1 /** @file
2   Implementation functions and structures for var check protocol
3   and variable lock protocol based on VarCheckLib.
4 
5 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution.  The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
10 
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13 
14 **/
15 
16 #include "Variable.h"
17 
18 /**
19   Mark a variable that will become read-only after leaving the DXE phase of execution.
20   Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTOCOL is allowed.
21 
22   @param[in] This          The VARIABLE_LOCK_PROTOCOL instance.
23   @param[in] VariableName  A pointer to the variable name that will be made read-only subsequently.
24   @param[in] VendorGuid    A pointer to the vendor GUID that will be made read-only subsequently.
25 
26   @retval EFI_SUCCESS           The variable specified by the VariableName and the VendorGuid was marked
27                                 as pending to be read-only.
28   @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
29                                 Or VariableName is an empty string.
30   @retval EFI_ACCESS_DENIED     EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
31                                 already been signaled.
32   @retval EFI_OUT_OF_RESOURCES  There is not enough resource to hold the lock request.
33 **/
34 EFI_STATUS
35 EFIAPI
VariableLockRequestToLock(IN CONST EDKII_VARIABLE_LOCK_PROTOCOL * This,IN CHAR16 * VariableName,IN EFI_GUID * VendorGuid)36 VariableLockRequestToLock (
37   IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,
38   IN       CHAR16                       *VariableName,
39   IN       EFI_GUID                     *VendorGuid
40   )
41 {
42   EFI_STATUS                    Status;
43   VAR_CHECK_VARIABLE_PROPERTY   Property;
44 
45   AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
46 
47   Status = VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Property);
48   if (!EFI_ERROR (Status)) {
49     Property.Property |= VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
50   } else {
51     Property.Revision = VAR_CHECK_VARIABLE_PROPERTY_REVISION;
52     Property.Property = VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
53     Property.Attributes = 0;
54     Property.MinSize = 1;
55     Property.MaxSize = MAX_UINTN;
56   }
57   Status = VarCheckLibVariablePropertySet (VariableName, VendorGuid, &Property);
58 
59   DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s %r\n", VendorGuid, VariableName, Status));
60 
61   ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
62 
63   return Status;
64 }
65 
66 /**
67   Register SetVariable check handler.
68 
69   @param[in] Handler            Pointer to check handler.
70 
71   @retval EFI_SUCCESS           The SetVariable check handler was registered successfully.
72   @retval EFI_INVALID_PARAMETER Handler is NULL.
73   @retval EFI_ACCESS_DENIED     EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
74                                 already been signaled.
75   @retval EFI_OUT_OF_RESOURCES  There is not enough resource for the SetVariable check handler register request.
76   @retval EFI_UNSUPPORTED       This interface is not implemented.
77                                 For example, it is unsupported in VarCheck protocol if both VarCheck and SmmVarCheck protocols are present.
78 
79 **/
80 EFI_STATUS
81 EFIAPI
VarCheckRegisterSetVariableCheckHandler(IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER Handler)82 VarCheckRegisterSetVariableCheckHandler (
83   IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER   Handler
84   )
85 {
86   EFI_STATUS    Status;
87 
88   AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
89   Status = VarCheckLibRegisterSetVariableCheckHandler (Handler);
90   ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
91 
92   return Status;
93 }
94 
95 /**
96   Variable property set.
97 
98   @param[in] Name               Pointer to the variable name.
99   @param[in] Guid               Pointer to the vendor GUID.
100   @param[in] VariableProperty   Pointer to the input variable property.
101 
102   @retval EFI_SUCCESS           The property of variable specified by the Name and Guid was set successfully.
103   @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string,
104                                 or the fields of VariableProperty are not valid.
105   @retval EFI_ACCESS_DENIED     EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
106                                 already been signaled.
107   @retval EFI_OUT_OF_RESOURCES  There is not enough resource for the variable property set request.
108 
109 **/
110 EFI_STATUS
111 EFIAPI
VarCheckVariablePropertySet(IN CHAR16 * Name,IN EFI_GUID * Guid,IN VAR_CHECK_VARIABLE_PROPERTY * VariableProperty)112 VarCheckVariablePropertySet (
113   IN CHAR16                         *Name,
114   IN EFI_GUID                       *Guid,
115   IN VAR_CHECK_VARIABLE_PROPERTY    *VariableProperty
116   )
117 {
118   EFI_STATUS    Status;
119 
120   AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
121   Status = VarCheckLibVariablePropertySet (Name, Guid, VariableProperty);
122   ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
123 
124   return Status;
125 }
126 
127 /**
128   Variable property get.
129 
130   @param[in]  Name              Pointer to the variable name.
131   @param[in]  Guid              Pointer to the vendor GUID.
132   @param[out] VariableProperty  Pointer to the output variable property.
133 
134   @retval EFI_SUCCESS           The property of variable specified by the Name and Guid was got successfully.
135   @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string.
136   @retval EFI_NOT_FOUND         The property of variable specified by the Name and Guid was not found.
137 
138 **/
139 EFI_STATUS
140 EFIAPI
VarCheckVariablePropertyGet(IN CHAR16 * Name,IN EFI_GUID * Guid,OUT VAR_CHECK_VARIABLE_PROPERTY * VariableProperty)141 VarCheckVariablePropertyGet (
142   IN CHAR16                         *Name,
143   IN EFI_GUID                       *Guid,
144   OUT VAR_CHECK_VARIABLE_PROPERTY   *VariableProperty
145   )
146 {
147   EFI_STATUS    Status;
148 
149   AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
150   Status = VarCheckLibVariablePropertyGet (Name, Guid, VariableProperty);
151   ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
152 
153   return Status;
154 }
155 
156