/** This service is a checker handler for the UEFI Runtime Service SetVariable() @param VariableName the name of the vendor's variable, as a Null-Terminated Unicode String @param VendorGuid Unify identifier for vendor. @param Attributes Point to memory location to return the attributes of variable. If the point is NULL, the parameter would be ignored. @param DataSize The size in bytes of Data-Buffer. @param Data Point to the content of the variable. @retval EFI_SUCCESS The firmware has successfully stored the variable and its data as defined by the Attributes. @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied, or the DataSize exceeds the maximum allowed. @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string. @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the variable and its data. @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure. @retval EFI_WRITE_PROTECTED The variable in question is read-only. @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set but the AuthInfo does NOT pass the validation check carried out by the firmware. @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. **/ EFI_STATUS EFIAPI SetVariableCheckHandlerMor ( IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINT32 Attributes, IN UINTN DataSize, IN VOID *Data ) { UINTN MorLockDataSize; BOOLEAN MorLock; EFI_STATUS Status; // // do not handle non-MOR variable // if (!IsAnyMorVariable (VariableName, VendorGuid)) { return EFI_SUCCESS; } MorLockDataSize = sizeof(MorLock); Status = InternalGetVariable ( MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, &gEfiMemoryOverwriteRequestControlLockGuid, NULL, &MorLockDataSize, &MorLock ); if (!EFI_ERROR (Status) && MorLock) { // // If lock, deny access // return EFI_INVALID_PARAMETER; } // // Delete not OK // if ((DataSize != sizeof(UINT8)) || (Data == NULL) || (Attributes == 0)) { return EFI_INVALID_PARAMETER; } // // check format // if (IsMorLockVariable(VariableName, VendorGuid)) { // // set to any other value not OK // if ((*(UINT8 *)Data != 1) && (*(UINT8 *)Data != 0)) { return EFI_INVALID_PARAMETER; } } // // Or grant access // return EFI_SUCCESS; }
/** This service is an MOR/MorLock checker handler for the SetVariable(). @param[in] VariableName the name of the vendor's variable, as a Null-Terminated Unicode String @param[in] VendorGuid Unify identifier for vendor. @param[in] Attributes Attributes bitmask to set for the variable. @param[in] DataSize The size in bytes of Data-Buffer. @param[in] Data Point to the content of the variable. @retval EFI_SUCCESS The MOR/MorLock check pass, and Variable driver can store the variable data. @retval EFI_INVALID_PARAMETER The MOR/MorLock data or data size or attributes is not allowed for MOR variable. @retval EFI_ACCESS_DENIED The MOR/MorLock is locked. @retval EFI_ALREADY_STARTED The MorLock variable is handled inside this function. Variable driver can just return EFI_SUCCESS. **/ EFI_STATUS SetVariableCheckHandlerMor ( IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINT32 Attributes, IN UINTN DataSize, IN VOID *Data ) { // // do not handle non-MOR variable // if (!IsAnyMorVariable (VariableName, VendorGuid)) { return EFI_SUCCESS; } // // MorLock variable // if (IsMorLockVariable (VariableName, VendorGuid)) { return SetVariableCheckHandlerMorLock ( VariableName, VendorGuid, Attributes, DataSize, Data ); } // // Mor Variable // // // Permit deletion for passthru request. // if (((Attributes == 0) || (DataSize == 0)) && mMorPassThru) { return EFI_SUCCESS; } // // Basic Check // if ((Attributes != (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS)) || (DataSize != sizeof(UINT8)) || (Data == NULL)) { return EFI_INVALID_PARAMETER; } if (mMorLockState == MorLockStateLocked) { // // If lock, deny access // return EFI_ACCESS_DENIED; } // // grant access // return EFI_SUCCESS; }