/** Mark a variable that will become read-only after leaving the DXE phase of execution. Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTOCOL is allowed. @param[in] This The VARIABLE_LOCK_PROTOCOL instance. @param[in] VariableName A pointer to the variable name that will be made read-only subsequently. @param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently. @retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked as pending to be read-only. @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL. Or VariableName is an empty string. @retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has already been signaled. @retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request. **/ EFI_STATUS EFIAPI VariableLockRequestToLock ( IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This, IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid ) { EFI_STATUS Status; VAR_CHECK_VARIABLE_PROPERTY Property; AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock); Status = VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Property); if (!EFI_ERROR (Status)) { Property.Property |= VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY; } else { Property.Revision = VAR_CHECK_VARIABLE_PROPERTY_REVISION; Property.Property = VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY; Property.Attributes = 0; Property.MinSize = 1; Property.MaxSize = MAX_UINTN; } Status = VarCheckLibVariablePropertySet (VariableName, VendorGuid, &Property); DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s %r\n", VendorGuid, VariableName, Status)); ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock); return Status; }
/** Variable property get. @param[in] Name Pointer to the variable name. @param[in] Guid Pointer to the vendor GUID. @param[out] VariableProperty Pointer to the output variable property. @retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully. @retval EFI_INVALID_PARAMETER Name, Guid or VariableProperty is NULL, or Name is an empty string. @retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found. **/ EFI_STATUS EFIAPI VarCheckVariablePropertyGet ( IN CHAR16 *Name, IN EFI_GUID *Guid, OUT VAR_CHECK_VARIABLE_PROPERTY *VariableProperty ) { EFI_STATUS Status; AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock); Status = VarCheckLibVariablePropertyGet (Name, Guid, VariableProperty); ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock); return Status; }
/** SetVariable check handler UEFI defined. @param[in] VariableName Name of Variable to set. @param[in] VendorGuid Variable vendor GUID. @param[in] Attributes Attribute value of the variable. @param[in] DataSize Size of Data to set. @param[in] Data Data pointer. @retval EFI_SUCCESS The SetVariable check result was success. @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits, name, GUID, DataSize and Data value was supplied. @retval EFI_WRITE_PROTECTED The variable in question is read-only. **/ EFI_STATUS EFIAPI SetVariableCheckHandlerUefiDefined ( IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINT32 Attributes, IN UINTN DataSize, IN VOID *Data ) { EFI_STATUS Status; UINTN Index; VAR_CHECK_VARIABLE_PROPERTY Property; VAR_CHECK_VARIABLE_PROPERTY *VarCheckProperty; INTERNAL_VAR_CHECK_FUNCTION VarCheckFunction; if ((((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0) && (DataSize == 0)) || (Attributes == 0)) { // // Do not check delete variable. // return EFI_SUCCESS; } if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { if (!IsHwErrRecVariable (VariableName, VendorGuid)) { return EFI_INVALID_PARAMETER; } } for (Index = 0; Index < sizeof (mUefiDefinedGuid)/sizeof (mUefiDefinedGuid[0]); Index++) { if (CompareGuid (VendorGuid, mUefiDefinedGuid[Index])) { if (VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Property) == EFI_NOT_FOUND) { // // To prevent name collisions with possible future globally defined variables, // other internal firmware data variables that are not defined here must be // saved with a unique VendorGuid other than EFI_GLOBAL_VARIABLE or // any other GUID defined by the UEFI Specification. Implementations must // only permit the creation of variables with a UEFI Specification-defined // VendorGuid when these variables are documented in the UEFI Specification. // DEBUG ((EFI_D_INFO, "UEFI Variable Check fail %r - %s not in %g namespace\n", EFI_INVALID_PARAMETER, VariableName, VendorGuid)); return EFI_INVALID_PARAMETER; } } } if (DataSize == 0) { return EFI_SUCCESS; } VarCheckProperty = NULL; VarCheckFunction = GetUefiDefinedVarCheckFunction (VariableName, VendorGuid, &VarCheckProperty); if (VarCheckFunction != NULL) { Status = VarCheckFunction ( VarCheckProperty, DataSize, Data ); if (EFI_ERROR (Status)) { DEBUG ((EFI_D_INFO, "UEFI Variable Check function fail %r - %g:%s\n", Status, VendorGuid, VariableName)); return Status; } } return EFI_SUCCESS; }