1 /** @file
2 Implementation functions and structures for var check protocol
3 and variable lock protocol based on VarCheckLib.
4
5 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
7
8 **/
9
10 #include "Variable.h"
11
12 /**
13 Mark a variable that will become read-only after leaving the DXE phase of execution.
14 Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTOCOL is allowed.
15
16 @param[in] This The VARIABLE_LOCK_PROTOCOL instance.
17 @param[in] VariableName A pointer to the variable name that will be made read-only subsequently.
18 @param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently.
19
20 @retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked
21 as pending to be read-only.
22 @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
23 Or VariableName is an empty string.
24 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
25 already been signaled.
26 @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request.
27 **/
28 EFI_STATUS
29 EFIAPI
VariableLockRequestToLock(IN CONST EDKII_VARIABLE_LOCK_PROTOCOL * This,IN CHAR16 * VariableName,IN EFI_GUID * VendorGuid)30 VariableLockRequestToLock (
31 IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,
32 IN CHAR16 *VariableName,
33 IN EFI_GUID *VendorGuid
34 )
35 {
36 EFI_STATUS Status;
37 VAR_CHECK_VARIABLE_PROPERTY Property;
38
39 AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
40
41 Status = VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Property);
42 if (!EFI_ERROR (Status)) {
43 Property.Property |= VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
44 } else {
45 Property.Revision = VAR_CHECK_VARIABLE_PROPERTY_REVISION;
46 Property.Property = VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
47 Property.Attributes = 0;
48 Property.MinSize = 1;
49 Property.MaxSize = MAX_UINTN;
50 }
51 Status = VarCheckLibVariablePropertySet (VariableName, VendorGuid, &Property);
52
53 DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s %r\n", VendorGuid, VariableName, Status));
54
55 ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
56
57 return Status;
58 }
59
60 /**
61 Register SetVariable check handler.
62
63 @param[in] Handler Pointer to check handler.
64
65 @retval EFI_SUCCESS The SetVariable check handler was registered successfully.
66 @retval EFI_INVALID_PARAMETER Handler is NULL.
67 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
68 already been signaled.
69 @retval EFI_OUT_OF_RESOURCES There is not enough resource for the SetVariable check handler register request.
70 @retval EFI_UNSUPPORTED This interface is not implemented.
71 For example, it is unsupported in VarCheck protocol if both VarCheck and SmmVarCheck protocols are present.
72
73 **/
74 EFI_STATUS
75 EFIAPI
VarCheckRegisterSetVariableCheckHandler(IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER Handler)76 VarCheckRegisterSetVariableCheckHandler (
77 IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER Handler
78 )
79 {
80 EFI_STATUS Status;
81
82 AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
83 Status = VarCheckLibRegisterSetVariableCheckHandler (Handler);
84 ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
85
86 return Status;
87 }
88
89 /**
90 Variable property set.
91
92 @param[in] Name Pointer to the variable name.
93 @param[in] Guid Pointer to the vendor GUID.
94 @param[in] VariableProperty Pointer to the input variable property.
95
96 @retval EFI_SUCCESS The property of variable specified by the Name and Guid was set successfully.
97 @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string,
98 or the fields of VariableProperty are not valid.
99 @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
100 already been signaled.
101 @retval EFI_OUT_OF_RESOURCES There is not enough resource for the variable property set request.
102
103 **/
104 EFI_STATUS
105 EFIAPI
VarCheckVariablePropertySet(IN CHAR16 * Name,IN EFI_GUID * Guid,IN VAR_CHECK_VARIABLE_PROPERTY * VariableProperty)106 VarCheckVariablePropertySet (
107 IN CHAR16 *Name,
108 IN EFI_GUID *Guid,
109 IN VAR_CHECK_VARIABLE_PROPERTY *VariableProperty
110 )
111 {
112 EFI_STATUS Status;
113
114 AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
115 Status = VarCheckLibVariablePropertySet (Name, Guid, VariableProperty);
116 ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
117
118 return Status;
119 }
120
121 /**
122 Variable property get.
123
124 @param[in] Name Pointer to the variable name.
125 @param[in] Guid Pointer to the vendor GUID.
126 @param[out] VariableProperty Pointer to the output variable property.
127
128 @retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully.
129 @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string.
130 @retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found.
131
132 **/
133 EFI_STATUS
134 EFIAPI
VarCheckVariablePropertyGet(IN CHAR16 * Name,IN EFI_GUID * Guid,OUT VAR_CHECK_VARIABLE_PROPERTY * VariableProperty)135 VarCheckVariablePropertyGet (
136 IN CHAR16 *Name,
137 IN EFI_GUID *Guid,
138 OUT VAR_CHECK_VARIABLE_PROPERTY *VariableProperty
139 )
140 {
141 EFI_STATUS Status;
142
143 AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
144 Status = VarCheckLibVariablePropertyGet (Name, Guid, VariableProperty);
145 ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
146
147 return Status;
148 }
149
150