1 // SPDX-License-Identifier: GPL-2.0+
3 * UEFI runtime variable services
5 * Copyright (c) 2017 Rob Clark
9 #include <efi_loader.h>
11 #include <env_internal.h>
17 #include <crypto/pkcs7_parser.h>
18 #include <linux/bitops.h>
19 #include <linux/compat.h>
20 #include <u-boot/crc.h>
22 enum efi_secure_mode {
29 static bool efi_secure_boot;
30 static enum efi_secure_mode efi_secure_mode;
31 static u8 efi_vendor_keys;
33 #define READ_ONLY BIT(31)
35 static efi_status_t efi_get_variable_common(u16 *variable_name,
36 const efi_guid_t *vendor,
38 efi_uintn_t *data_size, void *data,
41 static efi_status_t efi_set_variable_common(u16 *variable_name,
42 const efi_guid_t *vendor,
44 efi_uintn_t data_size,
49 * Mapping between EFI variables and u-boot variables:
51 * efi_$guid_$varname = {attributes}(type)value
55 * efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_OsIndicationsSupported=
56 * "{ro,boot,run}(blob)0000000000000000"
57 * efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_BootOrder=
60 * The attributes are a comma separated list of these possible
64 * + boot - boot-services access
65 * + run - runtime access
67 * NOTE: with current implementation, no variables are available after
68 * ExitBootServices, and all are persisted (if possible).
70 * If not specified, the attributes default to "{boot}".
72 * The required type is one of:
74 * + utf8 - raw utf8 string
75 * + blob - arbitrary length hex string
77 * Maybe a utf16 type would be useful to for a string value to be auto
81 #define PREFIX_LEN (strlen("efi_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx_"))
84 * efi_to_native() - convert the UEFI variable name and vendor GUID to U-Boot
87 * The U-Boot variable name is a concatenation of prefix 'efi', the hexstring
88 * encoded vendor GUID, and the UTF-8 encoded UEFI variable name separated by
89 * underscores, e.g. 'efi_8be4df61-93ca-11d2-aa0d-00e098032b8c_BootOrder'.
91 * @native: pointer to pointer to U-Boot variable name
92 * @variable_name: UEFI variable name
93 * @vendor: vendor GUID
96 static efi_status_t efi_to_native(char **native, const u16 *variable_name,
97 const efi_guid_t *vendor)
102 len = PREFIX_LEN + utf16_utf8_strlen(variable_name) + 1;
103 *native = malloc(len);
105 return EFI_OUT_OF_RESOURCES;
108 pos += sprintf(pos, "efi_%pUl_", vendor);
109 utf16_utf8_strcpy(&pos, variable_name);
115 * prefix() - skip over prefix
117 * Skip over a prefix string.
119 * @str: string with prefix
120 * @prefix: prefix string
121 * Return: string without prefix, or NULL if prefix not found
123 static const char *prefix(const char *str, const char *prefix)
125 size_t n = strlen(prefix);
126 if (!strncmp(prefix, str, n))
132 * parse_attr() - decode attributes part of variable value
134 * Convert the string encoded attributes of a UEFI variable to a bit mask.
135 * TODO: Several attributes are not supported.
137 * @str: value of U-Boot variable
138 * @attrp: pointer to UEFI attributes
139 * @timep: pointer to time attribute
140 * Return: pointer to remainder of U-Boot variable value
142 static const char *parse_attr(const char *str, u32 *attrp, u64 *timep)
148 *attrp = EFI_VARIABLE_BOOTSERVICE_ACCESS;
152 while (*str == sep) {
157 if ((s = prefix(str, "ro"))) {
159 } else if ((s = prefix(str, "nv"))) {
160 attr |= EFI_VARIABLE_NON_VOLATILE;
161 } else if ((s = prefix(str, "boot"))) {
162 attr |= EFI_VARIABLE_BOOTSERVICE_ACCESS;
163 } else if ((s = prefix(str, "run"))) {
164 attr |= EFI_VARIABLE_RUNTIME_ACCESS;
165 } else if ((s = prefix(str, "time="))) {
166 attr |= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
167 hex2bin((u8 *)timep, s, sizeof(*timep));
168 s += sizeof(*timep) * 2;
169 } else if (*str == '}') {
172 printf("invalid attribute: %s\n", str);
188 * efi_set_secure_state - modify secure boot state variables
189 * @secure_boot: value of SecureBoot
190 * @setup_mode: value of SetupMode
191 * @audit_mode: value of AuditMode
192 * @deployed_mode: value of DeployedMode
194 * Modify secure boot status related variables as indicated.
196 * Return: status code
198 static efi_status_t efi_set_secure_state(u8 secure_boot, u8 setup_mode,
199 u8 audit_mode, u8 deployed_mode)
204 attributes = EFI_VARIABLE_BOOTSERVICE_ACCESS |
205 EFI_VARIABLE_RUNTIME_ACCESS |
207 ret = efi_set_variable_common(L"SecureBoot", &efi_global_variable_guid,
208 attributes, sizeof(secure_boot),
209 &secure_boot, false);
210 if (ret != EFI_SUCCESS)
213 ret = efi_set_variable_common(L"SetupMode", &efi_global_variable_guid,
214 attributes, sizeof(setup_mode),
216 if (ret != EFI_SUCCESS)
219 ret = efi_set_variable_common(L"AuditMode", &efi_global_variable_guid,
220 attributes, sizeof(audit_mode),
222 if (ret != EFI_SUCCESS)
225 ret = efi_set_variable_common(L"DeployedMode",
226 &efi_global_variable_guid, attributes,
227 sizeof(deployed_mode), &deployed_mode,
234 * efi_transfer_secure_state - handle a secure boot state transition
237 * Depending on @mode, secure boot related variables are updated.
238 * Those variables are *read-only* for users, efi_set_variable_common()
241 * Return: status code
243 static efi_status_t efi_transfer_secure_state(enum efi_secure_mode mode)
247 EFI_PRINT("Switching secure state from %d to %d\n", efi_secure_mode,
250 if (mode == EFI_MODE_DEPLOYED) {
251 ret = efi_set_secure_state(1, 0, 0, 1);
252 if (ret != EFI_SUCCESS)
255 efi_secure_boot = true;
256 } else if (mode == EFI_MODE_AUDIT) {
257 ret = efi_set_variable_common(L"PK", &efi_global_variable_guid,
258 EFI_VARIABLE_BOOTSERVICE_ACCESS |
259 EFI_VARIABLE_RUNTIME_ACCESS,
261 if (ret != EFI_SUCCESS)
264 ret = efi_set_secure_state(0, 1, 1, 0);
265 if (ret != EFI_SUCCESS)
268 efi_secure_boot = true;
269 } else if (mode == EFI_MODE_USER) {
270 ret = efi_set_secure_state(1, 0, 0, 0);
271 if (ret != EFI_SUCCESS)
274 efi_secure_boot = true;
275 } else if (mode == EFI_MODE_SETUP) {
276 ret = efi_set_secure_state(0, 1, 0, 0);
277 if (ret != EFI_SUCCESS)
280 return EFI_INVALID_PARAMETER;
283 efi_secure_mode = mode;
288 /* TODO: What action should be taken here? */
289 printf("ERROR: Secure state transition failed\n");
294 * efi_init_secure_state - initialize secure boot state
296 * Return: status code
298 static efi_status_t efi_init_secure_state(void)
300 enum efi_secure_mode mode;
306 * Since there is currently no "platform-specific" installation
307 * method of Platform Key, we can't say if VendorKeys is 0 or 1
312 ret = efi_get_variable_common(L"PK", &efi_global_variable_guid,
313 NULL, &size, NULL, NULL);
314 if (ret == EFI_BUFFER_TOO_SMALL) {
315 if (IS_ENABLED(CONFIG_EFI_SECURE_BOOT))
316 mode = EFI_MODE_USER;
318 mode = EFI_MODE_SETUP;
321 } else if (ret == EFI_NOT_FOUND) {
322 mode = EFI_MODE_SETUP;
328 ret = efi_transfer_secure_state(mode);
329 if (ret == EFI_SUCCESS)
330 ret = efi_set_variable_common(L"VendorKeys",
331 &efi_global_variable_guid,
332 EFI_VARIABLE_BOOTSERVICE_ACCESS |
333 EFI_VARIABLE_RUNTIME_ACCESS |
335 sizeof(efi_vendor_keys),
336 &efi_vendor_keys, false);
343 * efi_secure_boot_enabled - return if secure boot is enabled or not
345 * Return: true if enabled, false if disabled
347 bool efi_secure_boot_enabled(void)
349 return efi_secure_boot;
352 #ifdef CONFIG_EFI_SECURE_BOOT
353 static u8 pkcs7_hdr[] = {
355 0x30, 0x82, 0x05, 0xc7,
356 /* OID: pkcs7-signedData */
357 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x02,
358 /* Context Structured? */
359 0xa0, 0x82, 0x05, 0xb8,
363 * efi_variable_parse_signature - parse a signature in variable
364 * @buf: Pointer to variable's value
365 * @buflen: Length of @buf
367 * Parse a signature embedded in variable's value and instantiate
368 * a pkcs7_message structure. Since pkcs7_parse_message() accepts only
369 * pkcs7's signedData, some header needed be prepended for correctly
370 * parsing authentication data, particularly for variable's.
372 * Return: Pointer to pkcs7_message structure on success, NULL on error
374 static struct pkcs7_message *efi_variable_parse_signature(const void *buf,
379 struct pkcs7_message *msg;
382 * This is the best assumption to check if the binary is
383 * already in a form of pkcs7's signedData.
385 if (buflen > sizeof(pkcs7_hdr) &&
386 !memcmp(&((u8 *)buf)[4], &pkcs7_hdr[4], 11)) {
387 msg = pkcs7_parse_message(buf, buflen);
392 * Otherwise, we should add a dummy prefix sequence for pkcs7
393 * message parser to be able to process.
394 * NOTE: EDK2 also uses similar hack in WrapPkcs7Data()
395 * in CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
397 * The header should be composed in a more refined manner.
399 EFI_PRINT("Makeshift prefix added to authentication data\n");
400 ebuflen = sizeof(pkcs7_hdr) + buflen;
401 if (ebuflen <= 0x7f) {
402 EFI_PRINT("Data is too short\n");
406 ebuf = malloc(ebuflen);
408 EFI_PRINT("Out of memory\n");
412 memcpy(ebuf, pkcs7_hdr, sizeof(pkcs7_hdr));
413 memcpy(ebuf + sizeof(pkcs7_hdr), buf, buflen);
415 ebuf[2] = (len >> 8) & 0xff;
416 ebuf[3] = len & 0xff;
417 len = ebuflen - 0x13;
418 ebuf[0x11] = (len >> 8) & 0xff;
419 ebuf[0x12] = len & 0xff;
421 msg = pkcs7_parse_message(ebuf, ebuflen);
433 * efi_variable_authenticate - authenticate a variable
434 * @variable: Variable name in u16
435 * @vendor: Guid of variable
436 * @data_size: Size of @data
437 * @data: Pointer to variable's value
438 * @given_attr: Attributes to be given at SetVariable()
439 * @env_attr: Attributes that an existing variable holds
440 * @time: signed time that an existing variable holds
442 * Called by efi_set_variable() to verify that the input is correct.
443 * Will replace the given data pointer with another that points to
444 * the actual data to store in the internal memory.
445 * On success, @data and @data_size will be replaced with variable's
446 * actual data, excluding authentication data, and its size, and variable's
447 * attributes and signed time will also be returned in @env_attr and @time,
450 * Return: status code
452 static efi_status_t efi_variable_authenticate(u16 *variable,
453 const efi_guid_t *vendor,
454 efi_uintn_t *data_size,
455 const void **data, u32 given_attr,
456 u32 *env_attr, u64 *time)
458 const struct efi_variable_authentication_2 *auth;
459 struct efi_signature_store *truststore, *truststore2;
460 struct pkcs7_message *var_sig;
461 struct efi_image_regions *regs;
462 struct efi_time timestamp;
471 ret = EFI_SECURITY_VIOLATION;
473 if (*data_size < sizeof(struct efi_variable_authentication_2))
476 /* authentication data */
478 if (*data_size < (sizeof(auth->time_stamp)
479 + auth->auth_info.hdr.dwLength))
482 if (guidcmp(&auth->auth_info.cert_type, &efi_guid_cert_type_pkcs7))
485 memcpy(×tamp, &auth->time_stamp, sizeof(timestamp));
486 if (timestamp.pad1 || timestamp.nanosecond || timestamp.timezone ||
487 timestamp.daylight || timestamp.pad2)
490 *data += sizeof(auth->time_stamp) + auth->auth_info.hdr.dwLength;
491 *data_size -= (sizeof(auth->time_stamp)
492 + auth->auth_info.hdr.dwLength);
494 memset(&tm, 0, sizeof(tm));
495 tm.tm_year = timestamp.year;
496 tm.tm_mon = timestamp.month;
497 tm.tm_mday = timestamp.day;
498 tm.tm_hour = timestamp.hour;
499 tm.tm_min = timestamp.minute;
500 tm.tm_sec = timestamp.second;
501 new_time = rtc_mktime(&tm);
503 if (!efi_secure_boot_enabled()) {
504 /* finished checking */
509 if (new_time <= *time)
512 /* data to be digested */
513 regs = calloc(sizeof(*regs) + sizeof(struct image_region) * 5, 1);
517 efi_image_region_add(regs, (uint8_t *)variable,
519 + u16_strlen(variable) * sizeof(u16), 1);
520 efi_image_region_add(regs, (uint8_t *)vendor,
521 (uint8_t *)vendor + sizeof(*vendor), 1);
522 efi_image_region_add(regs, (uint8_t *)&given_attr,
523 (uint8_t *)&given_attr + sizeof(given_attr), 1);
524 efi_image_region_add(regs, (uint8_t *)×tamp,
525 (uint8_t *)×tamp + sizeof(timestamp), 1);
526 efi_image_region_add(regs, (uint8_t *)*data,
527 (uint8_t *)*data + *data_size, 1);
529 /* variable's signature list */
530 if (auth->auth_info.hdr.dwLength < sizeof(auth->auth_info))
532 var_sig = efi_variable_parse_signature(auth->auth_info.cert_data,
533 auth->auth_info.hdr.dwLength
534 - sizeof(auth->auth_info));
536 EFI_PRINT("Parsing variable's signature failed\n");
540 /* signature database used for authentication */
541 if (u16_strcmp(variable, L"PK") == 0 ||
542 u16_strcmp(variable, L"KEK") == 0) {
544 truststore = efi_sigstore_parse_sigdb(L"PK");
547 } else if (u16_strcmp(variable, L"db") == 0 ||
548 u16_strcmp(variable, L"dbx") == 0) {
549 /* with PK and KEK */
550 truststore = efi_sigstore_parse_sigdb(L"KEK");
551 truststore2 = efi_sigstore_parse_sigdb(L"PK");
557 truststore = truststore2;
561 /* TODO: support private authenticated variables */
565 /* verify signature */
566 if (efi_signature_verify_with_sigdb(regs, var_sig, truststore, NULL)) {
567 EFI_PRINT("Verified\n");
570 efi_signature_verify_with_sigdb(regs, var_sig,
571 truststore2, NULL)) {
572 EFI_PRINT("Verified\n");
574 EFI_PRINT("Verifying variable's signature failed\n");
579 /* finished checking */
580 *time = rtc_mktime(&tm);
584 efi_sigstore_free(truststore);
585 efi_sigstore_free(truststore2);
586 pkcs7_free_message(var_sig);
592 static efi_status_t efi_variable_authenticate(u16 *variable,
593 const efi_guid_t *vendor,
594 efi_uintn_t *data_size,
595 const void **data, u32 given_attr,
596 u32 *env_attr, u64 *time)
600 #endif /* CONFIG_EFI_SECURE_BOOT */
602 static efi_status_t efi_get_variable_common(u16 *variable_name,
603 const efi_guid_t *vendor,
605 efi_uintn_t *data_size, void *data,
610 unsigned long in_size;
611 const char *val = NULL, *s;
615 if (!variable_name || !vendor || !data_size)
616 return EFI_INVALID_PARAMETER;
618 ret = efi_to_native(&native_name, variable_name, vendor);
622 EFI_PRINT("get '%s'\n", native_name);
624 val = env_get(native_name);
627 return EFI_NOT_FOUND;
629 val = parse_attr(val, &attr, &time);
634 in_size = *data_size;
636 if ((s = prefix(val, "(blob)"))) {
637 size_t len = strlen(s);
639 /* number of hexadecimal digits must be even */
641 return EFI_DEVICE_ERROR;
643 /* two characters per byte: */
648 ret = EFI_BUFFER_TOO_SMALL;
653 EFI_PRINT("Variable with no data shouldn't exist.\n");
654 return EFI_INVALID_PARAMETER;
657 if (hex2bin(data, s, len))
658 return EFI_DEVICE_ERROR;
660 EFI_PRINT("got value: \"%s\"\n", s);
661 } else if ((s = prefix(val, "(utf8)"))) {
662 unsigned len = strlen(s) + 1;
667 ret = EFI_BUFFER_TOO_SMALL;
672 EFI_PRINT("Variable with no data shouldn't exist.\n");
673 return EFI_INVALID_PARAMETER;
676 memcpy(data, s, len);
677 ((char *)data)[len] = '\0';
679 EFI_PRINT("got value: \"%s\"\n", (char *)data);
681 EFI_PRINT("invalid value: '%s'\n", val);
682 return EFI_DEVICE_ERROR;
687 *attributes = attr & EFI_VARIABLE_MASK;
693 * efi_efi_get_variable() - retrieve value of a UEFI variable
695 * This function implements the GetVariable runtime service.
697 * See the Unified Extensible Firmware Interface (UEFI) specification for
700 * @variable_name: name of the variable
701 * @vendor: vendor GUID
702 * @attributes: attributes of the variable
703 * @data_size: size of the buffer to which the variable value is copied
704 * @data: buffer to which the variable value is copied
705 * Return: status code
707 efi_status_t EFIAPI efi_get_variable(u16 *variable_name,
708 const efi_guid_t *vendor, u32 *attributes,
709 efi_uintn_t *data_size, void *data)
713 EFI_ENTRY("\"%ls\" %pUl %p %p %p", variable_name, vendor, attributes,
716 ret = efi_get_variable_common(variable_name, vendor, attributes,
717 data_size, data, NULL);
718 return EFI_EXIT(ret);
721 static char *efi_variables_list;
722 static char *efi_cur_variable;
725 * parse_uboot_variable() - parse a u-boot variable and get uefi-related
727 * @variable: whole data of u-boot variable (ie. name=value)
728 * @variable_name_size: size of variable_name buffer in byte
729 * @variable_name: name of uefi variable in u16, null-terminated
730 * @vendor: vendor's guid
731 * @attributes: attributes
733 * A uefi variable is encoded into a u-boot variable as described above.
734 * This function parses such a u-boot variable and retrieve uefi-related
735 * information into respective parameters. In return, variable_name_size
736 * is the size of variable name including NULL.
738 * Return: EFI_SUCCESS if parsing is OK, EFI_NOT_FOUND when
739 * the entire variable list has been returned,
740 * otherwise non-zero status code
742 static efi_status_t parse_uboot_variable(char *variable,
743 efi_uintn_t *variable_name_size,
745 const efi_guid_t *vendor,
748 char *guid, *name, *end, c;
750 efi_uintn_t old_variable_name_size;
754 guid = strchr(variable, '_');
756 return EFI_INVALID_PARAMETER;
758 name = strchr(guid, '_');
760 return EFI_INVALID_PARAMETER;
762 end = strchr(name, '=');
764 return EFI_INVALID_PARAMETER;
766 name_len = end - name;
767 old_variable_name_size = *variable_name_size;
768 *variable_name_size = sizeof(u16) * (name_len + 1);
769 if (old_variable_name_size < *variable_name_size)
770 return EFI_BUFFER_TOO_SMALL;
772 end++; /* point to value */
776 utf8_utf16_strncpy(&p, name, name_len);
777 variable_name[name_len] = 0;
781 *(name - 1) = '\0'; /* guid need be null-terminated here */
782 if (uuid_str_to_bin(guid, (unsigned char *)vendor,
783 UUID_STR_FORMAT_GUID))
784 /* The only error would be EINVAL. */
785 return EFI_INVALID_PARAMETER;
789 parse_attr(end, attributes, &time);
795 * efi_get_next_variable_name() - enumerate the current variable names
797 * @variable_name_size: size of variable_name buffer in byte
798 * @variable_name: name of uefi variable's name in u16
799 * @vendor: vendor's guid
801 * This function implements the GetNextVariableName service.
803 * See the Unified Extensible Firmware Interface (UEFI) specification for
806 * Return: status code
808 efi_status_t EFIAPI efi_get_next_variable_name(efi_uintn_t *variable_name_size,
812 char *native_name, *variable;
813 ssize_t name_len, list_len;
815 char * const regexlist[] = {regex};
820 EFI_ENTRY("%p \"%ls\" %pUl", variable_name_size, variable_name, vendor);
822 if (!variable_name_size || !variable_name || !vendor)
823 return EFI_EXIT(EFI_INVALID_PARAMETER);
825 if (variable_name[0]) {
826 /* check null-terminated string */
827 for (i = 0; i < *variable_name_size; i++)
828 if (!variable_name[i])
830 if (i >= *variable_name_size)
831 return EFI_EXIT(EFI_INVALID_PARAMETER);
833 /* search for the last-returned variable */
834 ret = efi_to_native(&native_name, variable_name, vendor);
836 return EFI_EXIT(ret);
838 name_len = strlen(native_name);
839 for (variable = efi_variables_list; variable && *variable;) {
840 if (!strncmp(variable, native_name, name_len) &&
841 variable[name_len] == '=')
844 variable = strchr(variable, '\n');
850 if (!(variable && *variable))
851 return EFI_EXIT(EFI_INVALID_PARAMETER);
854 variable = strchr(variable, '\n');
857 if (!(variable && *variable))
858 return EFI_EXIT(EFI_NOT_FOUND);
861 *new search: free a list used in the previous search
863 free(efi_variables_list);
864 efi_variables_list = NULL;
865 efi_cur_variable = NULL;
867 snprintf(regex, 256, "efi_.*-.*-.*-.*-.*_.*");
868 list_len = hexport_r(&env_htab, '\n',
869 H_MATCH_REGEX | H_MATCH_KEY,
870 &efi_variables_list, 0, 1, regexlist);
873 return EFI_EXIT(EFI_NOT_FOUND);
875 variable = efi_variables_list;
878 ret = parse_uboot_variable(variable, variable_name_size, variable_name,
879 vendor, &attributes);
881 return EFI_EXIT(ret);
884 static efi_status_t efi_set_variable_common(u16 *variable_name,
885 const efi_guid_t *vendor,
887 efi_uintn_t data_size,
891 char *native_name = NULL, *old_data = NULL, *val = NULL, *s;
892 efi_uintn_t old_size;
896 efi_status_t ret = EFI_SUCCESS;
898 if (!variable_name || !*variable_name || !vendor ||
899 ((attributes & EFI_VARIABLE_RUNTIME_ACCESS) &&
900 !(attributes & EFI_VARIABLE_BOOTSERVICE_ACCESS))) {
901 ret = EFI_INVALID_PARAMETER;
905 ret = efi_to_native(&native_name, variable_name, vendor);
909 /* check if a variable exists */
912 ret = efi_get_variable_common(variable_name, vendor, &attr,
913 &old_size, NULL, &time);
914 append = !!(attributes & EFI_VARIABLE_APPEND_WRITE);
915 attributes &= ~(u32)EFI_VARIABLE_APPEND_WRITE;
916 delete = !append && (!data_size || !attributes);
918 /* check attributes */
920 if (ro_check && (attr & READ_ONLY)) {
921 ret = EFI_WRITE_PROTECTED;
925 /* attributes won't be changed */
927 ((ro_check && attr != attributes) ||
928 (!ro_check && ((attr & ~(u32)READ_ONLY)
929 != (attributes & ~(u32)READ_ONLY))))) {
930 ret = EFI_INVALID_PARAMETER;
934 if (delete || append) {
936 * Trying to delete or to update a non-existent
944 if (((!u16_strcmp(variable_name, L"PK") ||
945 !u16_strcmp(variable_name, L"KEK")) &&
946 !guidcmp(vendor, &efi_global_variable_guid)) ||
947 ((!u16_strcmp(variable_name, L"db") ||
948 !u16_strcmp(variable_name, L"dbx")) &&
949 !guidcmp(vendor, &efi_guid_image_security_database))) {
950 /* authentication is mandatory */
952 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) {
953 EFI_PRINT("%ls: AUTHENTICATED_WRITE_ACCESS required\n",
955 ret = EFI_INVALID_PARAMETER;
960 /* authenticate a variable */
961 if (IS_ENABLED(CONFIG_EFI_SECURE_BOOT)) {
962 if (attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) {
963 ret = EFI_INVALID_PARAMETER;
967 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) {
968 ret = efi_variable_authenticate(variable_name, vendor,
972 if (ret != EFI_SUCCESS)
975 /* last chance to check for delete */
981 (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS |
982 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) {
983 EFI_PRINT("Secure boot is not configured\n");
984 ret = EFI_INVALID_PARAMETER;
989 /* delete a variable */
991 /* !old_size case has been handled before */
998 old_data = malloc(old_size);
1000 ret = EFI_OUT_OF_RESOURCES;
1003 ret = efi_get_variable_common(variable_name, vendor,
1004 &attr, &old_size, old_data, NULL);
1005 if (ret != EFI_SUCCESS)
1011 val = malloc(2 * old_size + 2 * data_size
1012 + strlen("{ro,run,boot,nv,time=0123456701234567}(blob)")
1015 ret = EFI_OUT_OF_RESOURCES;
1024 attributes &= (READ_ONLY |
1025 EFI_VARIABLE_NON_VOLATILE |
1026 EFI_VARIABLE_BOOTSERVICE_ACCESS |
1027 EFI_VARIABLE_RUNTIME_ACCESS |
1028 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1029 s += sprintf(s, "{");
1030 while (attributes) {
1031 attr = 1 << (ffs(attributes) - 1);
1033 if (attr == READ_ONLY) {
1034 s += sprintf(s, "ro");
1035 } else if (attr == EFI_VARIABLE_NON_VOLATILE) {
1036 s += sprintf(s, "nv");
1037 } else if (attr == EFI_VARIABLE_BOOTSERVICE_ACCESS) {
1038 s += sprintf(s, "boot");
1039 } else if (attr == EFI_VARIABLE_RUNTIME_ACCESS) {
1040 s += sprintf(s, "run");
1042 EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) {
1043 s += sprintf(s, "time=");
1044 s = bin2hex(s, (u8 *)&time, sizeof(time));
1047 attributes &= ~attr;
1049 s += sprintf(s, ",");
1051 s += sprintf(s, "}");
1052 s += sprintf(s, "(blob)");
1054 /* store payload: */
1056 s = bin2hex(s, old_data, old_size);
1057 s = bin2hex(s, data, data_size);
1060 EFI_PRINT("setting: %s=%s\n", native_name, val);
1063 if (env_set(native_name, val)) {
1064 ret = EFI_DEVICE_ERROR;
1066 bool vendor_keys_modified = false;
1068 if ((u16_strcmp(variable_name, L"PK") == 0 &&
1069 guidcmp(vendor, &efi_global_variable_guid) == 0)) {
1070 ret = efi_transfer_secure_state(
1071 (delete ? EFI_MODE_SETUP :
1073 if (ret != EFI_SUCCESS)
1076 if (efi_secure_mode != EFI_MODE_SETUP)
1077 vendor_keys_modified = true;
1078 } else if ((u16_strcmp(variable_name, L"KEK") == 0 &&
1079 guidcmp(vendor, &efi_global_variable_guid) == 0)) {
1080 if (efi_secure_mode != EFI_MODE_SETUP)
1081 vendor_keys_modified = true;
1084 /* update VendorKeys */
1085 if (vendor_keys_modified & efi_vendor_keys) {
1086 efi_vendor_keys = 0;
1087 ret = efi_set_variable_common(
1089 &efi_global_variable_guid,
1090 EFI_VARIABLE_BOOTSERVICE_ACCESS
1091 | EFI_VARIABLE_RUNTIME_ACCESS
1093 sizeof(efi_vendor_keys),
1110 * efi_set_variable() - set value of a UEFI variable
1112 * This function implements the SetVariable runtime service.
1114 * See the Unified Extensible Firmware Interface (UEFI) specification for
1117 * @variable_name: name of the variable
1118 * @vendor: vendor GUID
1119 * @attributes: attributes of the variable
1120 * @data_size: size of the buffer with the variable value
1121 * @data: buffer with the variable value
1122 * Return: status code
1124 efi_status_t EFIAPI efi_set_variable(u16 *variable_name,
1125 const efi_guid_t *vendor, u32 attributes,
1126 efi_uintn_t data_size, const void *data)
1128 EFI_ENTRY("\"%ls\" %pUl %x %zu %p", variable_name, vendor, attributes,
1131 /* READ_ONLY bit is not part of API */
1132 attributes &= ~(u32)READ_ONLY;
1134 return EFI_EXIT(efi_set_variable_common(variable_name, vendor,
1135 attributes, data_size, data,
1140 * efi_query_variable_info() - get information about EFI variables
1142 * This function implements the QueryVariableInfo() runtime service.
1144 * See the Unified Extensible Firmware Interface (UEFI) specification for
1147 * @attributes: bitmask to select variables to be
1149 * @maximum_variable_storage_size: maximum size of storage area for the
1150 * selected variable types
1151 * @remaining_variable_storage_size: remaining size of storage are for the
1152 * selected variable types
1153 * @maximum_variable_size: maximum size of a variable of the
1155 * Returns: status code
1157 efi_status_t __efi_runtime EFIAPI efi_query_variable_info(
1159 u64 *maximum_variable_storage_size,
1160 u64 *remaining_variable_storage_size,
1161 u64 *maximum_variable_size)
1163 return EFI_UNSUPPORTED;
1167 * efi_get_variable_runtime() - runtime implementation of GetVariable()
1169 * @variable_name: name of the variable
1170 * @vendor: vendor GUID
1171 * @attributes: attributes of the variable
1172 * @data_size: size of the buffer to which the variable value is copied
1173 * @data: buffer to which the variable value is copied
1174 * Return: status code
1176 static efi_status_t __efi_runtime EFIAPI
1177 efi_get_variable_runtime(u16 *variable_name, const efi_guid_t *vendor,
1178 u32 *attributes, efi_uintn_t *data_size, void *data)
1180 return EFI_UNSUPPORTED;
1184 * efi_get_next_variable_name_runtime() - runtime implementation of
1187 * @variable_name_size: size of variable_name buffer in byte
1188 * @variable_name: name of uefi variable's name in u16
1189 * @vendor: vendor's guid
1190 * Return: status code
1192 static efi_status_t __efi_runtime EFIAPI
1193 efi_get_next_variable_name_runtime(efi_uintn_t *variable_name_size,
1194 u16 *variable_name, efi_guid_t *vendor)
1196 return EFI_UNSUPPORTED;
1200 * efi_set_variable_runtime() - runtime implementation of SetVariable()
1202 * @variable_name: name of the variable
1203 * @vendor: vendor GUID
1204 * @attributes: attributes of the variable
1205 * @data_size: size of the buffer with the variable value
1206 * @data: buffer with the variable value
1207 * Return: status code
1209 static efi_status_t __efi_runtime EFIAPI
1210 efi_set_variable_runtime(u16 *variable_name, const efi_guid_t *vendor,
1211 u32 attributes, efi_uintn_t data_size,
1214 return EFI_UNSUPPORTED;
1218 * efi_variables_boot_exit_notify() - notify ExitBootServices() is called
1220 void efi_variables_boot_exit_notify(void)
1222 efi_runtime_services.get_variable = efi_get_variable_runtime;
1223 efi_runtime_services.get_next_variable_name =
1224 efi_get_next_variable_name_runtime;
1225 efi_runtime_services.set_variable = efi_set_variable_runtime;
1226 efi_update_table_header_crc32(&efi_runtime_services.hdr);
1230 * efi_init_variables() - initialize variable services
1232 * Return: status code
1234 efi_status_t efi_init_variables(void)
1238 ret = efi_init_secure_state();