1/* SPDX-License-Identifier: GPL-2.0+ */ 2/* 3 * Copyright (c) 2020, Heinrich Schuchardt <xypron.glpk@gmx.de> 4 */ 5 6#ifndef _EFI_VARIABLE_H 7#define _EFI_VARIABLE_H 8 9#include <linux/bitops.h> 10 11#define EFI_VARIABLE_READ_ONLY 0x80000000 12 13enum efi_auth_var_type { 14 EFI_AUTH_VAR_NONE = 0, 15 EFI_AUTH_MODE, 16 EFI_AUTH_VAR_PK, 17 EFI_AUTH_VAR_KEK, 18 EFI_AUTH_VAR_DB, 19 EFI_AUTH_VAR_DBX, 20 EFI_AUTH_VAR_DBT, 21 EFI_AUTH_VAR_DBR, 22}; 23 24/** 25 * efi_get_variable() - retrieve value of a UEFI variable 26 * 27 * @variable_name: name of the variable 28 * @vendor: vendor GUID 29 * @attributes: attributes of the variable 30 * @data_size: size of the buffer to which the variable value is copied 31 * @data: buffer to which the variable value is copied 32 * @timep: authentication time (seconds since start of epoch) 33 * Return: status code 34 */ 35efi_status_t efi_get_variable_int(const u16 *variable_name, 36 const efi_guid_t *vendor, 37 u32 *attributes, efi_uintn_t *data_size, 38 void *data, u64 *timep); 39 40/** 41 * efi_set_variable() - set value of a UEFI variable 42 * 43 * @variable_name: name of the variable 44 * @vendor: vendor GUID 45 * @attributes: attributes of the variable 46 * @data_size: size of the buffer with the variable value 47 * @data: buffer with the variable value 48 * @ro_check: check the read only read only bit in attributes 49 * Return: status code 50 */ 51efi_status_t efi_set_variable_int(const u16 *variable_name, 52 const efi_guid_t *vendor, 53 u32 attributes, efi_uintn_t data_size, 54 const void *data, bool ro_check); 55 56/** 57 * efi_get_next_variable_name_int() - enumerate the current variable names 58 * 59 * @variable_name_size: size of variable_name buffer in byte 60 * @variable_name: name of uefi variable's name in u16 61 * @vendor: vendor's guid 62 * 63 * See the Unified Extensible Firmware Interface (UEFI) specification for 64 * details. 65 * 66 * Return: status code 67 */ 68efi_status_t efi_get_next_variable_name_int(efi_uintn_t *variable_name_size, 69 u16 *variable_name, 70 efi_guid_t *vendor); 71 72/** 73 * efi_query_variable_info_int() - get information about EFI variables 74 * 75 * This function implements the QueryVariableInfo() runtime service. 76 * 77 * See the Unified Extensible Firmware Interface (UEFI) specification for 78 * details. 79 * 80 * @attributes: bitmask to select variables to be 81 * queried 82 * @maximum_variable_storage_size: maximum size of storage area for the 83 * selected variable types 84 * @remaining_variable_storage_size: remaining size of storage are for the 85 * selected variable types 86 * @maximum_variable_size: maximum size of a variable of the 87 * selected type 88 * Returns: status code 89 */ 90efi_status_t efi_query_variable_info_int(u32 attributes, 91 u64 *maximum_variable_storage_size, 92 u64 *remaining_variable_storage_size, 93 u64 *maximum_variable_size); 94 95#define EFI_VAR_FILE_NAME "ubootefi.var" 96 97#define EFI_VAR_BUF_SIZE CONFIG_EFI_VAR_BUF_SIZE 98 99/* 100 * This constant identifies the file format for storing UEFI variables in 101 * struct efi_var_file. 102 */ 103#define EFI_VAR_FILE_MAGIC 0x0161566966456255 /* UbEfiVa, version 1 */ 104 105/** 106 * struct efi_var_entry - UEFI variable file entry 107 * 108 * @length: length of enty, multiple of 8 109 * @attr: variable attributes 110 * @time: authentication time (seconds since start of epoch) 111 * @guid: vendor GUID 112 * @name: UTF16 variable name 113 */ 114struct efi_var_entry { 115 u32 length; 116 u32 attr; 117 u64 time; 118 efi_guid_t guid; 119 u16 name[]; 120}; 121 122/** 123 * struct efi_var_file - file for storing UEFI variables 124 * 125 * @reserved: unused, may be overwritten by memory probing 126 * @magic: identifies file format, takes value %EFI_VAR_FILE_MAGIC 127 * @length: length including header 128 * @crc32: CRC32 without header 129 * @var: variables 130 */ 131struct efi_var_file { 132 u64 reserved; 133 u64 magic; 134 u32 length; 135 u32 crc32; 136 struct efi_var_entry var[]; 137}; 138 139/** 140 * efi_var_to_file() - save non-volatile variables as file 141 * 142 * File ubootefi.var is created on the EFI system partion. 143 * 144 * Return: status code 145 */ 146efi_status_t efi_var_to_file(void); 147 148/** 149 * efi_var_collect() - collect variables in buffer 150 * 151 * A buffer is allocated and filled with variables in a format ready to be 152 * written to disk. 153 * 154 * @bufp: pointer to pointer of buffer with collected variables 155 * @lenp: pointer to length of buffer 156 * @check_attr_mask: bitmask with required attributes of variables to be collected. 157 * variables are only collected if all of the required 158 * attributes are set. 159 * Return: status code 160 */ 161efi_status_t __maybe_unused efi_var_collect(struct efi_var_file **bufp, loff_t *lenp, 162 u32 check_attr_mask); 163 164/** 165 * efi_var_restore() - restore EFI variables from buffer 166 * 167 * Only if @safe is set secure boot related variables will be restored. 168 * 169 * @buf: buffer 170 * @safe: restoring from tamper-resistant storage 171 * Return: status code 172 */ 173efi_status_t efi_var_restore(struct efi_var_file *buf, bool safe); 174 175/** 176 * efi_var_from_file() - read variables from file 177 * 178 * File ubootefi.var is read from the EFI system partitions and the variables 179 * stored in the file are created. 180 * 181 * In case the file does not exist yet or a variable cannot be set EFI_SUCCESS 182 * is returned. 183 * 184 * Return: status code 185 */ 186efi_status_t efi_var_from_file(void); 187 188/** 189 * efi_var_mem_init() - set-up variable list 190 * 191 * Return: status code 192 */ 193efi_status_t efi_var_mem_init(void); 194 195/** 196 * efi_var_mem_find() - find a variable in the list 197 * 198 * @guid: GUID of the variable 199 * @name: name of the variable 200 * @next: on exit pointer to the next variable after the found one 201 * Return: found variable 202 */ 203struct efi_var_entry *efi_var_mem_find(const efi_guid_t *guid, const u16 *name, 204 struct efi_var_entry **next); 205 206/** 207 * efi_var_mem_del() - delete a variable from the list of variables 208 * 209 * @var: variable to delete 210 */ 211void efi_var_mem_del(struct efi_var_entry *var); 212 213/** 214 * efi_var_mem_ins() - append a variable to the list of variables 215 * 216 * The variable is appended without checking if a variable of the same name 217 * already exists. The two data buffers are concatenated. 218 * 219 * @variable_name: variable name 220 * @vendor: GUID 221 * @attributes: variable attributes 222 * @size1: size of the first data buffer 223 * @data1: first data buffer 224 * @size2: size of the second data field 225 * @data2: second data buffer 226 * @time: time of authentication (as seconds since start of epoch) 227 * Result: status code 228 */ 229efi_status_t efi_var_mem_ins(const u16 *variable_name, 230 const efi_guid_t *vendor, u32 attributes, 231 const efi_uintn_t size1, const void *data1, 232 const efi_uintn_t size2, const void *data2, 233 const u64 time); 234 235/** 236 * efi_var_mem_free() - determine free memory for variables 237 * 238 * Return: maximum data size plus variable name size 239 */ 240u64 efi_var_mem_free(void); 241 242/** 243 * efi_init_secure_state - initialize secure boot state 244 * 245 * Return: status code 246 */ 247efi_status_t efi_init_secure_state(void); 248 249/** 250 * efi_auth_var_get_type() - convert variable name and guid to enum 251 * 252 * @name: name of UEFI variable 253 * @guid: guid of UEFI variable 254 * Return: identifier for authentication related variables 255 */ 256enum efi_auth_var_type efi_auth_var_get_type(const u16 *name, 257 const efi_guid_t *guid); 258 259/** 260 * efi_auth_var_get_guid() - get the predefined GUID for a variable name 261 * 262 * @name: name of UEFI variable 263 * Return: guid of UEFI variable 264 */ 265const efi_guid_t *efi_auth_var_get_guid(const u16 *name); 266 267/** 268 * efi_get_next_variable_name_mem() - Runtime common code across efi variable 269 * implementations for GetNextVariable() 270 * from the cached memory copy 271 * 272 * @variable_name_size: size of variable_name buffer in bytes 273 * @variable_name: name of uefi variable's name in u16 274 * @mask: bitmask with required attributes of variables to be collected. 275 * variables are only collected if all of the required 276 * attributes match. Use 0 to skip matching 277 * @vendor: vendor's guid 278 * 279 * Return: status code 280 */ 281efi_status_t __efi_runtime 282efi_get_next_variable_name_mem(efi_uintn_t *variable_name_size, u16 *variable_name, 283 efi_guid_t *vendor, u32 mask); 284/** 285 * efi_get_variable_mem() - Runtime common code across efi variable 286 * implementations for GetVariable() from 287 * the cached memory copy 288 * 289 * @variable_name: name of the variable 290 * @vendor: vendor GUID 291 * @attributes: attributes of the variable 292 * @data_size: size of the buffer to which the variable value is copied 293 * @data: buffer to which the variable value is copied 294 * @timep: authentication time (seconds since start of epoch) 295 * @mask: bitmask with required attributes of variables to be collected. 296 * variables are only collected if all of the required 297 * attributes match. Use 0 to skip matching 298 * Return: status code 299 */ 300efi_status_t __efi_runtime 301efi_get_variable_mem(const u16 *variable_name, const efi_guid_t *vendor, 302 u32 *attributes, efi_uintn_t *data_size, void *data, 303 u64 *timep, u32 mask); 304 305/** 306 * efi_get_variable_runtime() - runtime implementation of GetVariable() 307 * 308 * @variable_name: name of the variable 309 * @guid: vendor GUID 310 * @attributes: attributes of the variable 311 * @data_size: size of the buffer to which the variable value is copied 312 * @data: buffer to which the variable value is copied 313 * Return: status code 314 */ 315efi_status_t __efi_runtime EFIAPI 316efi_get_variable_runtime(u16 *variable_name, const efi_guid_t *guid, 317 u32 *attributes, efi_uintn_t *data_size, void *data); 318 319/** 320 * efi_get_next_variable_name_runtime() - runtime implementation of 321 * GetNextVariable() 322 * 323 * @variable_name_size: size of variable_name buffer in byte 324 * @variable_name: name of uefi variable's name in u16 325 * @guid: vendor's guid 326 * Return: status code 327 */ 328efi_status_t __efi_runtime EFIAPI 329efi_get_next_variable_name_runtime(efi_uintn_t *variable_name_size, 330 u16 *variable_name, efi_guid_t *guid); 331 332/** 333 * efi_var_buf_update() - udpate memory buffer for variables 334 * 335 * @var_buf: source buffer 336 * 337 * This function copies to the memory buffer for UEFI variables. Call this 338 * function in ExitBootServices() if memory backed variables are only used 339 * at runtime to fill the buffer. 340 */ 341void efi_var_buf_update(struct efi_var_file *var_buf); 342 343efi_status_t __efi_runtime efi_var_collect_mem(struct efi_var_file *buf, 344 efi_uintn_t *lenp, 345 u32 check_attr_mask); 346 347u32 efi_var_entry_len(struct efi_var_entry *var); 348 349#endif 350