1 /*
2 * Originally from efivars.c
3 *
4 * Copyright (C) 2001,2003,2004 Dell <Matt_Domsch@dell.com>
5 * Copyright (C) 2004 Intel Corporation <matthew.e.tolentino@intel.com>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 */
21
22 #include <linux/capability.h>
23 #include <linux/types.h>
24 #include <linux/errno.h>
25 #include <linux/init.h>
26 #include <linux/mm.h>
27 #include <linux/module.h>
28 #include <linux/string.h>
29 #include <linux/smp.h>
30 #include <linux/efi.h>
31 #include <linux/sysfs.h>
32 #include <linux/device.h>
33 #include <linux/slab.h>
34 #include <linux/ctype.h>
35 #include <linux/ucs2_string.h>
36
37 /* Private pointer to registered efivars */
38 static struct efivars *__efivars;
39
40 /*
41 * efivars_lock protects three things:
42 * 1) efivarfs_list and efivars_sysfs_list
43 * 2) ->ops calls
44 * 3) (un)registration of __efivars
45 */
46 static DEFINE_SEMAPHORE(efivars_lock);
47
48 static bool efivar_wq_enabled = true;
49 DECLARE_WORK(efivar_work, NULL);
50 EXPORT_SYMBOL_GPL(efivar_work);
51
52 static bool
validate_device_path(efi_char16_t * var_name,int match,u8 * buffer,unsigned long len)53 validate_device_path(efi_char16_t *var_name, int match, u8 *buffer,
54 unsigned long len)
55 {
56 struct efi_generic_dev_path *node;
57 int offset = 0;
58
59 node = (struct efi_generic_dev_path *)buffer;
60
61 if (len < sizeof(*node))
62 return false;
63
64 while (offset <= len - sizeof(*node) &&
65 node->length >= sizeof(*node) &&
66 node->length <= len - offset) {
67 offset += node->length;
68
69 if ((node->type == EFI_DEV_END_PATH ||
70 node->type == EFI_DEV_END_PATH2) &&
71 node->sub_type == EFI_DEV_END_ENTIRE)
72 return true;
73
74 node = (struct efi_generic_dev_path *)(buffer + offset);
75 }
76
77 /*
78 * If we're here then either node->length pointed past the end
79 * of the buffer or we reached the end of the buffer without
80 * finding a device path end node.
81 */
82 return false;
83 }
84
85 static bool
validate_boot_order(efi_char16_t * var_name,int match,u8 * buffer,unsigned long len)86 validate_boot_order(efi_char16_t *var_name, int match, u8 *buffer,
87 unsigned long len)
88 {
89 /* An array of 16-bit integers */
90 if ((len % 2) != 0)
91 return false;
92
93 return true;
94 }
95
96 static bool
validate_load_option(efi_char16_t * var_name,int match,u8 * buffer,unsigned long len)97 validate_load_option(efi_char16_t *var_name, int match, u8 *buffer,
98 unsigned long len)
99 {
100 u16 filepathlength;
101 int i, desclength = 0, namelen;
102
103 namelen = ucs2_strnlen(var_name, EFI_VAR_NAME_LEN);
104
105 /* Either "Boot" or "Driver" followed by four digits of hex */
106 for (i = match; i < match+4; i++) {
107 if (var_name[i] > 127 ||
108 hex_to_bin(var_name[i] & 0xff) < 0)
109 return true;
110 }
111
112 /* Reject it if there's 4 digits of hex and then further content */
113 if (namelen > match + 4)
114 return false;
115
116 /* A valid entry must be at least 8 bytes */
117 if (len < 8)
118 return false;
119
120 filepathlength = buffer[4] | buffer[5] << 8;
121
122 /*
123 * There's no stored length for the description, so it has to be
124 * found by hand
125 */
126 desclength = ucs2_strsize((efi_char16_t *)(buffer + 6), len - 6) + 2;
127
128 /* Each boot entry must have a descriptor */
129 if (!desclength)
130 return false;
131
132 /*
133 * If the sum of the length of the description, the claimed filepath
134 * length and the original header are greater than the length of the
135 * variable, it's malformed
136 */
137 if ((desclength + filepathlength + 6) > len)
138 return false;
139
140 /*
141 * And, finally, check the filepath
142 */
143 return validate_device_path(var_name, match, buffer + desclength + 6,
144 filepathlength);
145 }
146
147 static bool
validate_uint16(efi_char16_t * var_name,int match,u8 * buffer,unsigned long len)148 validate_uint16(efi_char16_t *var_name, int match, u8 *buffer,
149 unsigned long len)
150 {
151 /* A single 16-bit integer */
152 if (len != 2)
153 return false;
154
155 return true;
156 }
157
158 static bool
validate_ascii_string(efi_char16_t * var_name,int match,u8 * buffer,unsigned long len)159 validate_ascii_string(efi_char16_t *var_name, int match, u8 *buffer,
160 unsigned long len)
161 {
162 int i;
163
164 for (i = 0; i < len; i++) {
165 if (buffer[i] > 127)
166 return false;
167
168 if (buffer[i] == 0)
169 return true;
170 }
171
172 return false;
173 }
174
175 struct variable_validate {
176 efi_guid_t vendor;
177 char *name;
178 bool (*validate)(efi_char16_t *var_name, int match, u8 *data,
179 unsigned long len);
180 };
181
182 /*
183 * This is the list of variables we need to validate, as well as the
184 * whitelist for what we think is safe not to default to immutable.
185 *
186 * If it has a validate() method that's not NULL, it'll go into the
187 * validation routine. If not, it is assumed valid, but still used for
188 * whitelisting.
189 *
190 * Note that it's sorted by {vendor,name}, but globbed names must come after
191 * any other name with the same prefix.
192 */
193 static const struct variable_validate variable_validate[] = {
194 { EFI_GLOBAL_VARIABLE_GUID, "BootNext", validate_uint16 },
195 { EFI_GLOBAL_VARIABLE_GUID, "BootOrder", validate_boot_order },
196 { EFI_GLOBAL_VARIABLE_GUID, "Boot*", validate_load_option },
197 { EFI_GLOBAL_VARIABLE_GUID, "DriverOrder", validate_boot_order },
198 { EFI_GLOBAL_VARIABLE_GUID, "Driver*", validate_load_option },
199 { EFI_GLOBAL_VARIABLE_GUID, "ConIn", validate_device_path },
200 { EFI_GLOBAL_VARIABLE_GUID, "ConInDev", validate_device_path },
201 { EFI_GLOBAL_VARIABLE_GUID, "ConOut", validate_device_path },
202 { EFI_GLOBAL_VARIABLE_GUID, "ConOutDev", validate_device_path },
203 { EFI_GLOBAL_VARIABLE_GUID, "ErrOut", validate_device_path },
204 { EFI_GLOBAL_VARIABLE_GUID, "ErrOutDev", validate_device_path },
205 { EFI_GLOBAL_VARIABLE_GUID, "Lang", validate_ascii_string },
206 { EFI_GLOBAL_VARIABLE_GUID, "OsIndications", NULL },
207 { EFI_GLOBAL_VARIABLE_GUID, "PlatformLang", validate_ascii_string },
208 { EFI_GLOBAL_VARIABLE_GUID, "Timeout", validate_uint16 },
209 { LINUX_EFI_CRASH_GUID, "*", NULL },
210 { NULL_GUID, "", NULL },
211 };
212
213 /*
214 * Check if @var_name matches the pattern given in @match_name.
215 *
216 * @var_name: an array of @len non-NUL characters.
217 * @match_name: a NUL-terminated pattern string, optionally ending in "*". A
218 * final "*" character matches any trailing characters @var_name,
219 * including the case when there are none left in @var_name.
220 * @match: on output, the number of non-wildcard characters in @match_name
221 * that @var_name matches, regardless of the return value.
222 * @return: whether @var_name fully matches @match_name.
223 */
224 static bool
variable_matches(const char * var_name,size_t len,const char * match_name,int * match)225 variable_matches(const char *var_name, size_t len, const char *match_name,
226 int *match)
227 {
228 for (*match = 0; ; (*match)++) {
229 char c = match_name[*match];
230
231 switch (c) {
232 case '*':
233 /* Wildcard in @match_name means we've matched. */
234 return true;
235
236 case '\0':
237 /* @match_name has ended. Has @var_name too? */
238 return (*match == len);
239
240 default:
241 /*
242 * We've reached a non-wildcard char in @match_name.
243 * Continue only if there's an identical character in
244 * @var_name.
245 */
246 if (*match < len && c == var_name[*match])
247 continue;
248 return false;
249 }
250 }
251 }
252
253 bool
efivar_validate(efi_guid_t vendor,efi_char16_t * var_name,u8 * data,unsigned long data_size)254 efivar_validate(efi_guid_t vendor, efi_char16_t *var_name, u8 *data,
255 unsigned long data_size)
256 {
257 int i;
258 unsigned long utf8_size;
259 u8 *utf8_name;
260
261 utf8_size = ucs2_utf8size(var_name);
262 utf8_name = kmalloc(utf8_size + 1, GFP_KERNEL);
263 if (!utf8_name)
264 return false;
265
266 ucs2_as_utf8(utf8_name, var_name, utf8_size);
267 utf8_name[utf8_size] = '\0';
268
269 for (i = 0; variable_validate[i].name[0] != '\0'; i++) {
270 const char *name = variable_validate[i].name;
271 int match = 0;
272
273 if (efi_guidcmp(vendor, variable_validate[i].vendor))
274 continue;
275
276 if (variable_matches(utf8_name, utf8_size+1, name, &match)) {
277 if (variable_validate[i].validate == NULL)
278 break;
279 kfree(utf8_name);
280 return variable_validate[i].validate(var_name, match,
281 data, data_size);
282 }
283 }
284 kfree(utf8_name);
285 return true;
286 }
287 EXPORT_SYMBOL_GPL(efivar_validate);
288
289 bool
efivar_variable_is_removable(efi_guid_t vendor,const char * var_name,size_t len)290 efivar_variable_is_removable(efi_guid_t vendor, const char *var_name,
291 size_t len)
292 {
293 int i;
294 bool found = false;
295 int match = 0;
296
297 /*
298 * Check if our variable is in the validated variables list
299 */
300 for (i = 0; variable_validate[i].name[0] != '\0'; i++) {
301 if (efi_guidcmp(variable_validate[i].vendor, vendor))
302 continue;
303
304 if (variable_matches(var_name, len,
305 variable_validate[i].name, &match)) {
306 found = true;
307 break;
308 }
309 }
310
311 /*
312 * If it's in our list, it is removable.
313 */
314 return found;
315 }
316 EXPORT_SYMBOL_GPL(efivar_variable_is_removable);
317
318 static efi_status_t
check_var_size(u32 attributes,unsigned long size)319 check_var_size(u32 attributes, unsigned long size)
320 {
321 const struct efivar_operations *fops = __efivars->ops;
322
323 if (!fops->query_variable_store)
324 return EFI_UNSUPPORTED;
325
326 return fops->query_variable_store(attributes, size, false);
327 }
328
329 static efi_status_t
check_var_size_nonblocking(u32 attributes,unsigned long size)330 check_var_size_nonblocking(u32 attributes, unsigned long size)
331 {
332 const struct efivar_operations *fops = __efivars->ops;
333
334 if (!fops->query_variable_store)
335 return EFI_UNSUPPORTED;
336
337 return fops->query_variable_store(attributes, size, true);
338 }
339
variable_is_present(efi_char16_t * variable_name,efi_guid_t * vendor,struct list_head * head)340 static bool variable_is_present(efi_char16_t *variable_name, efi_guid_t *vendor,
341 struct list_head *head)
342 {
343 struct efivar_entry *entry, *n;
344 unsigned long strsize1, strsize2;
345 bool found = false;
346
347 strsize1 = ucs2_strsize(variable_name, 1024);
348 list_for_each_entry_safe(entry, n, head, list) {
349 strsize2 = ucs2_strsize(entry->var.VariableName, 1024);
350 if (strsize1 == strsize2 &&
351 !memcmp(variable_name, &(entry->var.VariableName),
352 strsize2) &&
353 !efi_guidcmp(entry->var.VendorGuid,
354 *vendor)) {
355 found = true;
356 break;
357 }
358 }
359 return found;
360 }
361
362 /*
363 * Returns the size of variable_name, in bytes, including the
364 * terminating NULL character, or variable_name_size if no NULL
365 * character is found among the first variable_name_size bytes.
366 */
var_name_strnsize(efi_char16_t * variable_name,unsigned long variable_name_size)367 static unsigned long var_name_strnsize(efi_char16_t *variable_name,
368 unsigned long variable_name_size)
369 {
370 unsigned long len;
371 efi_char16_t c;
372
373 /*
374 * The variable name is, by definition, a NULL-terminated
375 * string, so make absolutely sure that variable_name_size is
376 * the value we expect it to be. If not, return the real size.
377 */
378 for (len = 2; len <= variable_name_size; len += sizeof(c)) {
379 c = variable_name[(len / sizeof(c)) - 1];
380 if (!c)
381 break;
382 }
383
384 return min(len, variable_name_size);
385 }
386
387 /*
388 * Print a warning when duplicate EFI variables are encountered and
389 * disable the sysfs workqueue since the firmware is buggy.
390 */
dup_variable_bug(efi_char16_t * str16,efi_guid_t * vendor_guid,unsigned long len16)391 static void dup_variable_bug(efi_char16_t *str16, efi_guid_t *vendor_guid,
392 unsigned long len16)
393 {
394 size_t i, len8 = len16 / sizeof(efi_char16_t);
395 char *str8;
396
397 /*
398 * Disable the workqueue since the algorithm it uses for
399 * detecting new variables won't work with this buggy
400 * implementation of GetNextVariableName().
401 */
402 efivar_wq_enabled = false;
403
404 str8 = kzalloc(len8, GFP_KERNEL);
405 if (!str8)
406 return;
407
408 for (i = 0; i < len8; i++)
409 str8[i] = str16[i];
410
411 printk(KERN_WARNING "efivars: duplicate variable: %s-%pUl\n",
412 str8, vendor_guid);
413 kfree(str8);
414 }
415
416 /**
417 * efivar_init - build the initial list of EFI variables
418 * @func: callback function to invoke for every variable
419 * @data: function-specific data to pass to @func
420 * @atomic: do we need to execute the @func-loop atomically?
421 * @duplicates: error if we encounter duplicates on @head?
422 * @head: initialised head of variable list
423 *
424 * Get every EFI variable from the firmware and invoke @func. @func
425 * should call efivar_entry_add() to build the list of variables.
426 *
427 * Returns 0 on success, or a kernel error code on failure.
428 */
efivar_init(int (* func)(efi_char16_t *,efi_guid_t,unsigned long,void *),void * data,bool duplicates,struct list_head * head)429 int efivar_init(int (*func)(efi_char16_t *, efi_guid_t, unsigned long, void *),
430 void *data, bool duplicates, struct list_head *head)
431 {
432 const struct efivar_operations *ops = __efivars->ops;
433 unsigned long variable_name_size = 1024;
434 efi_char16_t *variable_name;
435 efi_status_t status;
436 efi_guid_t vendor_guid;
437 int err = 0;
438
439 variable_name = kzalloc(variable_name_size, GFP_KERNEL);
440 if (!variable_name) {
441 printk(KERN_ERR "efivars: Memory allocation failed.\n");
442 return -ENOMEM;
443 }
444
445 if (down_interruptible(&efivars_lock)) {
446 err = -EINTR;
447 goto free;
448 }
449
450 /*
451 * Per EFI spec, the maximum storage allocated for both
452 * the variable name and variable data is 1024 bytes.
453 */
454
455 do {
456 variable_name_size = 1024;
457
458 status = ops->get_next_variable(&variable_name_size,
459 variable_name,
460 &vendor_guid);
461 switch (status) {
462 case EFI_SUCCESS:
463 if (duplicates)
464 up(&efivars_lock);
465
466 variable_name_size = var_name_strnsize(variable_name,
467 variable_name_size);
468
469 /*
470 * Some firmware implementations return the
471 * same variable name on multiple calls to
472 * get_next_variable(). Terminate the loop
473 * immediately as there is no guarantee that
474 * we'll ever see a different variable name,
475 * and may end up looping here forever.
476 */
477 if (duplicates &&
478 variable_is_present(variable_name, &vendor_guid,
479 head)) {
480 dup_variable_bug(variable_name, &vendor_guid,
481 variable_name_size);
482 status = EFI_NOT_FOUND;
483 } else {
484 err = func(variable_name, vendor_guid,
485 variable_name_size, data);
486 if (err)
487 status = EFI_NOT_FOUND;
488 }
489
490 if (duplicates) {
491 if (down_interruptible(&efivars_lock)) {
492 err = -EINTR;
493 goto free;
494 }
495 }
496
497 break;
498 case EFI_NOT_FOUND:
499 break;
500 default:
501 printk(KERN_WARNING "efivars: get_next_variable: status=%lx\n",
502 status);
503 status = EFI_NOT_FOUND;
504 break;
505 }
506
507 } while (status != EFI_NOT_FOUND);
508
509 up(&efivars_lock);
510 free:
511 kfree(variable_name);
512
513 return err;
514 }
515 EXPORT_SYMBOL_GPL(efivar_init);
516
517 /**
518 * efivar_entry_add - add entry to variable list
519 * @entry: entry to add to list
520 * @head: list head
521 *
522 * Returns 0 on success, or a kernel error code on failure.
523 */
efivar_entry_add(struct efivar_entry * entry,struct list_head * head)524 int efivar_entry_add(struct efivar_entry *entry, struct list_head *head)
525 {
526 if (down_interruptible(&efivars_lock))
527 return -EINTR;
528 list_add(&entry->list, head);
529 up(&efivars_lock);
530
531 return 0;
532 }
533 EXPORT_SYMBOL_GPL(efivar_entry_add);
534
535 /**
536 * efivar_entry_remove - remove entry from variable list
537 * @entry: entry to remove from list
538 *
539 * Returns 0 on success, or a kernel error code on failure.
540 */
efivar_entry_remove(struct efivar_entry * entry)541 int efivar_entry_remove(struct efivar_entry *entry)
542 {
543 if (down_interruptible(&efivars_lock))
544 return -EINTR;
545 list_del(&entry->list);
546 up(&efivars_lock);
547
548 return 0;
549 }
550 EXPORT_SYMBOL_GPL(efivar_entry_remove);
551
552 /*
553 * efivar_entry_list_del_unlock - remove entry from variable list
554 * @entry: entry to remove
555 *
556 * Remove @entry from the variable list and release the list lock.
557 *
558 * NOTE: slightly weird locking semantics here - we expect to be
559 * called with the efivars lock already held, and we release it before
560 * returning. This is because this function is usually called after
561 * set_variable() while the lock is still held.
562 */
efivar_entry_list_del_unlock(struct efivar_entry * entry)563 static void efivar_entry_list_del_unlock(struct efivar_entry *entry)
564 {
565 list_del(&entry->list);
566 up(&efivars_lock);
567 }
568
569 /**
570 * __efivar_entry_delete - delete an EFI variable
571 * @entry: entry containing EFI variable to delete
572 *
573 * Delete the variable from the firmware but leave @entry on the
574 * variable list.
575 *
576 * This function differs from efivar_entry_delete() because it does
577 * not remove @entry from the variable list. Also, it is safe to be
578 * called from within a efivar_entry_iter_begin() and
579 * efivar_entry_iter_end() region, unlike efivar_entry_delete().
580 *
581 * Returns 0 on success, or a converted EFI status code if
582 * set_variable() fails.
583 */
__efivar_entry_delete(struct efivar_entry * entry)584 int __efivar_entry_delete(struct efivar_entry *entry)
585 {
586 const struct efivar_operations *ops = __efivars->ops;
587 efi_status_t status;
588
589 status = ops->set_variable(entry->var.VariableName,
590 &entry->var.VendorGuid,
591 0, 0, NULL);
592
593 return efi_status_to_err(status);
594 }
595 EXPORT_SYMBOL_GPL(__efivar_entry_delete);
596
597 /**
598 * efivar_entry_delete - delete variable and remove entry from list
599 * @entry: entry containing variable to delete
600 *
601 * Delete the variable from the firmware and remove @entry from the
602 * variable list. It is the caller's responsibility to free @entry
603 * once we return.
604 *
605 * Returns 0 on success, -EINTR if we can't grab the semaphore,
606 * converted EFI status code if set_variable() fails.
607 */
efivar_entry_delete(struct efivar_entry * entry)608 int efivar_entry_delete(struct efivar_entry *entry)
609 {
610 const struct efivar_operations *ops = __efivars->ops;
611 efi_status_t status;
612
613 if (down_interruptible(&efivars_lock))
614 return -EINTR;
615
616 status = ops->set_variable(entry->var.VariableName,
617 &entry->var.VendorGuid,
618 0, 0, NULL);
619 if (!(status == EFI_SUCCESS || status == EFI_NOT_FOUND)) {
620 up(&efivars_lock);
621 return efi_status_to_err(status);
622 }
623
624 efivar_entry_list_del_unlock(entry);
625 return 0;
626 }
627 EXPORT_SYMBOL_GPL(efivar_entry_delete);
628
629 /**
630 * efivar_entry_set - call set_variable()
631 * @entry: entry containing the EFI variable to write
632 * @attributes: variable attributes
633 * @size: size of @data buffer
634 * @data: buffer containing variable data
635 * @head: head of variable list
636 *
637 * Calls set_variable() for an EFI variable. If creating a new EFI
638 * variable, this function is usually followed by efivar_entry_add().
639 *
640 * Before writing the variable, the remaining EFI variable storage
641 * space is checked to ensure there is enough room available.
642 *
643 * If @head is not NULL a lookup is performed to determine whether
644 * the entry is already on the list.
645 *
646 * Returns 0 on success, -EINTR if we can't grab the semaphore,
647 * -EEXIST if a lookup is performed and the entry already exists on
648 * the list, or a converted EFI status code if set_variable() fails.
649 */
efivar_entry_set(struct efivar_entry * entry,u32 attributes,unsigned long size,void * data,struct list_head * head)650 int efivar_entry_set(struct efivar_entry *entry, u32 attributes,
651 unsigned long size, void *data, struct list_head *head)
652 {
653 const struct efivar_operations *ops = __efivars->ops;
654 efi_status_t status;
655 efi_char16_t *name = entry->var.VariableName;
656 efi_guid_t vendor = entry->var.VendorGuid;
657
658 if (down_interruptible(&efivars_lock))
659 return -EINTR;
660 if (head && efivar_entry_find(name, vendor, head, false)) {
661 up(&efivars_lock);
662 return -EEXIST;
663 }
664
665 status = check_var_size(attributes, size + ucs2_strsize(name, 1024));
666 if (status == EFI_SUCCESS || status == EFI_UNSUPPORTED)
667 status = ops->set_variable(name, &vendor,
668 attributes, size, data);
669
670 up(&efivars_lock);
671
672 return efi_status_to_err(status);
673
674 }
675 EXPORT_SYMBOL_GPL(efivar_entry_set);
676
677 /*
678 * efivar_entry_set_nonblocking - call set_variable_nonblocking()
679 *
680 * This function is guaranteed to not block and is suitable for calling
681 * from crash/panic handlers.
682 *
683 * Crucially, this function will not block if it cannot acquire
684 * efivars_lock. Instead, it returns -EBUSY.
685 */
686 static int
efivar_entry_set_nonblocking(efi_char16_t * name,efi_guid_t vendor,u32 attributes,unsigned long size,void * data)687 efivar_entry_set_nonblocking(efi_char16_t *name, efi_guid_t vendor,
688 u32 attributes, unsigned long size, void *data)
689 {
690 const struct efivar_operations *ops = __efivars->ops;
691 efi_status_t status;
692
693 if (down_trylock(&efivars_lock))
694 return -EBUSY;
695
696 status = check_var_size_nonblocking(attributes,
697 size + ucs2_strsize(name, 1024));
698 if (status != EFI_SUCCESS) {
699 up(&efivars_lock);
700 return -ENOSPC;
701 }
702
703 status = ops->set_variable_nonblocking(name, &vendor, attributes,
704 size, data);
705
706 up(&efivars_lock);
707 return efi_status_to_err(status);
708 }
709
710 /**
711 * efivar_entry_set_safe - call set_variable() if enough space in firmware
712 * @name: buffer containing the variable name
713 * @vendor: variable vendor guid
714 * @attributes: variable attributes
715 * @block: can we block in this context?
716 * @size: size of @data buffer
717 * @data: buffer containing variable data
718 *
719 * Ensures there is enough free storage in the firmware for this variable, and
720 * if so, calls set_variable(). If creating a new EFI variable, this function
721 * is usually followed by efivar_entry_add().
722 *
723 * Returns 0 on success, -ENOSPC if the firmware does not have enough
724 * space for set_variable() to succeed, or a converted EFI status code
725 * if set_variable() fails.
726 */
efivar_entry_set_safe(efi_char16_t * name,efi_guid_t vendor,u32 attributes,bool block,unsigned long size,void * data)727 int efivar_entry_set_safe(efi_char16_t *name, efi_guid_t vendor, u32 attributes,
728 bool block, unsigned long size, void *data)
729 {
730 const struct efivar_operations *ops = __efivars->ops;
731 efi_status_t status;
732
733 if (!ops->query_variable_store)
734 return -ENOSYS;
735
736 /*
737 * If the EFI variable backend provides a non-blocking
738 * ->set_variable() operation and we're in a context where we
739 * cannot block, then we need to use it to avoid live-locks,
740 * since the implication is that the regular ->set_variable()
741 * will block.
742 *
743 * If no ->set_variable_nonblocking() is provided then
744 * ->set_variable() is assumed to be non-blocking.
745 */
746 if (!block && ops->set_variable_nonblocking)
747 return efivar_entry_set_nonblocking(name, vendor, attributes,
748 size, data);
749
750 if (!block) {
751 if (down_trylock(&efivars_lock))
752 return -EBUSY;
753 } else {
754 if (down_interruptible(&efivars_lock))
755 return -EINTR;
756 }
757
758 status = check_var_size(attributes, size + ucs2_strsize(name, 1024));
759 if (status != EFI_SUCCESS) {
760 up(&efivars_lock);
761 return -ENOSPC;
762 }
763
764 status = ops->set_variable(name, &vendor, attributes, size, data);
765
766 up(&efivars_lock);
767
768 return efi_status_to_err(status);
769 }
770 EXPORT_SYMBOL_GPL(efivar_entry_set_safe);
771
772 /**
773 * efivar_entry_find - search for an entry
774 * @name: the EFI variable name
775 * @guid: the EFI variable vendor's guid
776 * @head: head of the variable list
777 * @remove: should we remove the entry from the list?
778 *
779 * Search for an entry on the variable list that has the EFI variable
780 * name @name and vendor guid @guid. If an entry is found on the list
781 * and @remove is true, the entry is removed from the list.
782 *
783 * The caller MUST call efivar_entry_iter_begin() and
784 * efivar_entry_iter_end() before and after the invocation of this
785 * function, respectively.
786 *
787 * Returns the entry if found on the list, %NULL otherwise.
788 */
efivar_entry_find(efi_char16_t * name,efi_guid_t guid,struct list_head * head,bool remove)789 struct efivar_entry *efivar_entry_find(efi_char16_t *name, efi_guid_t guid,
790 struct list_head *head, bool remove)
791 {
792 struct efivar_entry *entry, *n;
793 int strsize1, strsize2;
794 bool found = false;
795
796 list_for_each_entry_safe(entry, n, head, list) {
797 strsize1 = ucs2_strsize(name, 1024);
798 strsize2 = ucs2_strsize(entry->var.VariableName, 1024);
799 if (strsize1 == strsize2 &&
800 !memcmp(name, &(entry->var.VariableName), strsize1) &&
801 !efi_guidcmp(guid, entry->var.VendorGuid)) {
802 found = true;
803 break;
804 }
805 }
806
807 if (!found)
808 return NULL;
809
810 if (remove) {
811 if (entry->scanning) {
812 /*
813 * The entry will be deleted
814 * after scanning is completed.
815 */
816 entry->deleting = true;
817 } else
818 list_del(&entry->list);
819 }
820
821 return entry;
822 }
823 EXPORT_SYMBOL_GPL(efivar_entry_find);
824
825 /**
826 * efivar_entry_size - obtain the size of a variable
827 * @entry: entry for this variable
828 * @size: location to store the variable's size
829 */
efivar_entry_size(struct efivar_entry * entry,unsigned long * size)830 int efivar_entry_size(struct efivar_entry *entry, unsigned long *size)
831 {
832 const struct efivar_operations *ops = __efivars->ops;
833 efi_status_t status;
834
835 *size = 0;
836
837 if (down_interruptible(&efivars_lock))
838 return -EINTR;
839 status = ops->get_variable(entry->var.VariableName,
840 &entry->var.VendorGuid, NULL, size, NULL);
841 up(&efivars_lock);
842
843 if (status != EFI_BUFFER_TOO_SMALL)
844 return efi_status_to_err(status);
845
846 return 0;
847 }
848 EXPORT_SYMBOL_GPL(efivar_entry_size);
849
850 /**
851 * __efivar_entry_get - call get_variable()
852 * @entry: read data for this variable
853 * @attributes: variable attributes
854 * @size: size of @data buffer
855 * @data: buffer to store variable data
856 *
857 * The caller MUST call efivar_entry_iter_begin() and
858 * efivar_entry_iter_end() before and after the invocation of this
859 * function, respectively.
860 */
__efivar_entry_get(struct efivar_entry * entry,u32 * attributes,unsigned long * size,void * data)861 int __efivar_entry_get(struct efivar_entry *entry, u32 *attributes,
862 unsigned long *size, void *data)
863 {
864 const struct efivar_operations *ops = __efivars->ops;
865 efi_status_t status;
866
867 status = ops->get_variable(entry->var.VariableName,
868 &entry->var.VendorGuid,
869 attributes, size, data);
870
871 return efi_status_to_err(status);
872 }
873 EXPORT_SYMBOL_GPL(__efivar_entry_get);
874
875 /**
876 * efivar_entry_get - call get_variable()
877 * @entry: read data for this variable
878 * @attributes: variable attributes
879 * @size: size of @data buffer
880 * @data: buffer to store variable data
881 */
efivar_entry_get(struct efivar_entry * entry,u32 * attributes,unsigned long * size,void * data)882 int efivar_entry_get(struct efivar_entry *entry, u32 *attributes,
883 unsigned long *size, void *data)
884 {
885 const struct efivar_operations *ops = __efivars->ops;
886 efi_status_t status;
887
888 if (down_interruptible(&efivars_lock))
889 return -EINTR;
890 status = ops->get_variable(entry->var.VariableName,
891 &entry->var.VendorGuid,
892 attributes, size, data);
893 up(&efivars_lock);
894
895 return efi_status_to_err(status);
896 }
897 EXPORT_SYMBOL_GPL(efivar_entry_get);
898
899 /**
900 * efivar_entry_set_get_size - call set_variable() and get new size (atomic)
901 * @entry: entry containing variable to set and get
902 * @attributes: attributes of variable to be written
903 * @size: size of data buffer
904 * @data: buffer containing data to write
905 * @set: did the set_variable() call succeed?
906 *
907 * This is a pretty special (complex) function. See efivarfs_file_write().
908 *
909 * Atomically call set_variable() for @entry and if the call is
910 * successful, return the new size of the variable from get_variable()
911 * in @size. The success of set_variable() is indicated by @set.
912 *
913 * Returns 0 on success, -EINVAL if the variable data is invalid,
914 * -ENOSPC if the firmware does not have enough available space, or a
915 * converted EFI status code if either of set_variable() or
916 * get_variable() fail.
917 *
918 * If the EFI variable does not exist when calling set_variable()
919 * (EFI_NOT_FOUND), @entry is removed from the variable list.
920 */
efivar_entry_set_get_size(struct efivar_entry * entry,u32 attributes,unsigned long * size,void * data,bool * set)921 int efivar_entry_set_get_size(struct efivar_entry *entry, u32 attributes,
922 unsigned long *size, void *data, bool *set)
923 {
924 const struct efivar_operations *ops = __efivars->ops;
925 efi_char16_t *name = entry->var.VariableName;
926 efi_guid_t *vendor = &entry->var.VendorGuid;
927 efi_status_t status;
928 int err;
929
930 *set = false;
931
932 if (efivar_validate(*vendor, name, data, *size) == false)
933 return -EINVAL;
934
935 /*
936 * The lock here protects the get_variable call, the conditional
937 * set_variable call, and removal of the variable from the efivars
938 * list (in the case of an authenticated delete).
939 */
940 if (down_interruptible(&efivars_lock))
941 return -EINTR;
942
943 /*
944 * Ensure that the available space hasn't shrunk below the safe level
945 */
946 status = check_var_size(attributes, *size + ucs2_strsize(name, 1024));
947 if (status != EFI_SUCCESS) {
948 if (status != EFI_UNSUPPORTED) {
949 err = efi_status_to_err(status);
950 goto out;
951 }
952
953 if (*size > 65536) {
954 err = -ENOSPC;
955 goto out;
956 }
957 }
958
959 status = ops->set_variable(name, vendor, attributes, *size, data);
960 if (status != EFI_SUCCESS) {
961 err = efi_status_to_err(status);
962 goto out;
963 }
964
965 *set = true;
966
967 /*
968 * Writing to the variable may have caused a change in size (which
969 * could either be an append or an overwrite), or the variable to be
970 * deleted. Perform a GetVariable() so we can tell what actually
971 * happened.
972 */
973 *size = 0;
974 status = ops->get_variable(entry->var.VariableName,
975 &entry->var.VendorGuid,
976 NULL, size, NULL);
977
978 if (status == EFI_NOT_FOUND)
979 efivar_entry_list_del_unlock(entry);
980 else
981 up(&efivars_lock);
982
983 if (status && status != EFI_BUFFER_TOO_SMALL)
984 return efi_status_to_err(status);
985
986 return 0;
987
988 out:
989 up(&efivars_lock);
990 return err;
991
992 }
993 EXPORT_SYMBOL_GPL(efivar_entry_set_get_size);
994
995 /**
996 * efivar_entry_iter_begin - begin iterating the variable list
997 *
998 * Lock the variable list to prevent entry insertion and removal until
999 * efivar_entry_iter_end() is called. This function is usually used in
1000 * conjunction with __efivar_entry_iter() or efivar_entry_iter().
1001 */
efivar_entry_iter_begin(void)1002 int efivar_entry_iter_begin(void)
1003 {
1004 return down_interruptible(&efivars_lock);
1005 }
1006 EXPORT_SYMBOL_GPL(efivar_entry_iter_begin);
1007
1008 /**
1009 * efivar_entry_iter_end - finish iterating the variable list
1010 *
1011 * Unlock the variable list and allow modifications to the list again.
1012 */
efivar_entry_iter_end(void)1013 void efivar_entry_iter_end(void)
1014 {
1015 up(&efivars_lock);
1016 }
1017 EXPORT_SYMBOL_GPL(efivar_entry_iter_end);
1018
1019 /**
1020 * __efivar_entry_iter - iterate over variable list
1021 * @func: callback function
1022 * @head: head of the variable list
1023 * @data: function-specific data to pass to callback
1024 * @prev: entry to begin iterating from
1025 *
1026 * Iterate over the list of EFI variables and call @func with every
1027 * entry on the list. It is safe for @func to remove entries in the
1028 * list via efivar_entry_delete().
1029 *
1030 * You MUST call efivar_enter_iter_begin() before this function, and
1031 * efivar_entry_iter_end() afterwards.
1032 *
1033 * It is possible to begin iteration from an arbitrary entry within
1034 * the list by passing @prev. @prev is updated on return to point to
1035 * the last entry passed to @func. To begin iterating from the
1036 * beginning of the list @prev must be %NULL.
1037 *
1038 * The restrictions for @func are the same as documented for
1039 * efivar_entry_iter().
1040 */
__efivar_entry_iter(int (* func)(struct efivar_entry *,void *),struct list_head * head,void * data,struct efivar_entry ** prev)1041 int __efivar_entry_iter(int (*func)(struct efivar_entry *, void *),
1042 struct list_head *head, void *data,
1043 struct efivar_entry **prev)
1044 {
1045 struct efivar_entry *entry, *n;
1046 int err = 0;
1047
1048 if (!prev || !*prev) {
1049 list_for_each_entry_safe(entry, n, head, list) {
1050 err = func(entry, data);
1051 if (err)
1052 break;
1053 }
1054
1055 if (prev)
1056 *prev = entry;
1057
1058 return err;
1059 }
1060
1061
1062 list_for_each_entry_safe_continue((*prev), n, head, list) {
1063 err = func(*prev, data);
1064 if (err)
1065 break;
1066 }
1067
1068 return err;
1069 }
1070 EXPORT_SYMBOL_GPL(__efivar_entry_iter);
1071
1072 /**
1073 * efivar_entry_iter - iterate over variable list
1074 * @func: callback function
1075 * @head: head of variable list
1076 * @data: function-specific data to pass to callback
1077 *
1078 * Iterate over the list of EFI variables and call @func with every
1079 * entry on the list. It is safe for @func to remove entries in the
1080 * list via efivar_entry_delete() while iterating.
1081 *
1082 * Some notes for the callback function:
1083 * - a non-zero return value indicates an error and terminates the loop
1084 * - @func is called from atomic context
1085 */
efivar_entry_iter(int (* func)(struct efivar_entry *,void *),struct list_head * head,void * data)1086 int efivar_entry_iter(int (*func)(struct efivar_entry *, void *),
1087 struct list_head *head, void *data)
1088 {
1089 int err = 0;
1090
1091 err = efivar_entry_iter_begin();
1092 if (err)
1093 return err;
1094 err = __efivar_entry_iter(func, head, data, NULL);
1095 efivar_entry_iter_end();
1096
1097 return err;
1098 }
1099 EXPORT_SYMBOL_GPL(efivar_entry_iter);
1100
1101 /**
1102 * efivars_kobject - get the kobject for the registered efivars
1103 *
1104 * If efivars_register() has not been called we return NULL,
1105 * otherwise return the kobject used at registration time.
1106 */
efivars_kobject(void)1107 struct kobject *efivars_kobject(void)
1108 {
1109 if (!__efivars)
1110 return NULL;
1111
1112 return __efivars->kobject;
1113 }
1114 EXPORT_SYMBOL_GPL(efivars_kobject);
1115
1116 /**
1117 * efivar_run_worker - schedule the efivar worker thread
1118 */
efivar_run_worker(void)1119 void efivar_run_worker(void)
1120 {
1121 if (efivar_wq_enabled)
1122 schedule_work(&efivar_work);
1123 }
1124 EXPORT_SYMBOL_GPL(efivar_run_worker);
1125
1126 /**
1127 * efivars_register - register an efivars
1128 * @efivars: efivars to register
1129 * @ops: efivars operations
1130 * @kobject: @efivars-specific kobject
1131 *
1132 * Only a single efivars can be registered at any time.
1133 */
efivars_register(struct efivars * efivars,const struct efivar_operations * ops,struct kobject * kobject)1134 int efivars_register(struct efivars *efivars,
1135 const struct efivar_operations *ops,
1136 struct kobject *kobject)
1137 {
1138 if (down_interruptible(&efivars_lock))
1139 return -EINTR;
1140
1141 efivars->ops = ops;
1142 efivars->kobject = kobject;
1143
1144 __efivars = efivars;
1145
1146 pr_info("Registered efivars operations\n");
1147
1148 up(&efivars_lock);
1149
1150 return 0;
1151 }
1152 EXPORT_SYMBOL_GPL(efivars_register);
1153
1154 /**
1155 * efivars_unregister - unregister an efivars
1156 * @efivars: efivars to unregister
1157 *
1158 * The caller must have already removed every entry from the list,
1159 * failure to do so is an error.
1160 */
efivars_unregister(struct efivars * efivars)1161 int efivars_unregister(struct efivars *efivars)
1162 {
1163 int rv;
1164
1165 if (down_interruptible(&efivars_lock))
1166 return -EINTR;
1167
1168 if (!__efivars) {
1169 printk(KERN_ERR "efivars not registered\n");
1170 rv = -EINVAL;
1171 goto out;
1172 }
1173
1174 if (__efivars != efivars) {
1175 rv = -EINVAL;
1176 goto out;
1177 }
1178
1179 pr_info("Unregistered efivars operations\n");
1180 __efivars = NULL;
1181
1182 rv = 0;
1183 out:
1184 up(&efivars_lock);
1185 return rv;
1186 }
1187 EXPORT_SYMBOL_GPL(efivars_unregister);
1188