If we store EFI variables on ESP during boottime, we need cooperation from the OS to write that file to implement SetVariable.
Populate the necessary options to allow efivar(1) to read a dump of the variables after writing them and then persist them to ESP. Note that this violates the EFI spec and it's not power-fail safe, but it's an ok fallback for now. Signed-off-by: Ahmad Fatoum <[email protected]> --- efi/loader/Kconfig | 18 ++++++++++++++ efi/loader/efi_var_file.c | 51 +++++++++++++++++++++++++++++++++++++++ efi/loader/runtime.c | 4 +++ efi/loader/variable.h | 2 ++ 4 files changed, 75 insertions(+) diff --git a/efi/loader/Kconfig b/efi/loader/Kconfig index 4a5e4c375fd4..5692e54ebe01 100644 --- a/efi/loader/Kconfig +++ b/efi/loader/Kconfig @@ -68,6 +68,24 @@ config EFI_VARIABLE_NO_STORE endchoice +config EFI_RT_VOLATILE_STORE + bool "Allow variable runtime services in volatile storage (e.g RAM)" + depends on EFI_VARIABLE_FILE_STORE + select EFI_RUNTIME_SET_VARIABLE + default y + help + When EFI variables are stored on file we don't allow SetVariableRT, + since the OS doesn't know how to write that file. At the same time + we copy runtime variables in DRAM and support GetVariableRT + + Enable this option to allow SetVariableRT on the RAM backend of + the EFI variable storage. The OS will be responsible for syncing + the RAM contents to the file, otherwise any changes made during + runtime won't persist reboots. + Authenticated variables are not supported. Note that this will + violate the EFI spec since writing auth variables will return + EFI_INVALID_PARAMETER + endmenu source "efi/loader/protocols/Kconfig" diff --git a/efi/loader/efi_var_file.c b/efi/loader/efi_var_file.c index 08a5c172cced..652354693ae7 100644 --- a/efi/loader/efi_var_file.c +++ b/efi/loader/efi_var_file.c @@ -184,6 +184,57 @@ efi_status_t efi_var_from_file(int dirfd, const char *filename) free(buf); return ret; } + +// SPDX-SnippetBegin +// SPDX-Snippet-Comment: Origin-URL: https://github.com/u-boot/u-boot/blob/e9c34fab18a9a0022b36729afd8e262e062764e2/lib/efi_loader/efi_runtime.c + +efi_status_t efi_init_runtime_variable_supported(void) +{ + u8 s = 0; + int ret; + + if (!IS_ENABLED(CONFIG_EFI_RT_VOLATILE_STORE)) + return EFI_SUCCESS; + + ret = efi_set_variable_int(u"RTStorageVolatile", + &efi_file_store_vars_guid, + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_RUNTIME_ACCESS | + EFI_VARIABLE_READ_ONLY, + strlen(efi_var_file_name) + 1, + efi_var_file_name, false); + if (ret != EFI_SUCCESS) { + pr_err("Failed to set RTStorageVolatile\n"); + return ret; + } + /* + * This variable needs to be visible so users can read it, + * but the real contents are going to be filled during + * GetVariable + */ + ret = efi_set_variable_int(u"VarToFile", + &efi_file_store_vars_guid, + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_RUNTIME_ACCESS | + EFI_VARIABLE_READ_ONLY, + sizeof(s), + &s, false); + if (ret != EFI_SUCCESS) { + pr_err("Failed to set VarToFile\n"); + efi_set_variable_int(u"RTStorageVolatile", + &efi_file_store_vars_guid, + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_RUNTIME_ACCESS | + EFI_VARIABLE_READ_ONLY, + 0, NULL, false); + return ret; + } + + return EFI_SUCCESS; +} + +// SPDX-SnippetEnd + static int efi_init_var_params(void) { if (efi_is_payload()) diff --git a/efi/loader/runtime.c b/efi/loader/runtime.c index b46c85eeaa7b..4b3cb6df1350 100644 --- a/efi/loader/runtime.c +++ b/efi/loader/runtime.c @@ -71,6 +71,10 @@ efi_status_t efi_init_runtime_supported(void) CHECK_RT_FLAG(QUERY_CAPSULE_CAPABILITIES) | CHECK_RT_FLAG(QUERY_VARIABLE_INFO); + ret = efi_init_runtime_variable_supported(); + if (ret != EFI_SUCCESS) + return ret; + return efi_install_configuration_table(&efi_rt_properties_table_guid, rt_table); } diff --git a/efi/loader/variable.h b/efi/loader/variable.h index 3710be84a2d1..775bd11dc450 100644 --- a/efi/loader/variable.h +++ b/efi/loader/variable.h @@ -2,6 +2,8 @@ #include <efi/types.h> #include <efi/error.h> +efi_status_t efi_init_runtime_variable_supported(void); + efi_status_t EFIAPI efi_get_variable_boot(u16 *variable_name, const efi_guid_t *vendor, u32 *attributes, efi_uintn_t *data_size, void *data); -- 2.47.3
