1 // SPDX-License-Identifier: GPL-2.0+
3 * UEFI runtime variable services
5 * Copyright (c) 2017 Rob Clark
9 #include <efi_loader.h>
10 #include <env_internal.h>
15 #include <linux/compat.h>
16 #include <u-boot/crc.h>
17 #include "../lib/crypto/pkcs7_parser.h"
19 enum efi_secure_mode {
26 const efi_guid_t efi_guid_cert_type_pkcs7 = EFI_CERT_TYPE_PKCS7_GUID;
27 static bool efi_secure_boot;
28 static int efi_secure_mode;
29 static u8 efi_vendor_keys;
31 #define READ_ONLY BIT(31)
34 * Mapping between EFI variables and u-boot variables:
36 * efi_$guid_$varname = {attributes}(type)value
40 * efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_OsIndicationsSupported=
41 * "{ro,boot,run}(blob)0000000000000000"
42 * efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_BootOrder=
45 * The attributes are a comma separated list of these possible
49 * + boot - boot-services access
50 * + run - runtime access
52 * NOTE: with current implementation, no variables are available after
53 * ExitBootServices, and all are persisted (if possible).
55 * If not specified, the attributes default to "{boot}".
57 * The required type is one of:
59 * + utf8 - raw utf8 string
60 * + blob - arbitrary length hex string
62 * Maybe a utf16 type would be useful to for a string value to be auto
66 #define PREFIX_LEN (strlen("efi_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx_"))
69 * efi_to_native() - convert the UEFI variable name and vendor GUID to U-Boot
72 * The U-Boot variable name is a concatenation of prefix 'efi', the hexstring
73 * encoded vendor GUID, and the UTF-8 encoded UEFI variable name separated by
74 * underscores, e.g. 'efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_BootOrder'.
76 * @native: pointer to pointer to U-Boot variable name
77 * @variable_name: UEFI variable name
78 * @vendor: vendor GUID
81 static efi_status_t efi_to_native(char **native, const u16 *variable_name,
82 const efi_guid_t *vendor)
87 len = PREFIX_LEN + utf16_utf8_strlen(variable_name) + 1;
88 *native = malloc(len);
90 return EFI_OUT_OF_RESOURCES;
93 pos += sprintf(pos, "efi_%pUl_", vendor);
94 utf16_utf8_strcpy(&pos, variable_name);
100 * prefix() - skip over prefix
102 * Skip over a prefix string.
104 * @str: string with prefix
105 * @prefix: prefix string
106 * Return: string without prefix, or NULL if prefix not found
108 static const char *prefix(const char *str, const char *prefix)
110 size_t n = strlen(prefix);
111 if (!strncmp(prefix, str, n))
117 * parse_attr() - decode attributes part of variable value
119 * Convert the string encoded attributes of a UEFI variable to a bit mask.
120 * TODO: Several attributes are not supported.
122 * @str: value of U-Boot variable
123 * @attrp: pointer to UEFI attributes
124 * @timep: pointer to time attribute
125 * Return: pointer to remainder of U-Boot variable value
127 static const char *parse_attr(const char *str, u32 *attrp, u64 *timep)
133 *attrp = EFI_VARIABLE_BOOTSERVICE_ACCESS;
137 while (*str == sep) {
142 if ((s = prefix(str, "ro"))) {
144 } else if ((s = prefix(str, "nv"))) {
145 attr |= EFI_VARIABLE_NON_VOLATILE;
146 } else if ((s = prefix(str, "boot"))) {
147 attr |= EFI_VARIABLE_BOOTSERVICE_ACCESS;
148 } else if ((s = prefix(str, "run"))) {
149 attr |= EFI_VARIABLE_RUNTIME_ACCESS;
150 } else if ((s = prefix(str, "time="))) {
151 attr |= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
152 hex2bin((u8 *)timep, s, sizeof(*timep));
153 s += sizeof(*timep) * 2;
154 } else if (*str == '}') {
157 printf("invalid attribute: %s\n", str);
172 static efi_status_t efi_set_variable_internal(u16 *variable_name,
173 const efi_guid_t *vendor,
175 efi_uintn_t data_size,
180 * efi_transfer_secure_state - handle a secure boot state transition
183 * Depending on @mode, secure boot related variables are updated.
184 * Those variables are *read-only* for users, efi_set_variable_internal()
187 * Return: EFI_SUCCESS on success, status code (negative) on error
189 static efi_status_t efi_transfer_secure_state(enum efi_secure_mode mode)
195 debug("Secure state from %d to %d\n", efi_secure_mode, mode);
197 attributes = EFI_VARIABLE_BOOTSERVICE_ACCESS |
198 EFI_VARIABLE_RUNTIME_ACCESS;
199 if (mode == EFI_MODE_DEPLOYED) {
201 ret = efi_set_variable_internal(L"SecureBoot",
202 &efi_global_variable_guid,
203 attributes | READ_ONLY,
206 if (ret != EFI_SUCCESS)
209 ret = efi_set_variable_internal(L"SetupMode",
210 &efi_global_variable_guid,
211 attributes | READ_ONLY,
214 if (ret != EFI_SUCCESS)
217 ret = efi_set_variable_internal(L"AuditMode",
218 &efi_global_variable_guid,
219 attributes | READ_ONLY,
222 if (ret != EFI_SUCCESS)
225 ret = efi_set_variable_internal(L"DeployedMode",
226 &efi_global_variable_guid,
227 attributes | READ_ONLY,
230 if (ret != EFI_SUCCESS)
233 efi_secure_boot = true;
234 } else if (mode == EFI_MODE_AUDIT) {
235 ret = efi_set_variable_internal(L"PK",
236 &efi_global_variable_guid,
240 if (ret != EFI_SUCCESS)
243 ret = efi_set_variable_internal(L"SecureBoot",
244 &efi_global_variable_guid,
245 attributes | READ_ONLY,
248 if (ret != EFI_SUCCESS)
251 ret = efi_set_variable_internal(L"SetupMode",
252 &efi_global_variable_guid,
253 attributes | READ_ONLY,
256 if (ret != EFI_SUCCESS)
259 ret = efi_set_variable_internal(L"AuditMode",
260 &efi_global_variable_guid,
261 attributes | READ_ONLY,
264 if (ret != EFI_SUCCESS)
267 ret = efi_set_variable_internal(L"DeployedMode",
268 &efi_global_variable_guid,
269 attributes | READ_ONLY,
272 if (ret != EFI_SUCCESS)
275 efi_secure_boot = true;
276 } else if (mode == EFI_MODE_USER) {
278 ret = efi_set_variable_internal(L"SecureBoot",
279 &efi_global_variable_guid,
280 attributes | READ_ONLY,
283 if (ret != EFI_SUCCESS)
286 ret = efi_set_variable_internal(L"SetupMode",
287 &efi_global_variable_guid,
288 attributes | READ_ONLY,
291 if (ret != EFI_SUCCESS)
294 ret = efi_set_variable_internal(L"AuditMode",
295 &efi_global_variable_guid,
299 if (ret != EFI_SUCCESS)
302 ret = efi_set_variable_internal(L"DeployedMode",
303 &efi_global_variable_guid,
307 if (ret != EFI_SUCCESS)
310 efi_secure_boot = true;
311 } else if (mode == EFI_MODE_SETUP) {
313 ret = efi_set_variable_internal(L"SecureBoot",
314 &efi_global_variable_guid,
315 attributes | READ_ONLY,
318 if (ret != EFI_SUCCESS)
321 ret = efi_set_variable_internal(L"SetupMode",
322 &efi_global_variable_guid,
323 attributes | READ_ONLY,
326 if (ret != EFI_SUCCESS)
329 ret = efi_set_variable_internal(L"AuditMode",
330 &efi_global_variable_guid,
334 if (ret != EFI_SUCCESS)
337 ret = efi_set_variable_internal(L"DeployedMode",
338 &efi_global_variable_guid,
339 attributes | READ_ONLY,
342 if (ret != EFI_SUCCESS)
345 return EFI_INVALID_PARAMETER;
348 efi_secure_mode = mode;
353 /* TODO: What action should be taken here? */
354 printf("ERROR: Secure state transition failed\n");
359 * efi_init_secure_state - initialize secure boot state
361 * Return: EFI_SUCCESS on success, status code (negative) on error
363 static efi_status_t efi_init_secure_state(void)
365 enum efi_secure_mode mode;
371 * Since there is currently no "platform-specific" installation
372 * method of Platform Key, we can't say if VendorKeys is 0 or 1
377 ret = EFI_CALL(efi_get_variable(L"PK", &efi_global_variable_guid,
379 if (ret == EFI_BUFFER_TOO_SMALL) {
380 if (IS_ENABLED(CONFIG_EFI_SECURE_BOOT))
381 mode = EFI_MODE_USER;
383 mode = EFI_MODE_SETUP;
386 } else if (ret == EFI_NOT_FOUND) {
387 mode = EFI_MODE_SETUP;
393 ret = efi_transfer_secure_state(mode);
394 if (ret == EFI_SUCCESS)
395 ret = efi_set_variable_internal(L"VendorKeys",
396 &efi_global_variable_guid,
397 EFI_VARIABLE_BOOTSERVICE_ACCESS
398 | EFI_VARIABLE_RUNTIME_ACCESS
400 sizeof(efi_vendor_keys),
409 * efi_secure_boot_enabled - return if secure boot is enabled or not
411 * Return: true if enabled, false if disabled
413 bool efi_secure_boot_enabled(void)
415 return efi_secure_boot;
418 #ifdef CONFIG_EFI_SECURE_BOOT
419 static u8 pkcs7_hdr[] = {
421 0x30, 0x82, 0x05, 0xc7,
422 /* OID: pkcs7-signedData */
423 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02,
424 /* Context Structured? */
425 0xa0, 0x82, 0x05, 0xb8,
429 * efi_variable_parse_signature - parse a signature in variable
430 * @buf: Pointer to variable's value
431 * @buflen: Length of @buf
433 * Parse a signature embedded in variable's value and instantiate
434 * a pkcs7_message structure. Since pkcs7_parse_message() accepts only
435 * pkcs7's signedData, some header needed be prepended for correctly
436 * parsing authentication data, particularly for variable's.
438 * Return: Pointer to pkcs7_message structure on success, NULL on error
440 static struct pkcs7_message *efi_variable_parse_signature(const void *buf,
445 struct pkcs7_message *msg;
448 * This is the best assumption to check if the binary is
449 * already in a form of pkcs7's signedData.
451 if (buflen > sizeof(pkcs7_hdr) &&
452 !memcmp(&((u8 *)buf)[4], &pkcs7_hdr[4], 11)) {
453 msg = pkcs7_parse_message(buf, buflen);
458 * Otherwise, we should add a dummy prefix sequence for pkcs7
459 * message parser to be able to process.
460 * NOTE: EDK2 also uses similar hack in WrapPkcs7Data()
461 * in CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
463 * The header should be composed in a more refined manner.
465 debug("Makeshift prefix added to authentication data\n");
466 ebuflen = sizeof(pkcs7_hdr) + buflen;
467 if (ebuflen <= 0x7f) {
468 debug("Data is too short\n");
472 ebuf = malloc(ebuflen);
474 debug("Out of memory\n");
478 memcpy(ebuf, pkcs7_hdr, sizeof(pkcs7_hdr));
479 memcpy(ebuf + sizeof(pkcs7_hdr), buf, buflen);
481 ebuf[2] = (len >> 8) & 0xff;
482 ebuf[3] = len & 0xff;
483 len = ebuflen - 0x13;
484 ebuf[0x11] = (len >> 8) & 0xff;
485 ebuf[0x12] = len & 0xff;
487 msg = pkcs7_parse_message(ebuf, ebuflen);
499 * efi_variable_authenticate - authenticate a variable
500 * @variable: Variable name in u16
501 * @vendor: Guid of variable
502 * @data_size: Size of @data
503 * @data: Pointer to variable's value
504 * @given_attr: Attributes to be given at SetVariable()
505 * @env_attr: Attributes that an existing variable holds
506 * @time: signed time that an existing variable holds
508 * Called by efi_set_variable() to verify that the input is correct.
509 * Will replace the given data pointer with another that points to
510 * the actual data to store in the internal memory.
511 * On success, @data and @data_size will be replaced with variable's
512 * actual data, excluding authentication data, and its size, and variable's
513 * attributes and signed time will also be returned in @env_attr and @time,
516 * Return: EFI_SUCCESS on success, status code (negative) on error
518 static efi_status_t efi_variable_authenticate(u16 *variable,
519 const efi_guid_t *vendor,
520 efi_uintn_t *data_size,
521 const void **data, u32 given_attr,
522 u32 *env_attr, u64 *time)
524 const struct efi_variable_authentication_2 *auth;
525 struct efi_signature_store *truststore, *truststore2;
526 struct pkcs7_message *var_sig;
527 struct efi_image_regions *regs;
528 struct efi_time timestamp;
537 ret = EFI_SECURITY_VIOLATION;
539 if (*data_size < sizeof(struct efi_variable_authentication_2))
542 /* authentication data */
544 if (*data_size < (sizeof(auth->time_stamp)
545 + auth->auth_info.hdr.dwLength))
548 if (guidcmp(&auth->auth_info.cert_type, &efi_guid_cert_type_pkcs7))
551 *data += sizeof(auth->time_stamp) + auth->auth_info.hdr.dwLength;
552 *data_size -= (sizeof(auth->time_stamp)
553 + auth->auth_info.hdr.dwLength);
555 memcpy(×tamp, &auth->time_stamp, sizeof(timestamp));
556 memset(&tm, 0, sizeof(tm));
557 tm.tm_year = timestamp.year;
558 tm.tm_mon = timestamp.month;
559 tm.tm_mday = timestamp.day;
560 tm.tm_hour = timestamp.hour;
561 tm.tm_min = timestamp.minute;
562 tm.tm_sec = timestamp.second;
563 new_time = rtc_mktime(&tm);
565 if (!efi_secure_boot_enabled()) {
566 /* finished checking */
571 if (new_time <= *time)
574 /* data to be digested */
575 regs = calloc(sizeof(*regs) + sizeof(struct image_region) * 5, 1);
579 efi_image_region_add(regs, (uint8_t *)variable,
581 + u16_strlen(variable) * sizeof(u16), 1);
582 efi_image_region_add(regs, (uint8_t *)vendor,
583 (uint8_t *)vendor + sizeof(*vendor), 1);
584 efi_image_region_add(regs, (uint8_t *)&given_attr,
585 (uint8_t *)&given_attr + sizeof(given_attr), 1);
586 efi_image_region_add(regs, (uint8_t *)×tamp,
587 (uint8_t *)×tamp + sizeof(timestamp), 1);
588 efi_image_region_add(regs, (uint8_t *)*data,
589 (uint8_t *)*data + *data_size, 1);
591 /* variable's signature list */
592 if (auth->auth_info.hdr.dwLength < sizeof(auth->auth_info))
594 var_sig = efi_variable_parse_signature(auth->auth_info.cert_data,
595 auth->auth_info.hdr.dwLength
596 - sizeof(auth->auth_info));
597 if (IS_ERR(var_sig)) {
598 debug("Parsing variable's signature failed\n");
603 /* signature database used for authentication */
604 if (u16_strcmp(variable, L"PK") == 0 ||
605 u16_strcmp(variable, L"KEK") == 0) {
607 truststore = efi_sigstore_parse_sigdb(L"PK");
610 } else if (u16_strcmp(variable, L"db") == 0 ||
611 u16_strcmp(variable, L"dbx") == 0) {
612 /* with PK and KEK */
613 truststore = efi_sigstore_parse_sigdb(L"KEK");
614 truststore2 = efi_sigstore_parse_sigdb(L"PK");
620 truststore = truststore2;
624 /* TODO: support private authenticated variables */
628 /* verify signature */
629 if (efi_signature_verify_with_sigdb(regs, var_sig, truststore, NULL)) {
633 efi_signature_verify_with_sigdb(regs, var_sig,
634 truststore2, NULL)) {
637 debug("Verifying variable's signature failed\n");
642 /* finished checking */
643 *time = rtc_mktime(&tm);
647 efi_sigstore_free(truststore);
648 efi_sigstore_free(truststore2);
649 pkcs7_free_message(var_sig);
655 static efi_status_t efi_variable_authenticate(u16 *variable,
656 const efi_guid_t *vendor,
657 efi_uintn_t *data_size,
658 const void **data, u32 given_attr,
659 u32 *env_attr, u64 *time)
663 #endif /* CONFIG_EFI_SECURE_BOOT */
666 efi_status_t EFIAPI efi_get_variable_common(u16 *variable_name,
667 const efi_guid_t *vendor,
669 efi_uintn_t *data_size, void *data,
670 bool is_non_volatile)
674 unsigned long in_size;
675 const char *val = NULL, *s;
679 if (!variable_name || !vendor || !data_size)
680 return EFI_EXIT(EFI_INVALID_PARAMETER);
682 ret = efi_to_native(&native_name, variable_name, vendor);
686 EFI_PRINT("get '%s'\n", native_name);
688 val = env_get(native_name);
691 return EFI_NOT_FOUND;
693 val = parse_attr(val, &attr, &time);
695 in_size = *data_size;
697 if ((s = prefix(val, "(blob)"))) {
698 size_t len = strlen(s);
700 /* number of hexadecimal digits must be even */
702 return EFI_DEVICE_ERROR;
704 /* two characters per byte: */
709 ret = EFI_BUFFER_TOO_SMALL;
714 debug("Variable with no data shouldn't exist.\n");
715 return EFI_INVALID_PARAMETER;
718 if (hex2bin(data, s, len))
719 return EFI_DEVICE_ERROR;
721 EFI_PRINT("got value: \"%s\"\n", s);
722 } else if ((s = prefix(val, "(utf8)"))) {
723 unsigned len = strlen(s) + 1;
728 ret = EFI_BUFFER_TOO_SMALL;
733 debug("Variable with no data shouldn't exist.\n");
734 return EFI_INVALID_PARAMETER;
737 memcpy(data, s, len);
738 ((char *)data)[len] = '\0';
740 EFI_PRINT("got value: \"%s\"\n", (char *)data);
742 EFI_PRINT("invalid value: '%s'\n", val);
743 return EFI_DEVICE_ERROR;
748 *attributes = attr & EFI_VARIABLE_MASK;
754 efi_status_t EFIAPI efi_get_volatile_variable(u16 *variable_name,
755 const efi_guid_t *vendor,
757 efi_uintn_t *data_size,
760 return efi_get_variable_common(variable_name, vendor, attributes,
761 data_size, data, false);
764 efi_status_t EFIAPI efi_get_nonvolatile_variable(u16 *variable_name,
765 const efi_guid_t *vendor,
767 efi_uintn_t *data_size,
770 return efi_get_variable_common(variable_name, vendor, attributes,
771 data_size, data, true);
775 * efi_efi_get_variable() - retrieve value of a UEFI variable
777 * This function implements the GetVariable runtime service.
779 * See the Unified Extensible Firmware Interface (UEFI) specification for
782 * @variable_name: name of the variable
783 * @vendor: vendor GUID
784 * @attributes: attributes of the variable
785 * @data_size: size of the buffer to which the variable value is copied
786 * @data: buffer to which the variable value is copied
787 * Return: status code
789 efi_status_t EFIAPI efi_get_variable(u16 *variable_name,
790 const efi_guid_t *vendor, u32 *attributes,
791 efi_uintn_t *data_size, void *data)
795 EFI_ENTRY("\"%ls\" %pUl %p %p %p", variable_name, vendor, attributes,
798 ret = efi_get_volatile_variable(variable_name, vendor, attributes,
800 if (ret == EFI_NOT_FOUND)
801 ret = efi_get_nonvolatile_variable(variable_name, vendor,
802 attributes, data_size, data);
804 return EFI_EXIT(ret);
807 static char *efi_variables_list;
808 static char *efi_cur_variable;
811 * parse_uboot_variable() - parse a u-boot variable and get uefi-related
813 * @variable: whole data of u-boot variable (ie. name=value)
814 * @variable_name_size: size of variable_name buffer in byte
815 * @variable_name: name of uefi variable in u16, null-terminated
816 * @vendor: vendor's guid
817 * @attributes: attributes
819 * A uefi variable is encoded into a u-boot variable as described above.
820 * This function parses such a u-boot variable and retrieve uefi-related
821 * information into respective parameters. In return, variable_name_size
822 * is the size of variable name including NULL.
824 * Return: EFI_SUCCESS if parsing is OK, EFI_NOT_FOUND when
825 * the entire variable list has been returned,
826 * otherwise non-zero status code
828 static efi_status_t parse_uboot_variable(char *variable,
829 efi_uintn_t *variable_name_size,
831 const efi_guid_t *vendor,
834 char *guid, *name, *end, c;
836 efi_uintn_t old_variable_name_size;
840 guid = strchr(variable, '_');
842 return EFI_INVALID_PARAMETER;
844 name = strchr(guid, '_');
846 return EFI_INVALID_PARAMETER;
848 end = strchr(name, '=');
850 return EFI_INVALID_PARAMETER;
852 name_len = end - name;
853 old_variable_name_size = *variable_name_size;
854 *variable_name_size = sizeof(u16) * (name_len + 1);
855 if (old_variable_name_size < *variable_name_size)
856 return EFI_BUFFER_TOO_SMALL;
858 end++; /* point to value */
862 utf8_utf16_strncpy(&p, name, name_len);
863 variable_name[name_len] = 0;
867 *(name - 1) = '\0'; /* guid need be null-terminated here */
868 uuid_str_to_bin(guid, (unsigned char *)vendor, UUID_STR_FORMAT_GUID);
872 parse_attr(end, attributes, &time);
878 * efi_get_next_variable_name() - enumerate the current variable names
880 * @variable_name_size: size of variable_name buffer in byte
881 * @variable_name: name of uefi variable's name in u16
882 * @vendor: vendor's guid
884 * This function implements the GetNextVariableName service.
886 * See the Unified Extensible Firmware Interface (UEFI) specification for
889 * Return: status code
891 efi_status_t EFIAPI efi_get_next_variable_name(efi_uintn_t *variable_name_size,
895 char *native_name, *variable;
896 ssize_t name_len, list_len;
898 char * const regexlist[] = {regex};
903 EFI_ENTRY("%p \"%ls\" %pUl", variable_name_size, variable_name, vendor);
905 if (!variable_name_size || !variable_name || !vendor)
906 return EFI_EXIT(EFI_INVALID_PARAMETER);
908 if (variable_name[0]) {
909 /* check null-terminated string */
910 for (i = 0; i < *variable_name_size; i++)
911 if (!variable_name[i])
913 if (i >= *variable_name_size)
914 return EFI_EXIT(EFI_INVALID_PARAMETER);
916 /* search for the last-returned variable */
917 ret = efi_to_native(&native_name, variable_name, vendor);
919 return EFI_EXIT(ret);
921 name_len = strlen(native_name);
922 for (variable = efi_variables_list; variable && *variable;) {
923 if (!strncmp(variable, native_name, name_len) &&
924 variable[name_len] == '=')
927 variable = strchr(variable, '\n');
933 if (!(variable && *variable))
934 return EFI_EXIT(EFI_INVALID_PARAMETER);
937 variable = strchr(variable, '\n');
940 if (!(variable && *variable))
941 return EFI_EXIT(EFI_NOT_FOUND);
944 *new search: free a list used in the previous search
946 free(efi_variables_list);
947 efi_variables_list = NULL;
948 efi_cur_variable = NULL;
950 snprintf(regex, 256, "efi_.*-.*-.*-.*-.*_.*");
951 list_len = hexport_r(&env_htab, '\n',
952 H_MATCH_REGEX | H_MATCH_KEY,
953 &efi_variables_list, 0, 1, regexlist);
956 return EFI_EXIT(EFI_NOT_FOUND);
958 variable = efi_variables_list;
961 ret = parse_uboot_variable(variable, variable_name_size, variable_name,
962 vendor, &attributes);
964 return EFI_EXIT(ret);
968 efi_status_t EFIAPI efi_set_variable_common(u16 *variable_name,
969 const efi_guid_t *vendor,
971 efi_uintn_t data_size,
974 bool is_non_volatile)
976 char *native_name = NULL, *old_data = NULL, *val = NULL, *s;
977 efi_uintn_t old_size;
981 efi_status_t ret = EFI_SUCCESS;
983 debug("%s: set '%s'\n", __func__, native_name);
985 if (!variable_name || !*variable_name || !vendor ||
986 ((attributes & EFI_VARIABLE_RUNTIME_ACCESS) &&
987 !(attributes & EFI_VARIABLE_BOOTSERVICE_ACCESS))) {
988 ret = EFI_INVALID_PARAMETER;
992 ret = efi_to_native(&native_name, variable_name, vendor);
996 /* check if a variable exists */
999 ret = EFI_CALL(efi_get_variable(variable_name, vendor, &attr,
1001 if (ret == EFI_BUFFER_TOO_SMALL) {
1002 if ((is_non_volatile && !(attr & EFI_VARIABLE_NON_VOLATILE)) ||
1003 (!is_non_volatile && (attr & EFI_VARIABLE_NON_VOLATILE))) {
1004 ret = EFI_INVALID_PARAMETER;
1009 append = !!(attributes & EFI_VARIABLE_APPEND_WRITE);
1010 attributes &= ~(u32)EFI_VARIABLE_APPEND_WRITE;
1011 delete = !append && (!data_size || !attributes);
1013 /* check attributes */
1015 if (ro_check && (attr & READ_ONLY)) {
1016 ret = EFI_WRITE_PROTECTED;
1020 /* attributes won't be changed */
1022 ((ro_check && attr != attributes) ||
1023 (!ro_check && ((attr & ~(u32)READ_ONLY)
1024 != (attributes & ~(u32)READ_ONLY))))) {
1025 ret = EFI_INVALID_PARAMETER;
1029 if (delete || append) {
1031 * Trying to delete or to update a non-existent
1034 ret = EFI_NOT_FOUND;
1039 if (((!u16_strcmp(variable_name, L"PK") ||
1040 !u16_strcmp(variable_name, L"KEK")) &&
1041 !guidcmp(vendor, &efi_global_variable_guid)) ||
1042 ((!u16_strcmp(variable_name, L"db") ||
1043 !u16_strcmp(variable_name, L"dbx")) &&
1044 !guidcmp(vendor, &efi_guid_image_security_database))) {
1045 /* authentication is mandatory */
1047 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) {
1048 debug("%ls: AUTHENTICATED_WRITE_ACCESS required\n",
1050 ret = EFI_INVALID_PARAMETER;
1055 /* authenticate a variable */
1056 if (IS_ENABLED(CONFIG_EFI_SECURE_BOOT)) {
1057 if (attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) {
1058 ret = EFI_INVALID_PARAMETER;
1062 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) {
1063 ret = efi_variable_authenticate(variable_name, vendor,
1067 if (ret != EFI_SUCCESS)
1070 /* last chance to check for delete */
1076 (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS |
1077 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) {
1078 debug("Secure boot is not configured\n");
1079 ret = EFI_INVALID_PARAMETER;
1084 /* delete a variable */
1086 /* !old_size case has been handled before */
1093 old_data = malloc(old_size);
1095 return EFI_OUT_OF_RESOURCES;
1098 ret = EFI_CALL(efi_get_variable(variable_name, vendor,
1099 &attr, &old_size, old_data));
1100 if (ret != EFI_SUCCESS)
1106 val = malloc(2 * old_size + 2 * data_size
1107 + strlen("{ro,run,boot,nv,time=0123456701234567}(blob)")
1110 ret = EFI_OUT_OF_RESOURCES;
1119 attributes &= (READ_ONLY |
1120 EFI_VARIABLE_NON_VOLATILE |
1121 EFI_VARIABLE_BOOTSERVICE_ACCESS |
1122 EFI_VARIABLE_RUNTIME_ACCESS |
1123 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1124 s += sprintf(s, "{");
1125 while (attributes) {
1126 attr = 1 << (ffs(attributes) - 1);
1128 if (attr == READ_ONLY) {
1129 s += sprintf(s, "ro");
1130 } else if (attr == EFI_VARIABLE_NON_VOLATILE) {
1131 s += sprintf(s, "nv");
1132 } else if (attr == EFI_VARIABLE_BOOTSERVICE_ACCESS) {
1133 s += sprintf(s, "boot");
1134 } else if (attr == EFI_VARIABLE_RUNTIME_ACCESS) {
1135 s += sprintf(s, "run");
1137 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) {
1138 s += sprintf(s, "time=");
1139 s = bin2hex(s, (u8 *)&time, sizeof(time));
1142 attributes &= ~attr;
1144 s += sprintf(s, ",");
1146 s += sprintf(s, "}");
1147 s += sprintf(s, "(blob)");
1149 /* store payload: */
1151 s = bin2hex(s, old_data, old_size);
1152 s = bin2hex(s, data, data_size);
1155 EFI_PRINT("setting: %s=%s\n", native_name, val);
1158 if (env_set(native_name, val)) {
1159 ret = EFI_DEVICE_ERROR;
1161 bool vendor_keys_modified = false;
1163 if ((u16_strcmp(variable_name, L"PK") == 0 &&
1164 guidcmp(vendor, &efi_global_variable_guid) == 0)) {
1165 ret = efi_transfer_secure_state(
1166 (delete ? EFI_MODE_SETUP :
1168 if (ret != EFI_SUCCESS)
1171 if (efi_secure_mode != EFI_MODE_SETUP)
1172 vendor_keys_modified = true;
1173 } else if ((u16_strcmp(variable_name, L"KEK") == 0 &&
1174 guidcmp(vendor, &efi_global_variable_guid) == 0)) {
1175 if (efi_secure_mode != EFI_MODE_SETUP)
1176 vendor_keys_modified = true;
1179 /* update VendorKeys */
1180 if (vendor_keys_modified & efi_vendor_keys) {
1181 efi_vendor_keys = 0;
1182 ret = efi_set_variable_internal(
1184 &efi_global_variable_guid,
1185 EFI_VARIABLE_BOOTSERVICE_ACCESS
1186 | EFI_VARIABLE_RUNTIME_ACCESS
1188 sizeof(efi_vendor_keys),
1205 efi_status_t EFIAPI efi_set_volatile_variable(u16 *variable_name,
1206 const efi_guid_t *vendor,
1208 efi_uintn_t data_size,
1212 return efi_set_variable_common(variable_name, vendor, attributes,
1213 data_size, data, ro_check, false);
1216 efi_status_t EFIAPI efi_set_nonvolatile_variable(u16 *variable_name,
1217 const efi_guid_t *vendor,
1219 efi_uintn_t data_size,
1225 ret = efi_set_variable_common(variable_name, vendor, attributes,
1226 data_size, data, ro_check, true);
1231 static efi_status_t efi_set_variable_internal(u16 *variable_name,
1232 const efi_guid_t *vendor,
1234 efi_uintn_t data_size,
1240 if (attributes & EFI_VARIABLE_NON_VOLATILE)
1241 ret = efi_set_nonvolatile_variable(variable_name, vendor,
1243 data_size, data, ro_check);
1245 ret = efi_set_volatile_variable(variable_name, vendor,
1246 attributes, data_size, data,
1253 * efi_set_variable() - set value of a UEFI variable
1255 * This function implements the SetVariable runtime service.
1257 * See the Unified Extensible Firmware Interface (UEFI) specification for
1260 * @variable_name: name of the variable
1261 * @vendor: vendor GUID
1262 * @attributes: attributes of the variable
1263 * @data_size: size of the buffer with the variable value
1264 * @data: buffer with the variable value
1265 * Return: status code
1267 efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
1268 const efi_guid_t *vendor, u32 attributes,
1269 efi_uintn_t data_size, const void *data)
1271 EFI_ENTRY("\"%ls\" %pUl %x %zu %p", variable_name, vendor, attributes,
1274 /* READ_ONLY bit is not part of API */
1275 attributes &= ~(u32)READ_ONLY;
1277 return EFI_EXIT(efi_set_variable_internal(variable_name, vendor,
1278 attributes, data_size, data,
1283 * efi_query_variable_info() - get information about EFI variables
1285 * This function implements the QueryVariableInfo() runtime service.
1287 * See the Unified Extensible Firmware Interface (UEFI) specification for
1290 * @attributes: bitmask to select variables to be
1292 * @maximum_variable_storage_size: maximum size of storage area for the
1293 * selected variable types
1294 * @remaining_variable_storage_size: remaining size of storage are for the
1295 * selected variable types
1296 * @maximum_variable_size: maximum size of a variable of the
1298 * Returns: status code
1300 efi_status_t __efi_runtime EFIAPI efi_query_variable_info(
1302 u64 *maximum_variable_storage_size,
1303 u64 *remaining_variable_storage_size,
1304 u64 *maximum_variable_size)
1306 return EFI_UNSUPPORTED;
1310 * efi_get_variable_runtime() - runtime implementation of GetVariable()
1312 * @variable_name: name of the variable
1313 * @vendor: vendor GUID
1314 * @attributes: attributes of the variable
1315 * @data_size: size of the buffer to which the variable value is copied
1316 * @data: buffer to which the variable value is copied
1317 * Return: status code
1319 static efi_status_t __efi_runtime EFIAPI
1320 efi_get_variable_runtime(u16 *variable_name, const efi_guid_t *vendor,
1321 u32 *attributes, efi_uintn_t *data_size, void *data)
1323 return EFI_UNSUPPORTED;
1327 * efi_get_next_variable_name_runtime() - runtime implementation of
1330 * @variable_name_size: size of variable_name buffer in byte
1331 * @variable_name: name of uefi variable's name in u16
1332 * @vendor: vendor's guid
1333 * Return: status code
1335 static efi_status_t __efi_runtime EFIAPI
1336 efi_get_next_variable_name_runtime(efi_uintn_t *variable_name_size,
1337 u16 *variable_name, efi_guid_t *vendor)
1339 return EFI_UNSUPPORTED;
1343 * efi_set_variable_runtime() - runtime implementation of SetVariable()
1345 * @variable_name: name of the variable
1346 * @vendor: vendor GUID
1347 * @attributes: attributes of the variable
1348 * @data_size: size of the buffer with the variable value
1349 * @data: buffer with the variable value
1350 * Return: status code
1352 static efi_status_t __efi_runtime EFIAPI
1353 efi_set_variable_runtime(u16 *variable_name, const efi_guid_t *vendor,
1354 u32 attributes, efi_uintn_t data_size,
1357 return EFI_UNSUPPORTED;
1361 * efi_variables_boot_exit_notify() - notify ExitBootServices() is called
1363 void efi_variables_boot_exit_notify(void)
1365 efi_runtime_services.get_variable = efi_get_variable_runtime;
1366 efi_runtime_services.get_next_variable_name =
1367 efi_get_next_variable_name_runtime;
1368 efi_runtime_services.set_variable = efi_set_variable_runtime;
1369 efi_update_table_header_crc32(&efi_runtime_services.hdr);
1373 * efi_init_variables() - initialize variable services
1375 * Return: status code
1377 efi_status_t efi_init_variables(void)
1381 ret = efi_init_secure_state();