1 /* SPDX-License-Identifier: GPL-2.0+ */ 2 /* 3 * Copyright (c) 2020, Heinrich Schuchardt <xypron.glpk@gmx.de> 4 */ 5 6 #ifndef _EFI_VARIABLE_H 7 #define _EFI_VARIABLE_H 8 9 #include <linux/bitops.h> 10 11 #define EFI_VARIABLE_READ_ONLY BIT(31) 12 13 enum efi_auth_var_type { 14 EFI_AUTH_VAR_NONE = 0, 15 EFI_AUTH_VAR_PK, 16 EFI_AUTH_VAR_KEK, 17 EFI_AUTH_VAR_DB, 18 EFI_AUTH_VAR_DBX, 19 EFI_AUTH_VAR_DBT, 20 EFI_AUTH_VAR_DBR, 21 }; 22 23 /** 24 * efi_get_variable() - retrieve value of a UEFI variable 25 * 26 * @variable_name: name of the variable 27 * @vendor: vendor GUID 28 * @attributes: attributes of the variable 29 * @data_size: size of the buffer to which the variable value is copied 30 * @data: buffer to which the variable value is copied 31 * @timep: authentication time (seconds since start of epoch) 32 * Return: status code 33 */ 34 efi_status_t efi_get_variable_int(u16 *variable_name, const efi_guid_t *vendor, 35 u32 *attributes, efi_uintn_t *data_size, 36 void *data, u64 *timep); 37 38 /** 39 * efi_set_variable() - set value of a UEFI variable 40 * 41 * @variable_name: name of the variable 42 * @vendor: vendor GUID 43 * @attributes: attributes of the variable 44 * @data_size: size of the buffer with the variable value 45 * @data: buffer with the variable value 46 * @ro_check: check the read only read only bit in attributes 47 * Return: status code 48 */ 49 efi_status_t efi_set_variable_int(u16 *variable_name, const efi_guid_t *vendor, 50 u32 attributes, efi_uintn_t data_size, 51 const void *data, bool ro_check); 52 53 /** 54 * efi_get_next_variable_name_int() - enumerate the current variable names 55 * 56 * @variable_name_size: size of variable_name buffer in byte 57 * @variable_name: name of uefi variable's name in u16 58 * @vendor: vendor's guid 59 * 60 * See the Unified Extensible Firmware Interface (UEFI) specification for 61 * details. 62 * 63 * Return: status code 64 */ 65 efi_status_t efi_get_next_variable_name_int(efi_uintn_t *variable_name_size, 66 u16 *variable_name, 67 efi_guid_t *vendor); 68 69 /** 70 * efi_query_variable_info_int() - get information about EFI variables 71 * 72 * This function implements the QueryVariableInfo() runtime service. 73 * 74 * See the Unified Extensible Firmware Interface (UEFI) specification for 75 * details. 76 * 77 * @attributes: bitmask to select variables to be 78 * queried 79 * @maximum_variable_storage_size: maximum size of storage area for the 80 * selected variable types 81 * @remaining_variable_storage_size: remaining size of storage are for the 82 * selected variable types 83 * @maximum_variable_size: maximum size of a variable of the 84 * selected type 85 * Returns: status code 86 */ 87 efi_status_t efi_query_variable_info_int(u32 attributes, 88 u64 *maximum_variable_storage_size, 89 u64 *remaining_variable_storage_size, 90 u64 *maximum_variable_size); 91 92 #define EFI_VAR_FILE_NAME "ubootefi.var" 93 94 #define EFI_VAR_BUF_SIZE CONFIG_EFI_VAR_BUF_SIZE 95 96 /* 97 * This constant identifies the file format for storing UEFI variables in 98 * struct efi_var_file. 99 */ 100 #define EFI_VAR_FILE_MAGIC 0x0161566966456255 /* UbEfiVa, version 1 */ 101 102 /** 103 * struct efi_var_entry - UEFI variable file entry 104 * 105 * @length: length of enty, multiple of 8 106 * @attr: variable attributes 107 * @time: authentication time (seconds since start of epoch) 108 * @guid: vendor GUID 109 * @name: UTF16 variable name 110 */ 111 struct efi_var_entry { 112 u32 length; 113 u32 attr; 114 u64 time; 115 efi_guid_t guid; 116 u16 name[]; 117 }; 118 119 /** 120 * struct efi_var_file - file for storing UEFI variables 121 * 122 * @reserved: unused, may be overwritten by memory probing 123 * @magic: identifies file format, takes value %EFI_VAR_FILE_MAGIC 124 * @length: length including header 125 * @crc32: CRC32 without header 126 * @var: variables 127 */ 128 struct efi_var_file { 129 u64 reserved; 130 u64 magic; 131 u32 length; 132 u32 crc32; 133 struct efi_var_entry var[]; 134 }; 135 136 /** 137 * efi_var_to_file() - save non-volatile variables as file 138 * 139 * File ubootefi.var is created on the EFI system partion. 140 * 141 * Return: status code 142 */ 143 efi_status_t efi_var_to_file(void); 144 145 /** 146 * efi_var_collect() - collect variables in buffer 147 * 148 * A buffer is allocated and filled with variables in a format ready to be 149 * written to disk. 150 * 151 * @bufp: pointer to pointer of buffer with collected variables 152 * @lenp: pointer to length of buffer 153 * @check_attr_mask: bitmask with required attributes of variables to be collected. 154 * variables are only collected if all of the required 155 * attributes are set. 156 * Return: status code 157 */ 158 efi_status_t __maybe_unused efi_var_collect(struct efi_var_file **bufp, loff_t *lenp, 159 u32 check_attr_mask); 160 161 /** 162 * efi_var_restore() - restore EFI variables from buffer 163 * 164 * @buf: buffer 165 * Return: status code 166 */ 167 efi_status_t efi_var_restore(struct efi_var_file *buf); 168 169 /** 170 * efi_var_from_file() - read variables from file 171 * 172 * File ubootefi.var is read from the EFI system partitions and the variables 173 * stored in the file are created. 174 * 175 * In case the file does not exist yet or a variable cannot be set EFI_SUCCESS 176 * is returned. 177 * 178 * Return: status code 179 */ 180 efi_status_t efi_var_from_file(void); 181 182 /** 183 * efi_var_mem_init() - set-up variable list 184 * 185 * Return: status code 186 */ 187 efi_status_t efi_var_mem_init(void); 188 189 /** 190 * efi_var_mem_find() - find a variable in the list 191 * 192 * @guid: GUID of the variable 193 * @name: name of the variable 194 * @next: on exit pointer to the next variable after the found one 195 * Return: found variable 196 */ 197 struct efi_var_entry *efi_var_mem_find(const efi_guid_t *guid, const u16 *name, 198 struct efi_var_entry **next); 199 200 /** 201 * efi_var_mem_del() - delete a variable from the list of variables 202 * 203 * @var: variable to delete 204 */ 205 void efi_var_mem_del(struct efi_var_entry *var); 206 207 /** 208 * efi_var_mem_ins() - append a variable to the list of variables 209 * 210 * The variable is appended without checking if a variable of the same name 211 * already exists. The two data buffers are concatenated. 212 * 213 * @variable_name: variable name 214 * @vendor: GUID 215 * @attributes: variable attributes 216 * @size1: size of the first data buffer 217 * @data1: first data buffer 218 * @size2: size of the second data field 219 * @data2: second data buffer 220 * @time: time of authentication (as seconds since start of epoch) 221 * Result: status code 222 */ 223 efi_status_t efi_var_mem_ins(u16 *variable_name, 224 const efi_guid_t *vendor, u32 attributes, 225 const efi_uintn_t size1, const void *data1, 226 const efi_uintn_t size2, const void *data2, 227 const u64 time); 228 229 /** 230 * efi_var_mem_free() - determine free memory for variables 231 * 232 * Return: maximum data size plus variable name size 233 */ 234 u64 efi_var_mem_free(void); 235 236 /** 237 * efi_init_secure_state - initialize secure boot state 238 * 239 * Return: status code 240 */ 241 efi_status_t efi_init_secure_state(void); 242 243 /** 244 * efi_auth_var_get_type() - convert variable name and guid to enum 245 * 246 * @name: name of UEFI variable 247 * @guid: guid of UEFI variable 248 * Return: identifier for authentication related variables 249 */ 250 enum efi_auth_var_type efi_auth_var_get_type(u16 *name, const efi_guid_t *guid); 251 252 /** 253 * efi_get_next_variable_name_mem() - Runtime common code across efi variable 254 * implementations for GetNextVariable() 255 * from the cached memory copy 256 * @variable_name_size: size of variable_name buffer in byte 257 * @variable_name: name of uefi variable's name in u16 258 * @vendor: vendor's guid 259 * 260 * Return: status code 261 */ 262 efi_status_t __efi_runtime 263 efi_get_next_variable_name_mem(efi_uintn_t *variable_name_size, u16 *variable_name, 264 efi_guid_t *vendor); 265 /** 266 * efi_get_variable_mem() - Runtime common code across efi variable 267 * implementations for GetVariable() from 268 * the cached memory copy 269 * 270 * @variable_name: name of the variable 271 * @vendor: vendor GUID 272 * @attributes: attributes of the variable 273 * @data_size: size of the buffer to which the variable value is copied 274 * @data: buffer to which the variable value is copied 275 * @timep: authentication time (seconds since start of epoch) 276 * Return: status code 277 */ 278 efi_status_t __efi_runtime 279 efi_get_variable_mem(u16 *variable_name, const efi_guid_t *vendor, u32 *attributes, 280 efi_uintn_t *data_size, void *data, u64 *timep); 281 282 /** 283 * efi_get_variable_runtime() - runtime implementation of GetVariable() 284 * 285 * @variable_name: name of the variable 286 * @guid: vendor GUID 287 * @attributes: attributes of the variable 288 * @data_size: size of the buffer to which the variable value is copied 289 * @data: buffer to which the variable value is copied 290 * Return: status code 291 */ 292 efi_status_t __efi_runtime EFIAPI 293 efi_get_variable_runtime(u16 *variable_name, const efi_guid_t *guid, 294 u32 *attributes, efi_uintn_t *data_size, void *data); 295 296 /** 297 * efi_get_next_variable_name_runtime() - runtime implementation of 298 * GetNextVariable() 299 * 300 * @variable_name_size: size of variable_name buffer in byte 301 * @variable_name: name of uefi variable's name in u16 302 * @guid: vendor's guid 303 * Return: status code 304 */ 305 efi_status_t __efi_runtime EFIAPI 306 efi_get_next_variable_name_runtime(efi_uintn_t *variable_name_size, 307 u16 *variable_name, efi_guid_t *guid); 308 309 /** 310 * efi_var_buf_update() - udpate memory buffer for variables 311 * 312 * @var_buf: source buffer 313 * 314 * This function copies to the memory buffer for UEFI variables. Call this 315 * function in ExitBootServices() if memory backed variables are only used 316 * at runtime to fill the buffer. 317 */ 318 void efi_var_buf_update(struct efi_var_file *var_buf); 319 320 #endif 321