAuthContextOut.AuthVarEntry != NULL) {\r
+ for (Index = 0; Index < mAuthContextOut.AuthVarEntryCount; Index++) {\r
+ VariableEntry = &mAuthContextOut.AuthVarEntry[Index];\r
+ Status = VarCheckLibVariablePropertySet (\r
VariableEntry->Name,\r
VariableEntry->Guid,\r
&VariableEntry->VariableProperty\r
if (!EFI_ERROR (Status)) {\r
for (Index = 0; Index < sizeof (mVariableEntryProperty) / sizeof (mVariableEntryProperty[0]); Index++) {\r
VariableEntry = &mVariableEntryProperty[Index];\r
- Status = InternalVarCheckVariablePropertySet (VariableEntry->Name, VariableEntry->Guid, &VariableEntry->VariableProperty);\r
+ Status = VarCheckLibVariablePropertySet (VariableEntry->Name, VariableEntry->Guid, &VariableEntry->VariableProperty);\r
ASSERT_EFI_ERROR (Status);\r
}\r
}\r
projects / mirror_edk2.git / commitdiff